www.exedb.com Open in urlscan Pro
92.204.128.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://exedb.com/
Effective URL:
https://www.exedb.com/
Submission: On May 05 via manual (May 5th 2023, 12:11:17 pm UTC) from TR — Scanned from DE

Summary HTTP 189 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 29 domains to perform 189 HTTP transactions. The main IP is 92.204.128.206, located in Warrenton, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.exedb.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 17th 2023. Valid for: 10 months.

This is the only time www.exedb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	92.204.128.206 92.204.128.206	398108 (GO-DADDY-...) (GO-DADDY-COM-LLC)
20	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4 9	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1 32	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:401... 2607:f8b0:4012:817::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:1a::a	15169 (GOOGLE) (GOOGLE)
2	64.158.223.140 64.158.223.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 18	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	18.193.92.249 18.193.92.249	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
189	31

30 92.204.128.206 (Warrenton, United States) 1 redirects

ASN398108 (GO-DADDY-COM-LLC, US)
PTR: ns1002951.ip-92-204-128.us

exedb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.exedb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4012:817::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:1a::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5edndz.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.193.92.249 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-92-249.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.234 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	471 KB
41	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 74 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	209 KB
30	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com csi.gstatic.com	420 KB
30	exedb.com 1 redirects exedb.com www.exedb.com	311 KB
12	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	294 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	6 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 573	3 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 299	2 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 9108 www.google.de — Cisco Umbrella Rank: 6386	1 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 699	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1267	461 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4891	653 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1709	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 773 s.tribalfusion.com — Cisco Umbrella Rank: 1977	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2707	207 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	124 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1839	174 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 51613	612 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 740	718 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1154	213 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 707	363 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 753	336 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1482	584 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 479	873 B
1	googlevideo.com rr5---sn-4g5edndz.googlevideo.com — Cisco Umbrella Rank: 72336	630 KB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1476	13 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 945	600 B
189	29

	Domain	Requested by
32	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
29	www.exedb.com	www.exedb.com
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.exedb.com
20	pagead2.googlesyndication.com	www.exedb.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
18	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net www.exedb.com
16	www.gstatic.com	googleads.g.doubleclick.net
9	www.google.com	4 redirects www.exedb.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
4	x.bidswitch.net	4 redirects
3	image6.pubmatic.com	3 redirects
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	sync.teads.tv	1 redirects
2	d5p.de17a.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.exedb.com www.googletagmanager.com
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	s.tribalfusion.com	www.exedb.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	rr5---sn-4g5edndz.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	www.google.de	www.exedb.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	exedb.com	1 redirects
189	42

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.exedb.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-17` - `2024-01-21`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-04-25` - `2023-07-04`	2 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.exedb.com/
Frame ID: 5879153FCECDAA3E22AF1F5969E50B9E
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html
Frame ID: FE62452EB1EDE112604E94A7DB58F361
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&adk=1812271804&adf=3025194257&lmt=1683288670&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.exedb.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288670298&bpp=6&bdt=380&idt=206&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8465573913581&frm=20&pv=2&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235
Frame ID: 2999D02F8A988AAD3353D047877313AF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&slotname=5112485834&adk=2561547316&adf=2643545132&pi=t.ma~as.5112485834&w=1016&fwrn=4&fwrnh=100&lmt=1683288670&rafmt=1&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288670304&bpp=3&bdt=386&idt=235&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kSL9W3T57Q&p=https%3A//www.exedb.com&dtd=239
Frame ID: EE893165898A4DC9CFE664F6DCFD12A3
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1919829080&pi=t.aa~a.3199874682~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1160&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280&nras=2&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mO89UlLriw&p=https%3A//www.exedb.com&dtd=11
Frame ID: AC307EA0B668D495166E551F1DDA0A8F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15
Frame ID: 33DAB9E64DAD5C398458A2E15703B6F8
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2652264275&adf=3262825365&pi=t.aa~a.2702632798~rp.1&w=455&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=455x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=1&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280%2C1016x280&nras=4&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=833&ady=4245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TUqJjBj7ED&p=https%3A//www.exedb.com&dtd=18
Frame ID: 97F9B2E2B8F0A95C17FE773B257FFF64
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Frame ID: B0A945DFDCE15C6671678B4648ED581C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Frame ID: 57C93141D6C5530E71913CC3EDB6191F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3CE7B3BDE2D525B1B6A151C6D29591EF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 703754647C3AC879295180435901A27B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Frame ID: A9BECA5C396D7F0CFA29C331A33D0B40
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Frame ID: 0FE454F4396605D243ADEA418FC8F705
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3B8B1E0939A28D88E586A15CFFDA51A9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 19F47B751949AE94EE78F5EFCCB9D3E7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8E729D2E942BAD174797CD1F714BBFF4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Frame ID: 57AF22F376582467B650C69E20190B3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EEE9799DF7DB617D8FE48007DF04E998
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E3C53FF992F7BE12FB51C39B4D9C83E7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Frame ID: F24407BF3F05F3C179B521A09960424C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Frame ID: 0142D8EE19655DB6C7AB7DF0AE0911E6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 80CC5E17C0556A1AD51610F7DC452E84
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 54A16A996374D69C2BB939BF84CD7C9F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Exedb- Get full files information to control your PCFacebookTwitterLinkedInonly counter so go away

Page URL History Show full URLs

http://exedb.com/ HTTP 301
https://www.exedb.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

189
Requests

91 %
HTTPS

57 %
IPv6

29
Domains

42
Subdomains

31
IPs

8
Countries

2502 kB
Transfer

5058 kB
Size

35
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.exedb.com
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/share?url=https://www.exedb.com
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&source=LinkedIn&url=https://www.exedb.com
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://exedb.com/ HTTP 301
https://www.exedb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 128

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_-9OpfBCdBRinATIIiVmtuSaIB6A HTTP 301
https://tpc.googlesyndication.com/simgad/11983631967007088310

Request Chain 147

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELhc6atjOeoRBEgGkHuHi-Q&google_cver=1&google_push=ATf1kGOa5gsZIEk7TRCAmHAzbw6eOIh7rsxVunObmVtnG335ly3l7RG1riNItW9P9eXZrsoSrwMnR0K8qMfy5KF-BkBxzTFE15Ns HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOa5gsZIEk7TRCAmHAzbw6eOIh7rsxVunObmVtnG335ly3l7RG1riNItW9P9eXZrsoSrwMnR0K8qMfy5KF-BkBxzTFE15Ns

Request Chain 148

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAqLpZsCzQLQJr9XcDiuqZU&google_cver=1&google_push=ATf1kGNuaK0GyDGlThFSlla6iEIgVMHzKvvn3UeNvxkrSjXF33PFudsjm0USFFx9n2nxyFmQDZzzvIJqRgU_9wLgRGqMGZQTsn50Ig&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNuaK0GyDGlThFSlla6iEIgVMHzKvvn3UeNvxkrSjXF33PFudsjm0USFFx9n2nxyFmQDZzzvIJqRgU_9wLgRGqMGZQTsn50Ig%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAqLpZsCzQLQJr9XcDiuqZU&google_cver=1&google_push=ATf1kGNuaK0GyDGlThFSlla6iEIgVMHzKvvn3UeNvxkrSjXF33PFudsjm0USFFx9n2nxyFmQDZzzvIJqRgU_9wLgRGqMGZQTsn50Ig&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNuaK0GyDGlThFSlla6iEIgVMHzKvvn3UeNvxkrSjXF33PFudsjm0USFFx9n2nxyFmQDZzzvIJqRgU_9wLgRGqMGZQTsn50Ig%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 149

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA3SEKYN7Tr5LEzu3BK0ycQ&google_cver=1&google_push=ATf1kGNPBJ3aAx1abE7TcIScZhS0HHHJTME1Nrv16ePpbiaVyHhuTgbdtGJTbHFmV_zKV5oSj0xnTisyfTTd_OEwwbPUqSMzLhLC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyOTY2OTc5NTk3MDAyMTUyMQ%3D%3D&google_push=ATf1kGNPBJ3aAx1abE7TcIScZhS0HHHJTME1Nrv16ePpbiaVyHhuTgbdtGJTbHFmV_zKV5oSj0xnTisyfTTd_OEwwbPUqSMzLhLC

Request Chain 150

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPkftjkk5OHIMuZYJtZsOBE&google_cver=1&google_push=ATf1kGPk4PDyCIsDzlKbbRJQsNveH4sjAKG96_34UYhwPCvbaHJEBR0PMvDfSQ2jTFnNfioUH2RRqzeA7QrzWJNrjUjDemIDZX_-mw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPkftjkk5OHIMuZYJtZsOBE&google_cver=1&google_push=ATf1kGPk4PDyCIsDzlKbbRJQsNveH4sjAKG96_34UYhwPCvbaHJEBR0PMvDfSQ2jTFnNfioUH2RRqzeA7QrzWJNrjUjDemIDZX_-mw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPk4PDyCIsDzlKbbRJQsNveH4sjAKG96_34UYhwPCvbaHJEBR0PMvDfSQ2jTFnNfioUH2RRqzeA7QrzWJNrjUjDemIDZX_-mw&google_hm=Vi00UP--Sv6Qe-fbkDXAuw==

Request Chain 151

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPUJOLP0alPFinWxpiv5A8E&google_cver=1&google_push=ATf1kGNOk6QShFaJJbFLRDbd5B8HIZxl7ppG2obuo6hugK-rhRmJO6CawYvEadUUSImqe2KiGYDRwR0LHexUtjat1eNo8Dwqima9 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPUJOLP0alPFinWxpiv5A8E&google_cver=1&google_push=ATf1kGNOk6QShFaJJbFLRDbd5B8HIZxl7ppG2obuo6hugK-rhRmJO6CawYvEadUUSImqe2KiGYDRwR0LHexUtjat1eNo8Dwqima9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGNOk6QShFaJJbFLRDbd5B8HIZxl7ppG2obuo6hugK-rhRmJO6CawYvEadUUSImqe2KiGYDRwR0LHexUtjat1eNo8Dwqima9

Request Chain 152

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGduUWXmsyzk0ERENTA54Kc&google_cver=1&google_push=ATf1kGP8ohMDsQEr9mCe1joF_aVq4ptwrnxvBw96vYdI_Zg3n1NpZpT33hLGeGc3j0PWyM2mFYA9jHQKd65kk3KVB7xohIfYxO8y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGP8ohMDsQEr9mCe1joF_aVq4ptwrnxvBw96vYdI_Zg3n1NpZpT33hLGeGc3j0PWyM2mFYA9jHQKd65kk3KVB7xohIfYxO8y

Request Chain 155

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMuYHmVYUVfkmzS4iSSApbM&google_cver=1&google_push=ATf1kGMZf0BCdHqnpZm0N-HK3D4gl2e6eUszAS6jKq6QG1WvFFMZMqeSX3luaK04AEZf6vx78TyPqubvdy9Ng22e8-ISInm8kRRPwrE HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMuYHmVYUVfkmzS4iSSApbM&google_cver=1&google_push=ATf1kGMZf0BCdHqnpZm0N-HK3D4gl2e6eUszAS6jKq6QG1WvFFMZMqeSX3luaK04AEZf6vx78TyPqubvdy9Ng22e8-ISInm8kRRPwrE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMZf0BCdHqnpZm0N-HK3D4gl2e6eUszAS6jKq6QG1WvFFMZMqeSX3luaK04AEZf6vx78TyPqubvdy9Ng22e8-ISInm8kRRPwrE&google_hm=Vi00UP--Sv6Qe-fbkDXAuw==

Request Chain 156

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGOVSvdIV1EZW9EIc3oubHaD3KM0K0ohF0YPxBRUMieSGEAvkdALmCa979Xoee0k37jbdfQCIVi6J_bsNv6oWfyiPWYpsgPw2w&google_gid=CAESED1mnaA3Eub2ypjMw0g_TC4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGOVSvdIV1EZW9EIc3oubHaD3KM0K0ohF0YPxBRUMieSGEAvkdALmCa979Xoee0k37jbdfQCIVi6J_bsNv6oWfyiPWYpsgPw2w&google_gid=CAESED1mnaA3Eub2ypjMw0g_TC4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MDUxMjExMTIwMDAxODM4NzQ2Mzk0MA%3D%3D&google_push=ATf1kGOVSvdIV1EZW9EIc3oubHaD3KM0K0ohF0YPxBRUMieSGEAvkdALmCa979Xoee0k37jbdfQCIVi6J_bsNv6oWfyiPWYpsgPw2w

Request Chain 157

https://d5p.de17a.com/cookies/google?google_gid=CAESEMSKcJqOXuicreWSraBqNNs&google_cver=1&google_push=ATf1kGPd1XYUKCcArGA1BIr7NRNyiECsqvK6FkJqgl9z8jeGNX636c-4Tg63ENVEdl0ya7fHglOG49kfVE3QeJVFrw6QGHEuNvyP90c HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMSKcJqOXuicreWSraBqNNs&google_cver=1&google_push=ATf1kGPd1XYUKCcArGA1BIr7NRNyiECsqvK6FkJqgl9z8jeGNX636c-4Tg63ENVEdl0ya7fHglOG49kfVE3QeJVFrw6QGHEuNvyP90c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPd1XYUKCcArGA1BIr7NRNyiECsqvK6FkJqgl9z8jeGNX636c-4Tg63ENVEdl0ya7fHglOG49kfVE3QeJVFrw6QGHEuNvyP90c

Request Chain 160

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHTrR6ccT4Prt0xJ3WGG7w4&google_cver=1&google_push=ATf1kGMiRsP0XXvAFk6u6Whik5nmPukOOYHenEAk9Sb-mQ6E6KpZMdbdUV_N7duzlEHxXOtUe87DPmLzBGT0B5IwWd2B9TB5qfGLrUQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHTrR6ccT4Prt0xJ3WGG7w4&google_cver=1&google_push=ATf1kGMiRsP0XXvAFk6u6Whik5nmPukOOYHenEAk9Sb-mQ6E6KpZMdbdUV_N7duzlEHxXOtUe87DPmLzBGT0B5IwWd2B9TB5qfGLrUQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qs3R3T5ISyW_IgKBKSvz-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMiRsP0XXvAFk6u6Whik5nmPukOOYHenEAk9Sb-mQ6E6KpZMdbdUV_N7duzlEHxXOtUe87DPmLzBGT0B5IwWd2B9TB5qfGLrUQ

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 171

https://um.simpli.fi/gp_match?google_gid=CAESEMJCOP3qLU79fjdqN3OkW_M&google_cver=1&google_push=ATf1kGMIVPvEJDmTFXLFHn_DQqK0GIH1n8tTSQZRx3c_KEEI8n65_NPsUj991rH92O40421aJ65AwKZOwIzFXUHH1762lbJ_ksPQWKw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D559E7AB359646CC8CAA695DC60F732D&google_push=ATf1kGMIVPvEJDmTFXLFHn_DQqK0GIH1n8tTSQZRx3c_KEEI8n65_NPsUj991rH92O40421aJ65AwKZOwIzFXUHH1762lbJ_ksPQWKw

Request Chain 172

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAbPVjAC_Zv1XnE91EJ2gbA&google_cver=1&google_push=ATf1kGP9USfBvr5ZBzyQQjtj9iuRQyKIa96H8BwhkzJ1-L44k_fB7iN5qT_IyzAmr0NaxsCCR4A8MrXQdoJ29qy-lfM2Y2MqJavLHBo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP9USfBvr5ZBzyQQjtj9iuRQyKIa96H8BwhkzJ1-L44k_fB7iN5qT_IyzAmr0NaxsCCR4A8MrXQdoJ29qy-lfM2Y2MqJavLHBo&google_hm=CrX49--zRRSppiZ94j2XUEY

Request Chain 174

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECBlPj0dBqlrIX4iEthPgbE&google_cver=1&google_push=ATf1kGP5fGg1GDo7K7lyypNGF_zsiSOO_hIbtRVs_TQFiZszqOq7Z0XeHCmUSneOtkVdob1UkAU4RKbnie4KpMt-nVrx7izDrkagdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGP5fGg1GDo7K7lyypNGF_zsiSOO_hIbtRVs_TQFiZszqOq7Z0XeHCmUSneOtkVdob1UkAU4RKbnie4KpMt-nVrx7izDrkagdA

Request Chain 175

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECBlPj0dBqlrIX4iEthPgbE&google_cver=1&google_push=ATf1kGMaZN-1rSgyIVjUBlfUc-Fer9IVU5TmWiVV2aF8Sl9KxhujtnsX-LDRgwEDFsy7ZoDaIXaezd0gLg_4iQfEqXcCepfCwJ4kQxk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGMaZN-1rSgyIVjUBlfUc-Fer9IVU5TmWiVV2aF8Sl9KxhujtnsX-LDRgwEDFsy7ZoDaIXaezd0gLg_4iQfEqXcCepfCwJ4kQxk

Request Chain 176

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL_kBvb-xuUAHwQVBkWTgKM&google_cver=1&google_push=ATf1kGPLDxZlKyH3-Tq-osWc7q8ealbGD_NHrwMVrGUk1XMP2LLDWZZNvRfx-Awobc34hHxUFaFfPO9syVx8dV0xvixc0ynYKEV7OQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qs3R3T5ISyW_IgKBKSvz-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPLDxZlKyH3-Tq-osWc7q8ealbGD_NHrwMVrGUk1XMP2LLDWZZNvRfx-Awobc34hHxUFaFfPO9syVx8dV0xvixc0ynYKEV7OQ

Request Chain 177

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB8gNbSMIk43lZTWmST_EtY&google_cver=1&google_push=ATf1kGMMjIAHAHvhBAgqnFGZcZbvPHpv8OWG1l7KZJtVoTJ0y_D2VQYgSwsRQJDwCDLY96F3tai0CdK5iwJlkMiMuwV552DWsj_bowZK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGMMjIAHAHvhBAgqnFGZcZbvPHpv8OWG1l7KZJtVoTJ0y_D2VQYgSwsRQJDwCDLY96F3tai0CdK5iwJlkMiMuwV552DWsj_bowZK HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

189 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.exedb.com/
Redirect Chain

http://exedb.com/
https://www.exedb.com/

34 KB
15 KB

327ms
128ms

Document
text/html

92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 1a5f87b3eee8fce1148724feb652763793a2376057c2421828dbf23d35b06711

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,public
content-encoding: br
content-length: 15587
content-type: text/html
date: Fri, 05 May 2023 12:11:09 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding

Redirect headers

Cache-Control: public
Content-Length: 145
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 May 2023 12:11:08 GMT
Location: https://www.exedb.com/
Server: Microsoft-IIS/10.0

GET
H2 200 jquery.min.js Show response
www.exedb.com/javascripts/ 87 KB
30 KB 96ms
95ms Script
application/javascript 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/javascripts/jquery.min.js
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
content-encoding: br
last-modified: Thu, 16 Mar 2023 03:02:45 GMT
server: Microsoft-IIS/10.0
etag: "80b8fac7b357d91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 30054

GET
H2 200 global.css
www.exedb.com/css/ 34 KB
11 KB 188ms
188ms Stylesheet
text/css 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/css/global.css
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 72d20fa4a67a43c5fc0dc10c720ab3f09d40a23e44f5741387c6a4ca808b6244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
content-encoding: br
last-modified: Thu, 16 Mar 2023 06:14:05 GMT
server: Microsoft-IIS/10.0
etag: "32181e83ce57d91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 10907

GET
H2 200 header.js Show response
www.exedb.com/javascripts/ 1 KB
646 B 179ms
179ms Script
application/javascript 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/javascripts/header.js
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 22735c99662bf4eb65b6e29db04af4cfc8ac31d8f14d57dd3c8f17cfad1329c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
content-encoding: br
last-modified: Thu, 16 Mar 2023 03:02:45 GMT
server: Microsoft-IIS/10.0
etag: "f6778c8b357d91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 564

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 121ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e57913ad3a555f080b3967c4b7d31522a7d5ebe68346100d02360bb95d3398a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Origin: https://www.exedb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47493
x-xss-protection: 0
server: cafe
etag: 8142661148024447854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 May 2023 12:11:10 GMT

GET
H2 200 exeIcon.svg
www.exedb.com/images/ 895 B
1 KB 99ms
94ms Image
image/svg+xml 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/images/exeIcon.svg
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 3819c12c3b8c977149633c15d23580e969a14932273a683d90d759165fd04466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:41 GMT
server: Microsoft-IIS/10.0
etag: "4202ec6b357d91:0"
content-type: image/svg+xml
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 895

GET
H2 200 1679536492-yyucv7bt24exupa.JPEG
www.exedb.com/upload/ 11 KB
11 KB 110ms
102ms Image
image/jpeg 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/upload/1679536492-yyucv7bt24exupa.JPEG
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 8f3264c89ca957032853a52c1d0524ddc9ec272ed4cbc8d13023edd6efa2262b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 23 Mar 2023 08:54:52 GMT
server: Microsoft-IIS/10.0
etag: "ff9c321655dd91:0"
content-type: image/jpeg
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 11233

GET
H2 200 1679529429-xjed6dgxy06qsit.JPEG
www.exedb.com/upload/ 7 KB
7 KB 109ms
101ms Image
image/jpeg 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/upload/1679529429-xjed6dgxy06qsit.JPEG
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 1523130779b9ac230cbac6ca9b743a89b18f4f74033f0a8482179f0fa88f0792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 23 Mar 2023 06:57:09 GMT
server: Microsoft-IIS/10.0
etag: "be1dd8af545dd91:0"
content-type: image/jpeg
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 7450

GET
H2 200 1679528508-zg0lea2ou1sfser.PNG
www.exedb.com/upload/ 2 KB
3 KB 108ms
100ms Image
image/png 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/upload/1679528508-zg0lea2ou1sfser.PNG
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 81c467185f61095c2fa999c7d9aa86ff8671a02aecbe81c2bd177df95293b6a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 23 Mar 2023 06:41:48 GMT
server: Microsoft-IIS/10.0
etag: "4d68bc8a525dd91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 2503

GET
H2 200 1679527695-xh2swqd6xf5acmi.JPEG
www.exedb.com/upload/ 6 KB
6 KB 108ms
100ms Image
image/jpeg 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/upload/1679527695-xh2swqd6xf5acmi.JPEG
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: f9d8f2af51a77a257e6df7d488c0ae02d0bce3a7c9221f7cfb110530a289fa3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 23 Mar 2023 06:28:15 GMT
server: Microsoft-IIS/10.0
etag: "a1155a6505dd91:0"
content-type: image/jpeg
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 5990

GET
H2 200 1679524038-y6gtsir56bfposd.JPEG
www.exedb.com/upload/ 8 KB
8 KB 112ms
104ms Image
image/jpeg 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/upload/1679524038-y6gtsir56bfposd.JPEG
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: f7f2874874e4678ac82d8a4a341cd3995fba4bc078116dddf1f522748f501233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 23 Mar 2023 05:27:18 GMT
server: Microsoft-IIS/10.0
etag: "fab89022485dd91:0"
content-type: image/jpeg
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 8433

GET
H2 200 1679516039-qw5shdquruk55sd.JPEG
www.exedb.com/upload/ 7 KB
7 KB 109ms
101ms Image
image/jpeg 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/upload/1679516039-qw5shdquruk55sd.JPEG
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 5fdd1f5f21275b540ce9630808649f4709746e51929421b55a81680a758a5730

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 23 Mar 2023 03:13:59 GMT
server: Microsoft-IIS/10.0
etag: "4e95fe82355dd91:0"
content-type: image/jpeg
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 7457

GET
H2 200 1679515440-hyn76j7norfevao.PNG
www.exedb.com/upload/ 4 KB
4 KB 112ms
104ms Image
image/png 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/upload/1679515440-hyn76j7norfevao.PNG
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 796d5bfd097d0e86027ddee396e6319a9af7f02644aec546358cc62f6dfb3ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 23 Mar 2023 03:04:00 GMT
server: Microsoft-IIS/10.0
etag: "41b1a41d345dd91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 4425

GET
H2 200 1679514818-aa0cpocuseoq9y6.JPG
www.exedb.com/upload/ 11 KB
11 KB 109ms
102ms Image
image/jpeg 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/upload/1679514818-aa0cpocuseoq9y6.JPG
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 73a588aab17fe153f14cb2b92d3952f5bffe3820dc48d1a2547f371776b47304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 23 Mar 2023 02:53:38 GMT
server: Microsoft-IIS/10.0
etag: "47d8ebaa325dd91:0"
content-type: image/jpeg
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 11344

GET
H2 200 1679434189-9pgtty1shvdb6ld.PNG
www.exedb.com/upload/ 2 KB
2 KB 201ms
194ms Image
image/png 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/upload/1679434189-9pgtty1shvdb6ld.PNG
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: cd1aabec2b79469e7cf31b6ce8bcb7045e9181cbc218443bca2d3f46fbb99f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Wed, 22 Mar 2023 04:29:49 GMT
server: Microsoft-IIS/10.0
etag: "7b2396f0765cd91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 2408

GET
H2 200 1679432488-n98sp5xqzeyufku.PNG
www.exedb.com/upload/ 3 KB
3 KB 201ms
194ms Image
image/png 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/upload/1679432488-n98sp5xqzeyufku.PNG
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 47223b48b386c019343a82c241db563b205670b203a7efab4af7a96eaff996c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Wed, 22 Mar 2023 04:01:28 GMT
server: Microsoft-IIS/10.0
etag: "571192fa725cd91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 2733

GET
H2 200 drprotbox-small.png
www.exedb.com/ 14 KB
15 KB 198ms
191ms Image
image/png 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/drprotbox-small.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 72b387bc00e9f93fab3ec212d92eaa77690dbdcce950afb73b0782aaa44d9afd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:18 GMT
server: Microsoft-IIS/10.0
etag: "1e7852b8b357d91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 14801

GET
H2 200 all-icon-file.png
www.exedb.com/ 1 KB
1 KB 200ms
193ms Image
image/png 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/all-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: f5ad10c2437cbc3e745656ad6fd5dc7521809b8e9878ee7fb7050aa9794ed7f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:07 GMT
server: Microsoft-IIS/10.0
etag: "a18aa9b1b357d91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1166

GET
H2 200 all-files.webp
www.exedb.com/ 15 KB
15 KB 199ms
192ms Image
image/webp 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/all-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 6b86b3e45bd3e74912705f47404dde5182854046d1a49b64772a0da89064f193

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:07 GMT
server: Microsoft-IIS/10.0
etag: "6428a7b1b357d91:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 15686

GET
H2 200 exe-icon-file.png
www.exedb.com/ 2 KB
2 KB 200ms
193ms Image
image/png 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/exe-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 6700cc79f4b6c67f0c884c9f4be1c9dba2a75bca40fc1eeabc6bd0ddeb53abe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:23 GMT
server: Microsoft-IIS/10.0
etag: "894b5bbbb357d91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1599

GET
H2 200 exe-files.webp
www.exedb.com/ 16 KB
16 KB 200ms
194ms Image
image/webp 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/exe-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: e7c7a89f84427a0e2f60a80a06869475e2c8d672c3a362de715404dae00955a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:23 GMT
server: Microsoft-IIS/10.0
etag: "4fe958bbb357d91:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 16688

GET
H2 200 msi-icon-file.png
www.exedb.com/ 2 KB
2 KB 198ms
192ms Image
image/png 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/msi-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e09eef723d72c7586178e30c635f747e4699f169fecf04e6f634c75a1587867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:51 GMT
server: Microsoft-IIS/10.0
etag: "c9789ecbb357d91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1934

GET
H2 200 msi-files.webp
www.exedb.com/ 18 KB
18 KB 202ms
196ms Image
image/webp 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/msi-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: f81704626fe9caa119a2f0fe791fc288621b0eec01678dc65f024099ce4107e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:51 GMT
server: Microsoft-IIS/10.0
etag: "8b169ccbb357d91:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 18736

GET
H2 200 dll-icon-file.png
www.exedb.com/ 2 KB
2 KB 202ms
196ms Image
image/png 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/dll-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: a42b6109e927fad968626dcd1d1e4a080dc381c7407d338b0674fb7f61c612de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:17 GMT
server: Microsoft-IIS/10.0
etag: "c949bcb7b357d91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1693

GET
H2 200 dll-files.webp
www.exedb.com/ 21 KB
21 KB 204ms
198ms Image
image/webp 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/dll-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: ded949ad3069c4d3a62a96d417402d678fbadc74e5373ed79389ebce3ffa892c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:17 GMT
server: Microsoft-IIS/10.0
etag: "5c85b7b7b357d91:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 21040

GET
H2 200 sys-icon-file.png
www.exedb.com/ 2 KB
2 KB 201ms
195ms Image
image/png 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/sys-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 713eeee08e685504bd17657a7549dd7602325663ad04ffb0d55c7c9373214593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:03:36 GMT
server: Microsoft-IIS/10.0
etag: "6b9767e6b357d91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1646

GET
H2 200 system-files.webp
www.exedb.com/ 77 KB
77 KB 204ms
198ms Image
image/webp 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/system-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 31208d5e24fe092caa4a658b20abda62728eb73f87544a26dfe4122cf1503f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:03:36 GMT
server: Microsoft-IIS/10.0
etag: "a1f969e6b357d91:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 78558

GET
H2 200 ocx-icon-file.png
www.exedb.com/ 2 KB
2 KB 201ms
195ms Image
image/png 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/ocx-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 651d0936925a95457c9af5192281fa7975102b602f679aab06fe0e11ae452d99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:52 GMT
server: Microsoft-IIS/10.0
etag: "afb153ccb357d91:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1536

GET
H2 200 ocx-files.webp
www.exedb.com/ 17 KB
17 KB 296ms
291ms Image
image/webp 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/ocx-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 6bd506d50438df4cecf68bd2289b779b6fd30fdbc2a9f1b20f6a769c107f4082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
last-modified: Thu, 16 Mar 2023 03:02:52 GMT
server: Microsoft-IIS/10.0
etag: "774f51ccb357d91:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 17372

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
46 KB 45ms
20ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-37168065-1

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aaa4bfeadeaeaa2b9062d0dd54a1f8ba2e7bb9c029b2e5894441073e9967151a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 12:11:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RMPSQLW73D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37168065-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6654f6e76687658776422a021761b6759e8412b3097f854f41c8e9fd65738765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79761
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 12:11:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 46ms
10ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37168065-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 May 2023 11:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3966
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 05 May 2023 13:05:04 GMT

GET
H2 200 cntr.asp Show response
www.exedb.com/ 268 B
346 B 204ms
204ms XHR
text/html 92.204.128.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/cntr.asp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/javascripts/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.204.128.206 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS: ns1002951.ip-92-204-128.us
Software: Microsoft-IIS/10.0 /
Resource Hash: 5774b8843c9d7cfd33e0d14d782ced5078755736b952d72fb7e7afe9e5b7a1cb

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.exedb.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:09 GMT
cache-control: private,public
content-encoding: br
server: Microsoft-IIS/10.0
content-length: 248
vary: Accept-Encoding
content-type: text/html

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RMPSQLW73D&gtm=45je3530&_p=1333124562&cid=1161945413.1683288670&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1683288670&sct=1&seg=0&dl=https%3A%2F%2Fwww.exedb.com%2F&dt=Exedb-%20Get%20full%20files%20information%20to%20control%20your%20PC&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RMPSQLW73D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.exedb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/ 354 KB
119 KB 112ms
95ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb7641448a1967cafe84d0532d67b8eb9c5a52132240910bd5d25df976394b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122102
x-xss-protection: 0
server: cafe
etag: 4333446535344921765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 May 2023 12:11:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/ Frame FE62 10 KB
5 KB 186ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 09:34:33 GMT
etag: 15057649708203361565
expires: Fri, 19 May 2023 09:34:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 14ms
14ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1333124562&t=pageview&_s=1&dl=https%3A%2F%2Fwww.exedb.com%2F&ul=en-us&de=UTF-8&dt=Exedb-%20Get%20full%20files%20information%20to%20control%20your%20PC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=644096933&gjid=830342735&cid=1161945413.1683288670&tid=UA-37168065-1&_gid=808031100.1683288670&_r=1&gtm=457e3530&jsscut=1&z=365712054

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exedb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.exedb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 148ms
20ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-37168065-1&cid=1161945413.1683288670&jid=644096933&gjid=830342735&_gid=808031100.1683288670&_u=YADAAUAAAAAAACAAI~&z=1727096035

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exedb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 05 May 2023 12:11:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.exedb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
600 B 51ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.exedb.com&callback=_gfp_s_&client=ca-pub-3100504127201331

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d069cd81491103db33c21039b9e9dac36e4364b2f9ca19cb7cf74887a74128e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 76ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.exedb.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 58ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.exedb.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=bg-primary-300&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2999 289 KB
54 KB 444ms
443ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&adk=1812271804&adf=3025194257&lmt=1683288670&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.exedb.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288670298&bpp=6&bdt=380&idt=206&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8465573913581&frm=20&pv=2&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e7a88719912d60746aee2ecee3709ba19590afc27a332ea01cf169dbe1f58c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55450
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:10 GMT
expires: Fri, 05 May 2023 12:11:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE89 93 KB
33 KB 912ms
907ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&slotname=5112485834&adk=2561547316&adf=2643545132&pi=t.ma~as.5112485834&w=1016&fwrn=4&fwrnh=100&lmt=1683288670&rafmt=1&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288670304&bpp=3&bdt=386&idt=235&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kSL9W3T57Q&p=https%3A//www.exedb.com&dtd=239

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23c8ae74cdd5195968a5e623d06fe46ae7044089c9baf35b1521e41871340dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33545
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:11 GMT
expires: Fri, 05 May 2023 12:11:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 60ms
30ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-37168065-1&cid=1161945413.1683288670&jid=644096933&_u=YADAAUAAAAAAACAAI~&z=1224708926

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 62ms
32ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-37168065-1&cid=1161945413.1683288670&jid=644096933&_u=YADAAUAAAAAAACAAI~&z=1224708926

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2999 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20230502&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&adk=1812271804&adf=3025194257&lmt=1683288670&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.exedb.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288670298&bpp=6&bdt=380&idt=206&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8465573913581&frm=20&pv=2&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/ 151 KB
51 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a917a0abdaf6a530ac853533995a73d73a84922d0d04f06e99a0e83f29cf786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52343
x-xss-protection: 0
server: cafe
etag: 12103807348514462540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.exedb.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.exedb.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC30 102 KB
37 KB 439ms
439ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1919829080&pi=t.aa~a.3199874682~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1160&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280&nras=2&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mO89UlLriw&p=https%3A//www.exedb.com&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba3e7d560209ed29ced826d0497d319ac99adaa309e095442568e253e9fca49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37512
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:11 GMT
expires: Fri, 05 May 2023 12:11:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33DA 128 KB
40 KB 498ms
497ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00b8b9719f683a9ab1e208c5c34a5bcb70c0a77b33018db5ee3974d69c75ebd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40560
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:11 GMT
expires: Fri, 05 May 2023 12:11:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 97F9 87 KB
27 KB 660ms
659ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2652264275&adf=3262825365&pi=t.aa~a.2702632798~rp.1&w=455&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=455x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=1&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280%2C1016x280&nras=4&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=833&ady=4245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TUqJjBj7ED&p=https%3A//www.exedb.com&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90961e6b40504f97b4dc10e6d5bde5fb39b32e6497743b828fe4ba627f211d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 27972
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:11 GMT
expires: Fri, 05 May 2023 12:11:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.exedb.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.exedb.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/ Frame B0A9 10 KB
4 KB 8ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 23:50:38 GMT
etag: 15057649708203361565
expires: Thu, 18 May 2023 23:50:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/ Frame 57C9 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 23:50:38 GMT
etag: 15057649708203361565
expires: Thu, 18 May 2023 23:50:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 64cd2a7a31acc6b73923aaabf76d1a73.js Show response
www.gstatic.com/mysidia/ Frame B0A9 8 KB
4 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/64cd2a7a31acc6b73923aaabf76d1a73.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5563fee65170276d1dac906d6ecfef33bb587e428b7fb963f65d0de85e7e7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3655
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H2 200 be8b9ca8d292730e9871b1fe462e7192.js Show response
www.gstatic.com/mysidia/ Frame B0A9 9 KB
4 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/be8b9ca8d292730e9871b1fe462e7192.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b437792d5cfb3dfffde9e371932c204859f0bc6443ec73b85cf29d54925cac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3892
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B0A9 9 KB
1005 B 39ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:36:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B0A9 2 KB
819 B 53ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame B0A9 22 KB
9 KB 46ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B0A9 3 KB
1 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 May 2023 11:47:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame B0A9 19 KB
8 KB 47ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0A9 160 KB
49 KB 60ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H2 200 edd8a89eee97155325ac5eb40edd3aca.js Show response
www.gstatic.com/mysidia/ Frame B0A9 32 KB
14 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/edd8a89eee97155325ac5eb40edd3aca.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13633
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H2 200 64cd2a7a31acc6b73923aaabf76d1a73.js Show response
www.gstatic.com/mysidia/ Frame 57C9 8 KB
4 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/64cd2a7a31acc6b73923aaabf76d1a73.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5563fee65170276d1dac906d6ecfef33bb587e428b7fb963f65d0de85e7e7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3655
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H2 200 be8b9ca8d292730e9871b1fe462e7192.js Show response
www.gstatic.com/mysidia/ Frame 57C9 9 KB
4 KB 31ms
15ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/be8b9ca8d292730e9871b1fe462e7192.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b437792d5cfb3dfffde9e371932c204859f0bc6443ec73b85cf29d54925cac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3892
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 57C9 9 KB
1 KB 34ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:48:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 57C9 2 KB
800 B 49ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 57C9 22 KB
9 KB 44ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 57C9 3 KB
1 KB 49ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 May 2023 11:47:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 57C9 19 KB
8 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 57C9 160 KB
49 KB 63ms
29ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H2 200 edd8a89eee97155325ac5eb40edd3aca.js Show response
www.gstatic.com/mysidia/ Frame 57C9 32 KB
13 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/edd8a89eee97155325ac5eb40edd3aca.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13633
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3CE7 143 B
166 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 99
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7037 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 99
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3CE7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

15ms
14ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:11 GMT
expires: Fri, 05 May 2023 12:11:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7037
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
21ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:11 GMT
expires: Fri, 05 May 2023 12:11:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B0A9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 948fa2ad2c6f5a9270e00b4097418ea3162922a8c3d6fc8615e61dd595fa3cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame A9BE 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 07:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 07:56:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B0A9 0
23 B 55ms
55ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C17cLXvJUZLaZI9Gz1fAPhrW-sAzzlIn3bLrX1fH0BfLK5__zOBABILrRzBRgleKQgqAHoAGuifHyA8gBAakCjViESgX1tD6oAwHIA8MEqgTaAU_QY15OqwipbjQ8g1TL8Xk8bWf8tglOe42ui9idFrCFkUBAdVSpCBUvhTFJfdhCPIINcb7QuCc-03rotczdckhxVmhkybv_8nL7zaEcPO_O9ohA1_OoAsqTs_JZnclhfZ6mCYyVrGnF52IgrxkEqtiwN7N8nDMiFUlu68BymIHyJ8lbdVkusf0VOwc0yPvNvelfBAUT__0-nRPova1sayX4VaZ-G3dcC0aVTFqPsYj3ZIBSBtuuqWMeAT-1QaL3X8LGesOMICqzajUJQaLMLg2UzJHxVaNqcAvtwATyoMy2sAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGUYAHuvaODagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEK-hBdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMzEwMDUwNDEyNzIwMTMzMRgA&sigh=nW6B3ZOABCY&uach_m=[UACH]&cid=CAQSGwBygQiDyxpLuYk8ZQpW9qMmcJQT9eH7gGPlfxgB&vis=1

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 05 May 2023 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EE89 6 KB
779 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&slotname=5112485834&adk=2561547316&adf=2643545132&pi=t.ma~as.5112485834&w=1016&fwrn=4&fwrnh=100&lmt=1683288670&rafmt=1&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288670304&bpp=3&bdt=386&idt=235&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kSL9W3T57Q&p=https%3A//www.exedb.com&dtd=239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 12:05:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame EE89 2 KB
800 B 10ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame EE89 22 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame EE89 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 May 2023 11:47:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame EE89 19 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE89 160 KB
49 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H2 200 edd8a89eee97155325ac5eb40edd3aca.js Show response
www.gstatic.com/mysidia/ Frame EE89 32 KB
13 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/edd8a89eee97155325ac5eb40edd3aca.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13633
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE89 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cu6-qXvJUZNPHI8q51fAPsNes-AeS7LikbOG2pfPQD8f1u5aPDhABILrRzBRgleKQgqAHoAHiv6HiA8gBCakCec2gRnrGqD6oAwHIA8sEqgThAU_QeKR6yaAynE8jZClQmgtnrI0CZK0C6-Hr9kM77zH_a6A_Z90nSQjTvjhuVlA7-u1Sci8kHaJlAoePaeL4gGHOoLk3lWuuq3fbExKgcRis1afe67Wz1SQKLztVbtx5tzexvlkvMBcAkV_ZIf1dPtFxRmk4KLEjzm3HVQeDn7l7nvE3_IBU3x0TODD5MK_39RJfxVjVMVPZRKVM10X9c87_ZBfodAEx-6ypQFXD4IyGyboFS3xGbY0e5cCutShus50gX1FUg8cXWzcT8G5ar3umKaCdQU-1MGTHrKlhSc30mMAEhqTyv4cEkgUECAQYAZIFBAgFGASgBi6AB4bA3h2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCZygjSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0zMTAwNTA0MTI3MjAxMzMxGAA&sigh=EPvVkGR7u54&uach_m=[UACH]&cid=CAQSGwBygQiDrqL8ZcAOI7UjVZ_-RFIw8Y_nX7Cw4hgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&slotname=5112485834&adk=2561547316&adf=2643545132&pi=t.ma~as.5112485834&w=1016&fwrn=4&fwrnh=100&lmt=1683288670&rafmt=1&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288670304&bpp=3&bdt=386&idt=235&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kSL9W3T57Q&p=https%3A//www.exedb.com&dtd=239
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 05 May 2023 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H3 200 17901403653090904972
tpc.googlesyndication.com/simgad/ Frame EE89 14 KB
14 KB 54ms
54ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17901403653090904972?w=400&h=209&tw=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5162df6ef46ca88b1e30c7aa287da67f8a1e425bc0cb45662f2a7fead4cb1a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14720
x-xss-protection: 0
last-modified: Sun, 08 May 2022 20:27:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 May 2024 12:11:11 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1997305006706444999/ Frame EE89 4 KB
4 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1997305006706444999/14763004658117789537?w=100&h=100&tw=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91d745a6380b48b9fa5eb3f2c342fb3b4403b274e368bbfcfe0c8c762df4fbac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 06:02:49 GMT
x-content-type-options: nosniff
age: 281302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3775
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 13:04:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 May 2024 06:02:49 GMT

GET
DATA 200
OK truncated
/ Frame 57C9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c944ee5b6059b536d68e6a123e71582f176eea82dd4d22cc3299b5372657277a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 64cd2a7a31acc6b73923aaabf76d1a73.js Show response
www.gstatic.com/mysidia/ Frame AC30 8 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/64cd2a7a31acc6b73923aaabf76d1a73.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1919829080&pi=t.aa~a.3199874682~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1160&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280&nras=2&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mO89UlLriw&p=https%3A//www.exedb.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5563fee65170276d1dac906d6ecfef33bb587e428b7fb963f65d0de85e7e7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3655
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H3 200 de516251f8491984c090adfedfb0be08.js Show response
www.gstatic.com/mysidia/ Frame AC30 9 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/de516251f8491984c090adfedfb0be08.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45419438709484e3feaade4ba2c982f7d1295ed177b3b28620e1765798ce50ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4042
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:19:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AC30 9 KB
932 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:13:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame AC30 2 KB
765 B 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame AC30 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame AC30 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 May 2023 11:47:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame AC30 19 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AC30 0
0 15ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1nMe3mgefr-_xGtjHu4UM4Rq8CrBdzOUV7X-Dl4pehfXnykcFX5qLrQtgsF__ykoqWo9IbJX14tJXHNPkAQF0B83o9Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1919829080&pi=t.aa~a.3199874682~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1160&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280&nras=2&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mO89UlLriw&p=https%3A//www.exedb.com&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC30 160 KB
49 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H3 200 edd8a89eee97155325ac5eb40edd3aca.js Show response
www.gstatic.com/mysidia/ Frame AC30 32 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/edd8a89eee97155325ac5eb40edd3aca.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13633
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame 0FE4 38 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 07:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 07:56:45 GMT

GET
DATA 200
OK truncated
/ Frame EE89 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 841214c4831e1a32c1edc646cbb1c4e1ab2976241a6df18fb557297dfdc175ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 57C9 0
19 B 52ms
51ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdjXoXvJUZLeZI9Gz1fAPhrW-sAzzlIn3bLrX1fH0BfLK5__zOBABILrRzBRgleKQgqAHoAGuifHyA8gBAakCjViESgX1tD6oAwHIA8MEqgTdAU_QsfH_oYNlLi17BbU_3Scm2XI_T2cBfymoniuPCYisznfkqyV-FRdf99yG4UfhzPR3P_vTKIiAhWe9LpHKhpRl37NhkXAQGCiAvRUXTbnairJtUmm3BmyOWhr_uOnpeNqvVwhWq2biggvNu3MK-wE8KpMpAy5Uecqeh3F-JQZiQWyJ8ze9ZnX6BOtQzQB-foG4ncSJnj1_zXYODBmE-ME81WNp93dnDJhFRTU1Bo-5j0-diX6pXvM_hchhNxK6RzKMMvCfBesW3-sYYOIQl4geklUxfQMJFeD46eEvwATyoMy2sAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGUYAHuvaODagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPvOAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItMzEwMDUwNDEyNzIwMTMzMRgA&sigh=2ff_6mWG1oA&uach_m=[UACH]&cid=CAQSGwBygQiDyxpLuYk8ZQpW9qMmcJQT9eH7gGPlfxgB&vis=1

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 05 May 2023 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 64cd2a7a31acc6b73923aaabf76d1a73.js Show response
www.gstatic.com/mysidia/ Frame 33DA 8 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/64cd2a7a31acc6b73923aaabf76d1a73.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5563fee65170276d1dac906d6ecfef33bb587e428b7fb963f65d0de85e7e7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3655
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H3 200 0a6a6ae7c77fde766570b619372ea30b.js Show response
www.gstatic.com/mysidia/ Frame 33DA 148 KB
54 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a6a6ae7c77fde766570b619372ea30b.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

824abd43200e413d955f23647f5ac04e1a87b50add87d7c0378f3999472ffd88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 20:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55677
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 20:25:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 33DA 5 KB
853 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c14c5e17dfe628e18a965eebff2c03cc7cd0fdb06529f6415a800dedf57884c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:34:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 33DA 2 KB
765 B 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 33DA 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 33DA 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 May 2023 11:47:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 33DA 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 33DA 0
0 16ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSArUIsSeYL53jXHkE4-DL5wFixJ44ShmhgntqJW-SiaDejYevRqAMtIBm9WqJ6jLxAfg2A430_o8ckQ1Af8ELLA32dCw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33DA 160 KB
49 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H3 200 edd8a89eee97155325ac5eb40edd3aca.js Show response
www.gstatic.com/mysidia/ Frame 33DA 32 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/edd8a89eee97155325ac5eb40edd3aca.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13633
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EE89 15 KB
15 KB 278ms
12ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 506778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 15:24:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EE89 15 KB
16 KB 269ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 500816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EE89 15 KB
15 KB 268ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 36294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 02:06:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AC30 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6523X_JUZPqSCLHH1fAPjoe-uAbfrcKxcJDhwP6HEK4CEAEgutHMFGDVBaABmZit2wPIAQGoAwHIA8sEqgTmAU_QW47agKc-zZ1FmD2Dy8x05cvYwFR-z8bXL45YoBX6gaDaTRjE2NEeIR6xXRaPm2D6NiogfmsnR5cYHY9e3E8xOq2Ms_9mMuZ1KD2-ZDHkgWmGFZKE6vKpWCTFZexEwkDk6Bc-ScjW8hIJRnQ3B0OU8iJD0QkGQGo7nMWGO6zgGe3sirEhcuc0rOWAaFfV60g7NpOENML__6DHGkyCl_uwLPQJ4Ux7rHLzzuWMQB1Fg02G64WzIIq8L-Qxcx8tfQIhYz4yYAgnFLcnCFBpd8wHxrW8Og1Bn-mLvdeEehjcQcu0ovBWwASOzOnt6gGSBQQIBBgBkgUECAUYBIAHz-fSJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEImSCtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItMzEwMDUwNDEyNzIwMTMzMRgA&sigh=T8G9Y7BDmtM&uach_m=[UACH]&cid=CAQSOwBygQiDl5tsAIOYmQjWfO87YZm1X6El9fROP0ywbWrnqzMM1OeAL2BUya4dVEgAx-vlljJHXPn5XiHoGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1919829080&pi=t.aa~a.3199874682~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1160&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280&nras=2&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mO89UlLriw&p=https%3A//www.exedb.com&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 05 May 2023 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B8B 143 B
166 B 10ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1919829080&pi=t.aa~a.3199874682~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1160&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280&nras=2&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mO89UlLriw&p=https%3A//www.exedb.com&dtd=11
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 99
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 19F4 1 KB
643 B 10ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 19:00:25 GMT
etag: 48472445140208031
expires: Fri, 05 May 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AC30 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02965c313ea7cdf9586ffbf42cbb6b7506401f5305c49f482ffd838e9a75bd42

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 33DA 19 KB
20 KB 165ms
8ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQSqTR1rMs0iGlL5yqFhHYrsYYjwWR1Hrx5bOIoTJlTk3pKiA5M87ZuFLa9dlQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08eef1945ac61e6088a73d8b32ab41008e8fe5088e87160a685034278515fdd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:04:19 GMT
x-content-type-options: nosniff
age: 500812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19465
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 02:34:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Apr 2024 17:04:19 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 33DA 23 KB
23 KB 167ms
11ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSioMhwMjKkE6lQNV5kBtjncmcBA61v8TX5H6e7Ec0aOO_w_9yT-T80Yv9v6Gw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

564b3f83a61eb952fbb5d232167c53c6ec84d464759e2250f22a879667a858b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 13:08:32 GMT
x-content-type-options: nosniff
age: 514959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23217
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 12:10:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Apr 2024 13:08:32 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 33DA 22 KB
22 KB 170ms
13ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT0YTTe0X7GVIBzU3Za5QfelHN7rbwlE9pOG1aDrAGWLbBgfXGlUhs69TAKSIM&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4770977e0bd5d2dec525192f1ecb4e9270ac7a34536e591eef47f779e8b2c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:34:56 GMT
x-content-type-options: nosniff
age: 491775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22205
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 15:41:22 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Apr 2024 19:34:56 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 33DA 30 KB
30 KB 163ms
7ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTILsWkWBGyB9Y8a4VE781OLrd8tAK1G4RSM7Ivh7bf9dg-vM6nCZu8Hcb3bg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6529146648bf3b53425beb118980687746e7d6e281dc3f099b72ac2652cb528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:51:40 GMT
x-content-type-options: nosniff
age: 494371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30629
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 14:47:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Apr 2024 18:51:40 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 33DA 14 KB
14 KB 166ms
10ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ9ZXVCLQYkUX-fyzBJiZ5X8fNep9pU0rnFqL5C3VqREknpxhI&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3462dc51f43fae8d058640d05b0e1eeab27dc0a2e8f34cee482a4887b823ce76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:14:18 GMT
x-content-type-options: nosniff
age: 539813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14452
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 03:58:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Apr 2024 06:14:18 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 33DA 18 KB
18 KB 164ms
8ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRFcgevxJIKcma_TcZcvk7kW_5Q2rQSaidjywuKYSYoAWkOSWF6GsnHaGfOmSU&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3979ea0ab06f02afed1af83b766c6fb64895ba618c83739114369f4c00479d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:35:37 GMT
x-content-type-options: nosniff
age: 473734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18387
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 03:28:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 29 Apr 2024 00:35:37 GMT

GET
H3

200

11983631967007088310
tpc.googlesyndication.com/simgad/ Frame 33DA
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_-9OpfBCdBRinATIIiVmtuSaIB6A
https://tpc.googlesyndication.com/simgad/11983631967007088310

11 KB
11 KB

9ms
9ms

Image
image/png

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11983631967007088310

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77973e0c257a8625528c0617fc26b0f645f9467f34b9ab99954575dbe149fe35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 07:58:07 GMT
x-content-type-options: nosniff
age: 533584
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10760
x-xss-protection: 0
last-modified: Sun, 04 Jul 2021 14:34:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 07:58:07 GMT

Redirect headers

date: Thu, 04 May 2023 16:22:37 GMT
x-content-type-options: nosniff
server: cafe
age: 71314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/11983631967007088310
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Jun 2023 16:22:37 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 33DA 0
234 B 539ms
186ms Ping
image/gif 2607:f8b0:4012:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhaim3o2&c=2014143700528&slotId=1007071850264&qqid=CMSGsPqS3v4CFQLB5god4doHKQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/0a6a6ae7c77fde766570b619372ea30b.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/enS30PuoGy0/ Frame 33DA 12 KB
13 KB 152ms
17ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/enS30PuoGy0/hq1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbaa23f0be34f97cd5a8554d41c6b8231cc6f4b67388c02e67a830aaa9098d85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:11 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12419
x-xss-protection: 0
server: sffe
etag: "1653919135"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 05 May 2023 14:11:11 GMT

GET
H/1.1 206
Partial Content videoplayback
rr5---sn-4g5edndz.googlevideo.com/ Frame 33DA 629 KB
630 KB 174ms
113ms Media
video/mp4 2a00:1450:4001:1a::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5edndz.googlevideo.com/videoplayback?expire=1683317471&ei=X_JUZJ2lH-rZxN8P0ZK8qAs&ip=2001:ac8:20:271::1e&id=7a74b7d0fba81b2d&itag=18&source=youtube&requiressl=yes&mh=hN&mm=31&mn=sn-4g5edndz&ms=au&mv=m&mvi=5&pl=49&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.650&lmt=1661289486022561&mt=1683288322&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgBU8AMA3evWd2Ps_wSwuzP4kxc-qNqI0oO-7uNH4PzGwCIGQFrErCi4dCUrf-LEposak-bQcaRfGL2liyDgpyfohG&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKQxypqIMbpHPBqyc3hc48z753JbYdQM_cRaFETZ4sivAiEAxDflLnKd9aYdTAShoGlICh1MU5HR0p1DZz2Q0DXctKU=&cpn=JV3wMYc5Awk9KIeF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

91879fa9466c632bc4a815e9376fb7d05c91cac2f5e687a47a66a767b5c12ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 05 May 2023 12:11:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Aug 2022 21:18:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-644064/644065
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 644065
Expires: Fri, 05 May 2023 12:11:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 33DA 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ceqd8X_JUZITbB4KCmwfhtZ_IAvOUifdsnaSUrf0N0rj1iMcKEAEgutHMFGCV4pCCoAegAa6J8fIDyAEJqQKNWIRKBfW0PqgDAcgDywSqBN4BT9A0Fh5G4RvWw9ZX8ReiwhNInzNZruELpLdPDhQHDr4Cehk1DpoK7IVhvIPWbL37fIW7axSNe1oYvM0IReKvriDNUN2ZbsmIzoDoVCGvFw9HnuJNshPuMLjVoC0sCZraqpk22mtgeal3Gw6VYkL7UZXJXwZUMChXJ6A74em3ywUSkPiv49npbXv6lypaI3o42w8fSxXfPFjNRwRJleA_lzUm_4pF5Vk8-is5FyCb8W7Ql7_VTOD3SRqvHSPt39iQNWqE6CAMI7DT6_Aw2UcVBbYZGECuFVIkMSuQ7zbnwATMierKBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe69o4NqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOqcAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwuIFAbQFQGAFwGyFxwKGggAEhRwdWItMzEwMDUwNDEyNzIwMTMzMRgA&sigh=jzakUIAEowE&uach_m=[UACH]&cid=CAQSOwBygQiD2i1u3JmEnnpCZ2bhGH19pzeAf09IAbxusLHTxylx4DkiCAvV1FC-mhwVCGrU_2br9rP9BruGGAE&template_id=499

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 05 May 2023 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8E72 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 19:00:25 GMT
etag: 48472445140208031
expires: Fri, 05 May 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 64cd2a7a31acc6b73923aaabf76d1a73.js Show response
www.gstatic.com/mysidia/ Frame 97F9 8 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/64cd2a7a31acc6b73923aaabf76d1a73.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2652264275&adf=3262825365&pi=t.aa~a.2702632798~rp.1&w=455&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=455x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=1&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280%2C1016x280&nras=4&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=833&ady=4245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TUqJjBj7ED&p=https%3A//www.exedb.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5563fee65170276d1dac906d6ecfef33bb587e428b7fb963f65d0de85e7e7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3655
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
H3 200 de516251f8491984c090adfedfb0be08.js Show response
www.gstatic.com/mysidia/ Frame 97F9 9 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/de516251f8491984c090adfedfb0be08.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45419438709484e3feaade4ba2c982f7d1295ed177b3b28620e1765798ce50ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4042
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:57:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 97F9 9 KB
932 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 May 2023 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:32:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 May 2023 12:11:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 97F9 2 KB
765 B 10ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 97F9 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8767
x-xss-protection: 0
server: cafe
etag: 1250930375877819641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:55:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 97F9 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 11:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 May 2023 11:47:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 97F9 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 17:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7943
x-xss-protection: 0
server: cafe
etag: 8166942304926428282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 May 2023 17:56:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 97F9 0
0 17ms
16ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzkzhsZ-iYEfRQqmcjrkX8B4oz33eKdMwRcNHJLfLtC2OYotvZ-TnZ3jOMV0d8q5Zz1pDxP4fN-nF34_Iwxk3RjlLMnQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2652264275&adf=3262825365&pi=t.aa~a.2702632798~rp.1&w=455&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=455x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=1&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280%2C1016x280&nras=4&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=833&ady=4245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TUqJjBj7ED&p=https%3A//www.exedb.com&dtd=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 97F9 160 KB
49 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 12:11:12 GMT

GET
H3 200 edd8a89eee97155325ac5eb40edd3aca.js Show response
www.gstatic.com/mysidia/ Frame 97F9 32 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/edd8a89eee97155325ac5eb40edd3aca.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13633
x-xss-protection: 0
last-modified: Tue, 02 May 2023 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 19:17:02 GMT

GET
DATA 200
OK truncated
/ Frame 33DA 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57f53650326ea467968dc5c9e9f0d5b8147244d1e7346a26762c4980b9668163

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame 57AF 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 07:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 07:56:45 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 19F4 0
103 B 418ms
25ms Image
text/plain 64.158.223.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDl2pmiz0jthEjF9ls0Y2QQ&google_cver=1&google_push=ATf1kGOGIZPUxydTkgbbrvYufvMNEvPHWwevwGSxabz67UlHLFunxUYrY6FW5s3ma5Xlmi2Vp1njdCX78GVyZTGKAkJXIOTAutsIOQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1919829080&pi=t.aa~a.3199874682~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1160&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280&nras=2&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mO89UlLriw&p=https%3A//www.exedb.com&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 19F4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELhc6atjOeoRBEgGkHuHi-Q&google_cver=1&google_push=ATf1kGOa5gsZIEk7TRCAmHAzbw6eOIh7rsxVunObmVtnG335ly3l7RG1riNItW9P9eXZrsoSrwMnR0K8qMfy5KF-...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOa5gsZIEk7TRCAmHAzbw6eOIh7rsxVunObmVtnG335ly3l7RG1riNItW9P9eXZrsoSrwMnR0K8qMfy5KF-BkBxzTFE15Ns

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOa5gsZIEk7TRCAmHAzbw6eOIh7rsxVunObmVtnG335ly3l7RG1riNItW9P9eXZrsoSrwMnR0K8qMfy5KF-BkBxzTFE15Ns

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 05 May 2023 12:11:12 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x31 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOa5gsZIEk7TRCAmHAzbw6eOIh7rsxVunObmVtnG335ly3l7RG1riNItW9P9eXZrsoSrwMnR0K8qMfy5KF-BkBxzTFE15Ns
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 May 2023 12:11:11 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 19F4
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAqLpZsCzQLQJr9XcDiuqZU&google_cver=1&google_push=ATf1kGNuaK0GyDGlThFSlla6iEIgVMHzKvvn3UeNvxkrSjXF33PFudsjm0USFFx9n2nxyFmQDZzzvIJqRgU_9wLgRGqMGZQTsn50I...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAqLpZsCzQLQJr9XcDiuqZU&google_cver=1&google_push=ATf1kGNuaK0GyDGlThFSlla6iEIgVMHzKvvn3UeNvxkrSjXF33PFudsjm0USFFx9n2nxyFmQDZzzvIJqRgU_9wLgRGqMGZQTsn5...

43 B
409 B

185ms
184ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAqLpZsCzQLQJr9XcDiuqZU&google_cver=1&google_push=ATf1kGNuaK0GyDGlThFSlla6iEIgVMHzKvvn3UeNvxkrSjXF33PFudsjm0USFFx9n2nxyFmQDZzzvIJqRgU_9wLgRGqMGZQTsn50Ig&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNuaK0GyDGlThFSlla6iEIgVMHzKvvn3UeNvxkrSjXF33PFudsjm0USFFx9n2nxyFmQDZzzvIJqRgU_9wLgRGqMGZQTsn50Ig%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c28e279a85fbbaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 417
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAqLpZsCzQLQJr9XcDiuqZU&google_cver=1&google_push=ATf1kGNuaK0GyDGlThFSlla6iEIgVMHzKvvn3UeNvxkrSjXF33PFudsjm0USFFx9n2nxyFmQDZzzvIJqRgU_9wLgRGqMGZQTsn50Ig&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNuaK0GyDGlThFSlla6iEIgVMHzKvvn3UeNvxkrSjXF33PFudsjm0USFFx9n2nxyFmQDZzzvIJqRgU_9wLgRGqMGZQTsn50Ig%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c28e2786e24bbaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 19F4
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA3SEKYN7Tr5LEzu3BK0ycQ&google_cver=1&google_push=ATf1kGNPBJ3aAx1abE7TcIScZhS0HHHJTME1Nrv16ePpbiaVyHhuTgbdtGJTbHFmV_zKV5oSj0xnTisyfTTd_O...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyOTY2OTc5NTk3MDAyMTUyMQ%3D%3D&google_push=ATf1kGNPBJ3aAx1abE7TcIScZhS0HHHJTME1Nrv16ePpbiaVyHhuTgbdtGJTbHFmV_zKV5oSj0xnTisyfTTd_OEwwb...

170 B
188 B

22ms
21ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyOTY2OTc5NTk3MDAyMTUyMQ%3D%3D&google_push=ATf1kGNPBJ3aAx1abE7TcIScZhS0HHHJTME1Nrv16ePpbiaVyHhuTgbdtGJTbHFmV_zKV5oSj0xnTisyfTTd_OEwwbPUqSMzLhLC

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyOTY2OTc5NTk3MDAyMTUyMQ%3D%3D&google_push=ATf1kGNPBJ3aAx1abE7TcIScZhS0HHHJTME1Nrv16ePpbiaVyHhuTgbdtGJTbHFmV_zKV5oSj0xnTisyfTTd_OEwwbPUqSMzLhLC
Date: Fri, 05 May 2023 12:11:12 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 19F4
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPkftjkk5OHIMuZYJtZsOBE&google_cver=1&google_push=ATf1kGPk4PDyCIsDzlKbbRJQsNveH4sjAKG96_34UYhwPCvbaHJEBR0PMvDfSQ2jTFnNfioUH2RRqzeA7QrzWJNrjUjD...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPkftjkk5OHIMuZYJtZsOBE&google_cver=1&google_push=ATf1kGPk4PDyCIsDzlKbbRJQsNveH4sjAKG96_34UYhwPCvbaHJEBR0PMvDfSQ2jTFnNfioUH2RRqzeA7QrzWJ...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPk4PDyCIsDzlKbbRJQsNveH4sjAKG96_34UYhwPCvbaHJEBR0PMvDfSQ2jTFnNfioUH2RRqzeA7QrzWJNrjUjDemIDZX_-mw&google_hm=Vi00UP--Sv6Qe-fbkDXAuw==

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPk4PDyCIsDzlKbbRJQsNveH4sjAKG96_34UYhwPCvbaHJEBR0PMvDfSQ2jTFnNfioUH2RRqzeA7QrzWJNrjUjDemIDZX_-mw&google_hm=Vi00UP--Sv6Qe-fbkDXAuw==

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPk4PDyCIsDzlKbbRJQsNveH4sjAKG96_34UYhwPCvbaHJEBR0PMvDfSQ2jTFnNfioUH2RRqzeA7QrzWJNrjUjDemIDZX_-mw&google_hm=Vi00UP--Sv6Qe-fbkDXAuw==
date: Fri, 05 May 2023 12:11:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 19F4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPUJOLP0alPFinWxpiv5A8E&google_cver=1&google_push=ATf1kGNOk6QShFaJJbFLRDbd5B8HIZxl7ppG2obuo6hugK-rhRmJO6CawYvEadUUSImqe2KiGYDRwR0L...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPUJOLP0alPFinWxpiv5A8E&google_cver=1&google_push=ATf1kGNOk6QShFaJJbFLRDbd5B8HIZxl7ppG2obuo6hugK-rhRmJO6CawYvEadUUSImqe2KiGYD...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGNOk6QShFaJJbFLRDbd5B8HIZxl7ppG2obuo6hugK-rhRmJO6CawYvEadUUSImqe2KiGYDRwR...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGNOk6QShFaJJbFLRDbd5B8HIZxl7ppG2obuo6hugK-rhRmJO6CawYvEadUUSImqe2KiGYDRwR0LHexUtjat1eNo8Dwqima9

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGNOk6QShFaJJbFLRDbd5B8HIZxl7ppG2obuo6hugK-rhRmJO6CawYvEadUUSImqe2KiGYDRwR0LHexUtjat1eNo8Dwqima9
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 19F4
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGduUWXmsyzk0ERENTA54Kc&google_cver=1&google_push=ATf1kGP8ohMDsQEr9mCe1joF_aVq4ptwrnxvBw96vYdI_Zg3n1NpZpT33hLGeGc3j0PWyM2mFYA9jHQKd65k...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGP8ohMDsQEr9mCe1joF_aVq4ptwrnxvBw96vYdI_Zg3n1NpZpT33hLGeGc3j0PWyM2mFYA9jHQKd65kk3KVB7xohIfYxO8y

170 B
329 B

19ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGP8ohMDsQEr9mCe1joF_aVq4ptwrnxvBw96vYdI_Zg3n1NpZpT33hLGeGc3j0PWyM2mFYA9jHQKd65kk3KVB7xohIfYxO8y

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGP8ohMDsQEr9mCe1joF_aVq4ptwrnxvBw96vYdI_Zg3n1NpZpT33hLGeGc3j0PWyM2mFYA9jHQKd65kk3KVB7xohIfYxO8y
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 19F4 0
40 B 59ms
18ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsIkTYbCAjoNXzgdzbrTqBP-JB2c2HXzdBOhfhnlX_JApUJJOj-5DM3Jrr14N3YZvYsQA1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8E72 0
104 B 414ms
24ms Image
text/plain 64.158.223.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEE-GmGAHEUOHtUcW75_9Yjw&google_cver=1&google_push=ATf1kGPWMHlH8Q2h-BRSmZBVNs8XKQsTYTW0SKmdB7DJZEwns9yhpG2OdrMe-yzKOs901_LQeGDrFUT96EPNgFHaoy7G9-fBjNsxgag
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E72
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMuYHmVYUVfkmzS4iSSApbM&google_cver=1&google_push=ATf1kGMZf0BCdHqnpZm0N-HK3D4gl2e6eUszAS6jKq6QG1WvFFMZMqeSX3luaK04AEZf6vx78TyPqubvdy9Ng22e8-IS...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMuYHmVYUVfkmzS4iSSApbM&google_cver=1&google_push=ATf1kGMZf0BCdHqnpZm0N-HK3D4gl2e6eUszAS6jKq6QG1WvFFMZMqeSX3luaK04AEZf6vx78TyPqubvdy9Ng2...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMZf0BCdHqnpZm0N-HK3D4gl2e6eUszAS6jKq6QG1WvFFMZMqeSX3luaK04AEZf6vx78TyPqubvdy9Ng22e8-ISInm8kRRPwrE&google_hm=Vi00UP--Sv6Qe-fbkDXA...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMZf0BCdHqnpZm0N-HK3D4gl2e6eUszAS6jKq6QG1WvFFMZMqeSX3luaK04AEZf6vx78TyPqubvdy9Ng22e8-ISInm8kRRPwrE&google_hm=Vi00UP--Sv6Qe-fbkDXAuw==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMZf0BCdHqnpZm0N-HK3D4gl2e6eUszAS6jKq6QG1WvFFMZMqeSX3luaK04AEZf6vx78TyPqubvdy9Ng22e8-ISInm8kRRPwrE&google_hm=Vi00UP--Sv6Qe-fbkDXAuw==
date: Fri, 05 May 2023 12:11:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E72
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGOVSvdI...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGOVSvdI...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MDUxMjExMTIwMDAxODM4NzQ2Mzk0MA%3D%3D&google_push=ATf1kGOVSvdIV1EZW9EIc3oubHaD3KM0K0ohF0YPxBRUMieSGEAvkdALmCa979Xoee0k37...

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MDUxMjExMTIwMDAxODM4NzQ2Mzk0MA%3D%3D&google_push=ATf1kGOVSvdIV1EZW9EIc3oubHaD3KM0K0ohF0YPxBRUMieSGEAvkdALmCa979Xoee0k37jbdfQCIVi6J_bsNv6oWfyiPWYpsgPw2w

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA1MDUxMjExMTIwMDAxODM4NzQ2Mzk0MA%3D%3D&google_push=ATf1kGOVSvdIV1EZW9EIc3oubHaD3KM0K0ohF0YPxBRUMieSGEAvkdALmCa979Xoee0k37jbdfQCIVi6J_bsNv6oWfyiPWYpsgPw2w
pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 05 May 2023 12:11:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E72
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEMSKcJqOXuicreWSraBqNNs&google_cver=1&google_push=ATf1kGPd1XYUKCcArGA1BIr7NRNyiECsqvK6FkJqgl9z8jeGNX636c-4Tg63ENVEdl0ya7fHglOG49kfVE3QeJVFrw6QGHE...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMSKcJqOXuicreWSraBqNNs&google_cver=1&google_push=ATf1kGPd1XYUKCcArGA1BIr7NRNyiECsqvK6FkJqgl9z8jeGNX636c-4Tg63ENVEdl0ya7fHglOG49kfVE3QeJVFrw6QG...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPd1XYUKCcArGA1BIr7NRNyiECsqvK6FkJqgl9z8jeGNX636c-4Tg63ENVEdl0ya7fHglOG49kfVE3QeJVFrw6QGHEuNvyP90c

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPd1XYUKCcArGA1BIr7NRNyiECsqvK6FkJqgl9z8jeGNX636c-4Tg63ENVEdl0ya7fHglOG49kfVE3QeJVFrw6QGHEuNvyP90c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPd1XYUKCcArGA1BIr7NRNyiECsqvK6FkJqgl9z8jeGNX636c-4Tg63ENVEdl0ya7fHglOG49kfVE3QeJVFrw6QGHEuNvyP90c
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 8E72 43 B
363 B 68ms
18ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEPVQ8KrhqK91eqKzNDfSLoQ&google_cver=1&google_push=ATf1kGPlKhEVzUTFiKvbv2aRiydo-yASeHZOyPjHaGy7RnOcXK897uj_8bQB14TZXIlYhLYPFtSGn4bXveOLlzXxzVwZqLBdPT2_tm4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:11 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 263805
expires: Fri, 05 May 2023 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 8E72 42 B
213 B 67ms
18ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEEIWEwLIYbwyBTwBhW5YO6k&google_push=ATf1kGPL5XUIpXr8h7Kue8PHe0HYxvWFhkQ6qnHbikmvrQkV4HMA-Ww1PSNR1z5PO6Bb_8ieZXruumijKQztF85R0n3eyaV9VAtiSA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:12 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E72
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qs3R3T5ISyW_IgKBKSvz-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qs3R3T5ISyW_IgKBKSvz-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMiRsP0XXvAFk6u6Whik5nmPukOOYHenEAk9Sb-mQ6E6KpZMdbdUV_N7duzlEHxXOtUe87DPmLzBGT0B5IwWd2B9TB5qfGLrUQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qs3R3T5ISyW_IgKBKSvz-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMiRsP0XXvAFk6u6Whik5nmPukOOYHenEAk9Sb-mQ6E6KpZMdbdUV_N7duzlEHxXOtUe87DPmLzBGT0B5IwWd2B9TB5qfGLrUQ
date: Fri, 05 May 2023 12:11:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8E72 0
130 B 54ms
17ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IVVcpbOxMwGJaIYZU1SYXNkgs_W-Fb_EogYPNytHhpShkBm482TIzVwqnVpPtF2Cb2htR0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B8B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
18ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:12 GMT
expires: Fri, 05 May 2023 12:11:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1997305006706444999/ Frame 97F9 3 KB
3 KB 12ms
11ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1997305006706444999/14763004658117789537?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be5f48a1096278752da6ef49ad0b6b709840872dc2670b24c835b53947a94e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 03:45:00 GMT
x-content-type-options: nosniff
age: 462372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2689
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 13:04:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Apr 2024 03:45:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 97F9 0
0 59ms
56ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcHDPX_JUZPTmB4zE1fAPl4CSOJLsuKRs4bal89APx_W7lo8OEAEgutHMFGCV4pCCoAegAeK_oeIDyAEBqQJ5zaBGesaoPqgDAaoE4AFP0JPnMCjwVqPo-hgBbL_1WXw3Y13r2She9zMkuKRgqeduxcWoEaoriH8AVpb_yk7WXBp8evhZ7WzkhMg2lPxDeJo_oVDNApKFVBeNdGY0fFbv4ZKbaI7oX6zHAm8fPDgo4x14Qu_FOOgHP6F7mG9LlIHD1A2RU9ZvtgZQg0-Ms1gc2LI4deC8CBk_WY2GDa5lPGR9g4dA1EbfkPIniLR5-x_f2ALww7e1uDghFXu0lzu56xQXEYu4IyLYV2T9rG1otO6mKshOS2ul8LnV4WO3pCPVUUo8zoGoKuRIrNd-9MAEhqTyv4cEkgUECAQYAZIFBAgFGASAB4bA3h2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDSR9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMzEwMDUwNDEyNzIwMTMzMRgA&sigh=2FTKYYN0a1I&uach_m=[UACH]&cid=CAQSOwBygQiDOa4dgLZ5_M5kqM-eSmlhfouNppJuCqHNp1KMIG1kltHBSRJi5UJnifAmAdRvAE8A8E8YA-1DGAE&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2652264275&adf=3262825365&pi=t.aa~a.2702632798~rp.1&w=455&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=455x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=1&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280%2C1016x280&nras=4&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=833&ady=4245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TUqJjBj7ED&p=https%3A//www.exedb.com&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 05 May 2023 12:11:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EEE9 143 B
166 B 15ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2652264275&adf=3262825365&pi=t.aa~a.2702632798~rp.1&w=455&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=455x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=1&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280%2C1016x280&nras=4&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=833&ady=4245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TUqJjBj7ED&p=https%3A//www.exedb.com&dtd=18
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame AC30 29 KB
29 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 08:31:25 GMT
x-content-type-options: nosniff
age: 99587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 May 2024 08:31:25 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 33DA 18 KB
18 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1977d37efc117e675cf21c6d114cf72a98fc3b9f884227aba814f5ad407a03f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 12:15:54 GMT
x-content-type-options: nosniff
age: 86118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18560
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 May 2024 12:15:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E3C5 1 KB
643 B 12ms
9ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 19:00:25 GMT
etag: 48472445140208031
expires: Fri, 05 May 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 97F9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83392a77dd31995c1ec34eaf3de968c1a4c90dc2483ecdfe29c68fbe0cfd1609

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame F244 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 07:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 07:56:45 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E3C5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMJCOP3qLU79fjdqN3OkW_M&google_cver=1&google_push=ATf1kGMIVPvEJDmTFXLFHn_DQqK0GIH1n8tTSQZRx3c_KEEI8n65_NPsUj991rH92O40421aJ65AwKZOwIzFXUHH1762lbJ_ksPQWKw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D559E7AB359646CC8CAA695DC60F732D&google_push=ATf1kGMIVPvEJDmTFXLFHn_DQqK0GIH1n8tTSQZRx3c_KEEI8n65_NPsUj991rH92O40421aJ65AwKZOwIzFXUH...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D559E7AB359646CC8CAA695DC60F732D&google_push=ATf1kGMIVPvEJDmTFXLFHn_DQqK0GIH1n8tTSQZRx3c_KEEI8n65_NPsUj991rH92O40421aJ65AwKZOwIzFXUHH1762lbJ_ksPQWKw

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 05 May 2023 12:11:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D559E7AB359646CC8CAA695DC60F732D&google_push=ATf1kGMIVPvEJDmTFXLFHn_DQqK0GIH1n8tTSQZRx3c_KEEI8n65_NPsUj991rH92O40421aJ65AwKZOwIzFXUHH1762lbJ_ksPQWKw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 04 May 2023 12:11:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E3C5
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAbPVjAC_Zv1XnE91EJ2gbA&google_cver=1&google_push=ATf1kGP9USfBvr5ZBzyQQjtj9iuRQyKIa96H8BwhkzJ1-L44k_fB7iN5qT_IyzAmr0NaxsCCR4A8MrXQdoJ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP9USfBvr5ZBzyQQjtj9iuRQyKIa96H8BwhkzJ1-L44k_fB7iN5qT_IyzAmr0NaxsCCR4A8MrXQdoJ29qy-lfM2Y2MqJavLHBo&google_hm=CrX49--zRRSppiZ94...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP9USfBvr5ZBzyQQjtj9iuRQyKIa96H8BwhkzJ1-L44k_fB7iN5qT_IyzAmr0NaxsCCR4A8MrXQdoJ29qy-lfM2Y2MqJavLHBo&google_hm=CrX49--zRRSppiZ94j2XUEY

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP9USfBvr5ZBzyQQjtj9iuRQyKIa96H8BwhkzJ1-L44k_fB7iN5qT_IyzAmr0NaxsCCR4A8MrXQdoJ29qy-lfM2Y2MqJavLHBo&google_hm=CrX49--zRRSppiZ94j2XUEY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame E3C5 0
174 B 252ms
228ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDh-f0wIP_luzrL9hUs-dQw&google_cver=1&google_push=ATf1kGNT_BO5RXHO7pa0OCGxz2715izssbrLPlaIaf--L3EnAaCA5-8qP_2ig_CX0bs_c1-oeQEGchm9f9lyhJ38Rp2tMWTM5-g2wWE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2652264275&adf=3262825365&pi=t.aa~a.2702632798~rp.1&w=455&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=455x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=1&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280%2C1016x280&nras=4&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=833&ady=4245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=TUqJjBj7ED&p=https%3A//www.exedb.com&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E3C5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECBlPj0dBqlrIX4iEthPgbE&google_cver=1&google_push=ATf1kGP5fGg1GDo7K7lyypNGF_zsiSOO_hIbtRVs_TQFiZszqOq7Z0XeHCmUSneOtkVdob1UkAU4RKbn...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGP5fGg1GDo7K7lyypNGF_zsiSOO_hIbtRVs_TQFiZszqOq7Z0XeHCmUSneOtkVdob1UkAU4RK...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGP5fGg1GDo7K7lyypNGF_zsiSOO_hIbtRVs_TQFiZszqOq7Z0XeHCmUSneOtkVdob1UkAU4RKbnie4KpMt-nVrx7izDrkagdA

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGP5fGg1GDo7K7lyypNGF_zsiSOO_hIbtRVs_TQFiZszqOq7Z0XeHCmUSneOtkVdob1UkAU4RKbnie4KpMt-nVrx7izDrkagdA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E3C5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECBlPj0dBqlrIX4iEthPgbE&google_cver=1&google_push=ATf1kGMaZN-1rSgyIVjUBlfUc-Fer9IVU5TmWiVV2aF8Sl9KxhujtnsX-LDRgwEDFsy7ZoDaIXaezd0g...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGMaZN-1rSgyIVjUBlfUc-Fer9IVU5TmWiVV2aF8Sl9KxhujtnsX-LDRgwEDFsy7ZoDaIXaezd...

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGMaZN-1rSgyIVjUBlfUc-Fer9IVU5TmWiVV2aF8Sl9KxhujtnsX-LDRgwEDFsy7ZoDaIXaezd0gLg_4iQfEqXcCepfCwJ4kQxk

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDkyNjgyNjkwNzgxMDYwMw&google_push=ATf1kGMaZN-1rSgyIVjUBlfUc-Fer9IVU5TmWiVV2aF8Sl9KxhujtnsX-LDRgwEDFsy7ZoDaIXaezd0gLg_4iQfEqXcCepfCwJ4kQxk
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E3C5
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qs3R3T5ISyW_IgKBKSvz-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qs3R3T5ISyW_IgKBKSvz-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPLDxZlKyH3-Tq-osWc7q8ealbGD_NHrwMVrGUk1XMP2LLDWZZNvRfx-Awobc34hHxUFaFfPO9syVx8dV0xvixc0ynYKEV7OQ

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qs3R3T5ISyW_IgKBKSvz-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPLDxZlKyH3-Tq-osWc7q8ealbGD_NHrwMVrGUk1XMP2LLDWZZNvRfx-Awobc34hHxUFaFfPO9syVx8dV0xvixc0ynYKEV7OQ
date: Fri, 05 May 2023 12:11:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

report
sync.teads.tv/um/ Frame E3C5
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB8gNbSMIk43lZTWmST_EtY&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGMMjIAHAHvhBAgqnFGZcZbvPHpv8OWG1l7KZJtVoTJ0y_D2VQYgSwsRQJDwCDLY96F3tai0CdK5iwJlkMiMuwV552DWsj_bowZK
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

52ms
52ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Fri, 05 May 2023 12:11:12 GMT
pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E3C5 0
12 B 15ms
14ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXI_FaYCz_Wy9vyL0_tkT7k9_X4xohjFm7GT3ti-Q4QR-G6JayZib6QMehlHtKWx7XSQNSqw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 97F9 29 KB
29 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 08:31:25 GMT
x-content-type-options: nosniff
age: 99587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 May 2024 08:31:25 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EEE9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

17ms
17ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:12 GMT
expires: Fri, 05 May 2023 12:11:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame 0142 38 KB
15 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=2121525611&adf=1531192964&pi=t.aa~a.3199979657~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1683288671&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683288671077&bpp=1&bdt=1159&idt=-M&shv=r20230502&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D585e0d361aa8fb25-223ce872c0dd0024%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA&gpic=UID%3D00000bf66ce3eccd%3AT%3D1683288670%3ART%3D1683288670%3AS%3DALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA&prev_fmts=0x0%2C1016x280%2C1016x280&nras=3&correlator=8465573913581&frm=20&pv=1&ga_vid=1161945413.1683288670&ga_sid=1683288671&ga_hid=1333124562&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=3011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C44759876%2C44785292%2C44788442%2C44789924%2C44790543&oid=2&pvsid=4189106139995991&tmod=1733657780&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vUfpkSiSDK&p=https%3A//www.exedb.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 07:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 07:56:45 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 58ms
58ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230502&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d198be1dbaa640e31c1e7af92bb27e30688d1410ea672e188ebedd267696d579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11076
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 May 2023 12:11:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 80CC 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:03:21 GMT
expires: Sat, 04 May 2024 12:03:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 54A1 783 B
533 B 20ms
19ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28117ad49e5ecfe6902afc32e2d911b4712871cb1c6c195c6396315db47d3116

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MCiYjHews8PGbhuoL2-hVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-MCiYjHews8PGbhuoL2-hVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 May 2023 12:11:12 GMT
expires: Fri, 05 May 2023 12:11:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B0A9 42 B
64 B 110ms
109ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuj-OwIjmQebjEmbuRPlsSFzTNCizDY7HkrV3l-go0eSCHihFjk2rKHYDEjn8s02on16C3izi3vASeOn2dFb_5jpK4cyWUvAgG_kjQvg68D1tgoTOcPWm80n-NuuFSRob--Yb4IRA&sai=AMfl-YRjLWl65uhL-IHcjZ0KDUDaVxjCSerOOP36X2M2LjL83sQoO0jgUZe_rqGEJWebsYQZq0LU9JpB09R0&sig=Cg0ArKJSzGYIw4wciZ3KEAE&cid=CAQSGwBygQiDyxpLuYk8ZQpW9qMmcJQT9eH7gGPlfxgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683288671146&rpt=301&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame 80CC 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 07:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 07:56:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 54A1 0
0 41ms
41ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230502&jk=4189106139995991&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 80CC 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2_WPcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:11:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 57C9 42 B
64 B 107ms
107ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6_B-b1YoYCSe2C_EgP4eDGwvKsIE32txivlUoRqFLZnOxDVsdFTLfYFDvPXThj8XUM7fR5rI-5zF-DPqAH1EJ6Yqb6D2gpdUja17dRqfXKarn5hUrF0tZTIiQlS079D9-cuc4_Q&sai=AMfl-YSdBRXHkahHscEcr9xek4XULrwWSP2fPMEuREQBPRP0l2oZeNYzhUcToe00uMCrebqRxXfJ_lmhFMUu&sig=Cg0ArKJSzEMCUgJ8nE93EAE&cid=CAQSGwBygQiDyxpLuYk8ZQpW9qMmcJQT9eH7gGPlfxgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683288671148&rpt=425&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE89 42 B
64 B 108ms
107ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvx4JHfsJBwtd-m28FZR8-xuygas-Q5CS2IhFw3pm9JOFShfArHBUEYlvKmGwnGgsHXiOC6KpVXRX0IZypBdiplXLE6gK9YO2BMc8sCC7mMX5-4VoKOxrOnL4bixqZj5Clxpjp1bA&sai=AMfl-YS4v-0e15HAoMyhOQLzOWLK_TOqJ0Qzlt0PCsAevskOOv9Ihqp5oxS7uU4IuDa2aafH_2ymXJM_qJWA&sig=Cg0ArKJSzLiibD_jdGgMEAE&cid=CAQSGwBygQiDrqL8ZcAOI7UjVZ_-RFIw8Y_nX7Cw4hgB&id=lidar2&mcvt=1000&p=0,0,280,1016&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2561547316&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683288670544&rpt=1409&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230502&jk=4189106139995991&bg=!srGlseXNAAYV_mUANf47ADkAdvg8WjCCqQw2MWqoIK_lyWXw5VLezC3k-DWwho5zEc9v_jhCfUi6Y-vVQ58PceJISbR-IZs40SACAAAATVIAAAADaAEHCgBJ3pemyu3ph-v00874sUcQHq9XF1rTG2FCSRykytUuiMXn9KtR8XywJiuaFnIihT74rTQqOcfbdXLI0rWrwuxAQ35pK2x5ES01kJkC1W4aYSV7yUhqDakQc097994MKDwbrhi5mSBb8XGnADrsQuz3eRdnrC9RHpY71esNsKeiXefda1zWpUJAWi0LVG6DphyJTYYw_ptBDj-Ql61aOcGtIqQcNRFmH5dP9u1_CYx38-Qpiav_Umoc13NdN0iiQEFSSCZGh6KcWpWRvSxW79mjBxRXdJRHKjSQTmUF2bFehn5HI3siKqBaj_8m_okUfGogwE-3bIAG06RLZWXE2_Z20W_SncqhRB0QGZ_tLbHxUHHlEL1hJhF3NABEabY0gKIWj4FIFkgjQ0eAMwb1ef2gWlciTuS2eBWvMl6XgFOqVX8v6bLuIPNY2TeMS0waROzYo5Ufm8RM14HEAP4Qk4RZ1HRqrInt9JhIhmmWxW6aaeeZJeATfMvVDr4F2xO6aSezPN3AP0GC4UynpQlDs5ymrf5TUoJDVMQ7TY9AgU634euQo9SAa9YeyOY9cPqTFi8rr0eE4kq1RXdoWgnLYuhNUBzRFhCKc7o-tXG5WQWbBgHcK3zhOAE-e89irxUgRd5IUPRrnr1Xm56S-JcBLRnVi-V3eDwArJz-nNfT16A0Hm4GUZD80WPwh2IRSVnK5KnnqmycA66DP30cHo_HMatNdi5n6IpW_QQ3ruUH28MMmpznrHA7URJFiN3Vs10eKVZJ4-AILz91h4Wl-ZiU9fs0mT6-NKZLTTCV_-IjBef6Xp1keYgKjUlK_xxXU8SSV3aAYikflbViYGOYuadm11n5M1cGNd_9rDFVl6QuXSHfwW4Ry0HFmGeiE2er6FyE8M51V68QucmGmbtHCYVr_Y8Q_Vdx6du2SFXbEHwPbsm2KPJZgh1LcjqVqZXw2KpQYqEteQDrLHWp5WADpLF-g7F2YTX94MWsNyKHZ_FRX0gMHlStg_oPTkpiNkmNXiTteIfM0TiKbS9yS7f-VffhfUmf-mR1dm96kUoBThezyPUAVHW2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 33DA 0
54 B 185ms
185ms Ping
image/gif 2607:f8b0:4012:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhaim3o9&c=2014143700528&slotId=1007071850264&qqid=CMSGsPqS3v4CFQLB5god4doHKQ&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/0a6a6ae7c77fde766570b619372ea30b.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 12:11:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.exedb.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDQWQBQCDS Value: GPJLHIGCDJKOOIFEMLLOIOJP
.exedb.com/	1970-01-20 21:10:48	Name: _ga_RMPSQLW73D Value: GS1.1.1683288670.1.0.1683288670.0.0.0
.exedb.com/	1970-01-20 21:10:48	Name: _ga Value: GA1.2.1161945413.1683288670
.exedb.com/	1970-01-20 11:36:15	Name: _gid Value: GA1.2.808031100.1683288670
.exedb.com/	1970-01-20 11:34:48	Name: _gat_gtag_UA_37168065_1 Value: 1
.exedb.com/	1970-01-20 20:56:24	Name: __gads Value: ID=585e0d361aa8fb25-223ce872c0dd0024:T=1683288670:RT=1683288670:S=ALNI_MZzgf2qEOv4dKj9zI8dEk3BUvO6kA
.exedb.com/	1970-01-20 20:56:24	Name: __gpi Value: UID=00000bf66ce3eccd:T=1683288670:RT=1683288670:S=ALNI_MYcAzfdrEX-vmb_zUt2eNyuM3s9qA
.doubleclick.net/	1970-01-20 11:34:52	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 20:56:24	Name: IDE Value: AHWqTUl1xo5wpqsrhunJzc2JOkqmnvkuzDZGYPY_BQJJeWNhYJTsqfuWTNNNIQghY8Y
.bidswitch.net/	1970-01-20 20:20:24	Name: c Value: 1683288672
.bidswitch.net/	1970-01-20 20:20:24	Name: tuuid_lu Value: 1683288672
.bidswitch.net/	1970-01-20 20:20:24	Name: tuuid Value: 562d3450-ffbe-4afe-907b-e7db9035c0bb
.adfarm1.adition.com/	1970-01-20 13:44:24	Name: UserID1 Value: 7229669795970021521
.mathtag.com/	1970-01-20 21:00:43	Name: uuid Value: e0056454-f260-4600-bbf2-cac5ff4763e4
.mathtag.com/	1970-01-20 12:18:00	Name: mt_mop Value: 4:1683288672
.bidswitch.net/	1970-01-20 11:34:48	Name: google_push Value: ATf1kGMZf0BCdHqnpZm0N-HK3D4gl2e6eUszAS6jKq6QG1WvFFMZMqeSX3luaK04AEZf6vx78TyPqubvdy9Ng22e8-ISInm8kRRPwrE
.pubmatic.com/	1970-01-20 11:36:15	Name: KTPCACOOKIE Value: YES
.de17a.com/	1970-01-20 20:13:12	Name: guid Value: 1.7710330992980559679
.adform.net/	1970-01-20 12:19:27	Name: C Value: 1
.pubmatic.com/	1970-01-20 20:20:24	Name: KADUSERCOOKIE Value: AACDD1DD-3E48-4B25-BF22-0281292BF3F9
.adform.net/	1970-01-20 13:01:12	Name: uid Value: 8174926826907810603
.e.dlx.addthis.com/	1970-01-20 21:05:03	Name: na_tc Value: Y
.ctnsnet.com/	1970-01-20 20:20:24	Name: cid_0ab5f8f7efb34514a9a6267de23d9750 Value: 1
.ctnsnet.com/	1970-01-20 20:20:24	Name: gid_CAESEAbPVjAC_Zv1XnE91EJ2gbA Value: 1
.simpli.fi/	1970-01-20 20:21:51	Name: suid Value: D559E7AB359646CC8CAA695DC60F732D
.addthis.com/	1970-01-20 21:05:03	Name: na_id Value: 2023050512111200018387463940
.addthis.com/	1970-01-20 21:05:03	Name: na_tc Value: Y
.addthis.com/	1970-01-20 21:05:03	Name: uid Value: 6454f260488bf9d3
.addthis.com/	1970-01-20 21:05:03	Name: ouid Value: 6454f26000012bdaa4848bc2e78c4d3083f00cf51f4ceb7f5b1c
.dlx.addthis.com/	1970-01-20 12:18:00	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 12:18:00	Name: na_sr Value: 20230505
.dlx.addthis.com/	1970-01-20 11:34:48	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 12:18:00	Name: na_sc_e Value: 0
.tribalfusion.com/	1970-01-20 13:44:24	Name: ANON_ID Value: a4nseFSZdIijSTnMSYlkjEFrFnfpi1tOfItTSnvqt0uRgJK5WJuFEG8470CLweTfh3D0tEyR90g4dvnGYsPPK
.blismedia.com/	1970-01-20 20:20:28	Name: b Value: 6454F2603BACF6F2EBDEBFFFBLIS

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271803&client=ca-pub-3100504127201331&fa=3&ifi=6&uci=a!6&btvi=4&xpc=f0Z9B0Kam2&p=https%3A//www.exedb.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-3100504127201331&fa=4&ifi=7&uci=a!7&btvi=5&xpc=b3aiUyjv32&p=https%3A//www.exedb.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.com
adservice.google.de
c1.adform.net
cm.g.doubleclick.net
csi.gstatic.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
exedb.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
i1.ytimg.com
image6.pubmatic.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rr5---sn-4g5edndz.googlevideo.com
s.tribalfusion.com
stats.g.doubleclick.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.exedb.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.111.217.42
142.250.184.194
178.250.7.11
18.193.92.249
185.29.134.244
185.64.190.78
2001:4860:4802:32::178
2001:4860:4802:32::36
213.155.156.165
2606:4700::6812:19ad
2607:f8b0:4012:817::2003
2a00:1450:4001:1a::a
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c0b::9b
34.160.236.64
34.96.105.8
35.186.193.173
35.204.74.118
37.157.2.234
51.89.9.253
64.158.223.140
69.192.160.219
85.114.159.93
92.204.128.206
00b8b9719f683a9ab1e208c5c34a5bcb70c0a77b33018db5ee3974d69c75ebd3
02965c313ea7cdf9586ffbf42cbb6b7506401f5305c49f482ffd838e9a75bd42
08eef1945ac61e6088a73d8b32ab41008e8fe5088e87160a685034278515fdd3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb7641448a1967cafe84d0532d67b8eb9c5a52132240910bd5d25df976394b3
1523130779b9ac230cbac6ca9b743a89b18f4f74033f0a8482179f0fa88f0792
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1977d37efc117e675cf21c6d114cf72a98fc3b9f884227aba814f5ad407a03f0
1a5f87b3eee8fce1148724feb652763793a2376057c2421828dbf23d35b06711
1b437792d5cfb3dfffde9e371932c204859f0bc6443ec73b85cf29d54925cac6
22735c99662bf4eb65b6e29db04af4cfc8ac31d8f14d57dd3c8f17cfad1329c7
23c8ae74cdd5195968a5e623d06fe46ae7044089c9baf35b1521e41871340dfc
28117ad49e5ecfe6902afc32e2d911b4712871cb1c6c195c6396315db47d3116
31208d5e24fe092caa4a658b20abda62728eb73f87544a26dfe4122cf1503f0a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3462dc51f43fae8d058640d05b0e1eeab27dc0a2e8f34cee482a4887b823ce76
3819c12c3b8c977149633c15d23580e969a14932273a683d90d759165fd04466
3979ea0ab06f02afed1af83b766c6fb64895ba618c83739114369f4c00479d71
3be5f48a1096278752da6ef49ad0b6b709840872dc2670b24c835b53947a94e6
45419438709484e3feaade4ba2c982f7d1295ed177b3b28620e1765798ce50ea
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
47223b48b386c019343a82c241db563b205670b203a7efab4af7a96eaff996c1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e09eef723d72c7586178e30c635f747e4699f169fecf04e6f634c75a1587867
4e57913ad3a555f080b3967c4b7d31522a7d5ebe68346100d02360bb95d3398a
5162df6ef46ca88b1e30c7aa287da67f8a1e425bc0cb45662f2a7fead4cb1a31
5563fee65170276d1dac906d6ecfef33bb587e428b7fb963f65d0de85e7e7e9e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564b3f83a61eb952fbb5d232167c53c6ec84d464759e2250f22a879667a858b6
5774b8843c9d7cfd33e0d14d782ced5078755736b952d72fb7e7afe9e5b7a1cb
57f53650326ea467968dc5c9e9f0d5b8147244d1e7346a26762c4980b9668163
5fdd1f5f21275b540ce9630808649f4709746e51929421b55a81680a758a5730
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
651d0936925a95457c9af5192281fa7975102b602f679aab06fe0e11ae452d99
6654f6e76687658776422a021761b6759e8412b3097f854f41c8e9fd65738765
6700cc79f4b6c67f0c884c9f4be1c9dba2a75bca40fc1eeabc6bd0ddeb53abe2
6b86b3e45bd3e74912705f47404dde5182854046d1a49b64772a0da89064f193
6bd506d50438df4cecf68bd2289b779b6fd30fdbc2a9f1b20f6a769c107f4082
713eeee08e685504bd17657a7549dd7602325663ad04ffb0d55c7c9373214593
72b387bc00e9f93fab3ec212d92eaa77690dbdcce950afb73b0782aaa44d9afd
72d20fa4a67a43c5fc0dc10c720ab3f09d40a23e44f5741387c6a4ca808b6244
73a588aab17fe153f14cb2b92d3952f5bffe3820dc48d1a2547f371776b47304
77973e0c257a8625528c0617fc26b0f645f9467f34b9ab99954575dbe149fe35
796d5bfd097d0e86027ddee396e6319a9af7f02644aec546358cc62f6dfb3ab2
7a917a0abdaf6a530ac853533995a73d73a84922d0d04f06e99a0e83f29cf786
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
81c467185f61095c2fa999c7d9aa86ff8671a02aecbe81c2bd177df95293b6a8
824abd43200e413d955f23647f5ac04e1a87b50add87d7c0378f3999472ffd88
83392a77dd31995c1ec34eaf3de968c1a4c90dc2483ecdfe29c68fbe0cfd1609
841214c4831e1a32c1edc646cbb1c4e1ab2976241a6df18fb557297dfdc175ab
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f3264c89ca957032853a52c1d0524ddc9ec272ed4cbc8d13023edd6efa2262b
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
90961e6b40504f97b4dc10e6d5bde5fb39b32e6497743b828fe4ba627f211d44
91879fa9466c632bc4a815e9376fb7d05c91cac2f5e687a47a66a767b5c12ff3
91d745a6380b48b9fa5eb3f2c342fb3b4403b274e368bbfcfe0c8c762df4fbac
948fa2ad2c6f5a9270e00b4097418ea3162922a8c3d6fc8615e61dd595fa3cfa
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba3e7d560209ed29ced826d0497d319ac99adaa309e095442568e253e9fca49
9e7a88719912d60746aee2ecee3709ba19590afc27a332ea01cf169dbe1f58c9
a42b6109e927fad968626dcd1d1e4a080dc381c7407d338b0674fb7f61c612de
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6529146648bf3b53425beb118980687746e7d6e281dc3f099b72ac2652cb528
aaa4bfeadeaeaa2b9062d0dd54a1f8ba2e7bb9c029b2e5894441073e9967151a
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
bbaa23f0be34f97cd5a8554d41c6b8231cc6f4b67388c02e67a830aaa9098d85
c14c5e17dfe628e18a965eebff2c03cc7cd0fdb06529f6415a800dedf57884c8
c4770977e0bd5d2dec525192f1ecb4e9270ac7a34536e591eef47f779e8b2c51
c944ee5b6059b536d68e6a123e71582f176eea82dd4d22cc3299b5372657277a
cd1aabec2b79469e7cf31b6ce8bcb7045e9181cbc218443bca2d3f46fbb99f4a
d069cd81491103db33c21039b9e9dac36e4364b2f9ca19cb7cf74887a74128e7
d198be1dbaa640e31c1e7af92bb27e30688d1410ea672e188ebedd267696d579
d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded949ad3069c4d3a62a96d417402d678fbadc74e5373ed79389ebce3ffa892c
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7c7a89f84427a0e2f60a80a06869475e2c8d672c3a362de715404dae00955a4
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ad10c2437cbc3e745656ad6fd5dc7521809b8e9878ee7fb7050aa9794ed7f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f2874874e4678ac82d8a4a341cd3995fba4bc078116dddf1f522748f501233
f81704626fe9caa119a2f0fe791fc288621b0eec01678dc65f024099ce4107e5
f9d8f2af51a77a257e6df7d488c0ae02d0bce3a7c9221f7cfb110530a289fa3d

www.exedb.com Open in urlscan Pro 92.204.128.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

189 Requests

91 %HTTPS

57 %IPv6

29 Domains

42 Subdomains

31 IPs

8 Countries

2502 kBTransfer

5058 kBSize

35 Cookies

3 Outgoing links

Page URL History

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.exedb.com Open in urlscan Pro
92.204.128.206 Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

91 %
HTTPS

57 %
IPv6

29
Domains

42
Subdomains

31
IPs

8
Countries

2502 kB
Transfer

5058 kB
Size

35
Cookies

189 HTTP transactions
6 data transactions