m.ed3s.com Open in urlscan Pro
148.251.178.89  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

• http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit&ver=12.4 HTTP 301
• https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit&ver=12.4

Request Chain 56

• https://googleads.g.doubleclick.net/pagead/adview?ai=CiIaLAMLjZOz6Hv6lpt8P15a5yAKQtZPAcrff1s3CEZ-v6MjFOBABIObuuypglYKAgJAHoAH-_eKWAcgBAagDAcgDywSqBLoBT9B3FlOUDcn42kFl3jKm2dqdp0A0RvWmDsX2uJjd5UgSxAfkRD_kyBzWkJUEgVAop-6w9tqlSRCVRu_F4tDzLw9TILgwrQlrb7KrAyaPww2n4_sg7ZJn5AUmRlS5OYBZ6W7t72v0tLEJp8B6z7DF9NVQRK0jBwG3CgtndHvQBfbXLXrjoQjc990TL8hmkpbvioZ5rtE4bxWFtOUSnZycjqmhoICYaQq6oDMZNwoYYG-QX-_Ap79q5412wATNu8_dlgSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH6oGd6QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDoqgbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mglIaHR0cHM6Ly9wYy5ldm9ueS5jb20vcGMvZG93bmxvYWRoLmh0bWw_Y2FtcGFpZ25pZD0xOTU0NDUyMzgxOSZhZGdyb3VwaWQ9gAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTM3NTYxMTEyNzEwNTEwMjIYAA&sigh=Rs3-10ORISY&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWgs7ByRWXyW3telRmxAN-5UKRql8o4hgB&template_id=5001&nis=5 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215579342374826715954%22,%22debug_reporting%22:true,%22destination%22:%22https://evony.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22316194558%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214396689184029075441%22}&andc=true

Request Chain 65

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 109

• https://googleads.g.doubleclick.net/pagead/adview?ai=CoGVtAMLjZP_ZIIj89wXhp4uwBNfmwfNxiNrm9fURZBABIObuuypglYKAgJAHoAHv4riTAcgBCakC7bKZ7lzEYz6oAwHIA8sEqgTOAU_QH5vYzcU4NwYbHkcq37S-zmp5SXwwnw6JIQzUUwvAYhKizqkacpWU8VUQYDQg1zwHU5nJlNs4FOwRcBq3GtaF5GOiPrqH94VvBqvQx3Yp4Kmyo2MF3OndWbNxy9JlCPIFVUwkRoq3_oM9vFVY5ukH4FFWNBTv54-RrxgDnkIlHd0nBtMvM91KHusxNIuakx2dtu-Ll5bwEttJZqDWV557GaSsgKUxhcmOOxfOVDIksepuoNn7HZWeDnMKCxzeG1XF9oUDYX2HPauKeBS_wASMiO7byASSBQQIBBgBkgUECAUYBKAGLoAH-ZzH7AKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCvggXSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkbaHR0cHM6Ly9lc3RldGlraW5jaW0uY29tL2RlgAoByAsBwhMGGO_iuJMB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTM3NTYxMTEyNzEwNTEwMjIYAA&sigh=ev29m1-J9kw&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWtSO52FHPbwuwUOrlJqWOnI5csmmEtxgB&template_id=5000&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216770959132669634111%22,%22debug_reporting%22:true,%22destination%22:%22https://estetikincim.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22309211503%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215490094040976616017%22}&andc=true

Request Chain 111

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 127

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF6eTqH5vhysCDhGVDUPn6I&google_cver=1&google_push=AXcoOmQXvUOAPokRBPcmzFzXINBtN146OMqgTKwtmC4LhuDWsZUXcG44xbsWVKy1ybkvfvsTcz9DiVZYNiTJDJ7ZxM-bT2XxsGU42Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF6eTqH5vhysCDhGVDUPn6I&google_push=AXcoOmQXvUOAPokRBPcmzFzXINBtN146OMqgTKwtmC4LhuDWsZUXcG44xbsWVKy1ybkvfvsTcz9DiVZYNiTJDJ7ZxM-bT2XxsGU42Q

Request Chain 129

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIUkJUJZ9rMYSo3Z9z04ETk&google_cver=1&google_push=AXcoOmRSDXBz6K9Jonh-HvrGmZ0ToLoM06Am48KQvx9hYo2fX0bDOal3Opb3T7OG55iuwg2VHP2w7selstP9VsqaUBM4BlGM20zIe-U HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRSDXBz6K9Jonh-HvrGmZ0ToLoM06Am48KQvx9hYo2fX0bDOal3Opb3T7OG55iuwg2VHP2w7selstP9VsqaUBM4BlGM20zIe-U&google_hm=McSfCsbOTOiZW00MfmxW4Bs

Request Chain 130

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELGstFW9tAxNMrbmqh7PpXM&google_cver=1&google_push=AXcoOmT1jYLPgM0YGGaP_jZv1hfOdN4zOqCjlP4pzIHd4oIp4rSRL9xSsjheJUMZVwdRsLRL_wEFQEwro-T443h_kIjJWNwJH6-6Hw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTg2NzUzNzM2MzM2ODA5Ng%3D%3D&google_push=AXcoOmT1jYLPgM0YGGaP_jZv1hfOdN4zOqCjlP4pzIHd4oIp4rSRL9xSsjheJUMZVwdRsLRL_wEFQEwro-T443h_kIjJWNwJH6-6Hw

Request Chain 132

• https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELIqZu_Smj727bne0_2qbiM&google_cver=1&google_push=AXcoOmQPD5ttgZEK7jfKlABhkdhBvBiuu-gE0De20GI6-9kwb9R5c__vNgpGWaz8NtJP0z2yIqiw7pg5A6O0hlyGbQuCAxWrq4Q6Y4XT HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQPD5ttgZEK7jfKlABhkdhBvBiuu-gE0De20GI6-9kwb9R5c__vNgpGWaz8NtJP0z2yIqiw7pg5A6O0hlyGbQuCAxWrq4Q6Y4XT HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 139

• https://googleads.g.doubleclick.net/pagead/adview?ai=CRCZ7AcLjZNyhJdrVtwfJu7nQDuKH05Ry1fumh9IR2dkeEAEg5u67KmCVgoCAkAegAdv8uvEDyAEJqAMByAPLBKoEugFP0PTPe31-UuOS5Aw8mP1J7MEvOCf4YKC7sm5YOfcgyMP8Kwz74DZr2oD18bZDtANZQzob0sV4eG1KqclSqDjD0YhrZF7Pa417ibOyjEQdoWoElpVDJWrfRmxZ0vOkzZO2X99jmW2K8uzfZIVxZW-G8mRIDjPdaIYFsL1aLuPSV2MkDRUeYw65qXM8ukTXmqGbLW7o7OPV0TR0iiavnPOdONXkEm2rLGkZsCM0bUFArk8j4WftG0xScanABKbB782sBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAet4qjQAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKPMA9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCa8CaHR0cHM6Ly93d3cuY2FwdGVycmEuY29tLmRlL2RpcmVjdG9yeS8zMDA2MC9hcHBsaWNhbnQtdHJhY2tpbmcvc29mdHdhcmU_dXRtX2NvbnRlbnQ9ZCZ1dG1fc291cmNlPXBkaXMtZ29vZ2xlJnV0bV9tZWRpdW09Y3BjJmFjY291bnRfY2FtcGFpZ25faWQ9MjA0MzU4MjU1MDkmYWNjb3VudF9hZGdyb3VwX2lkPTE0OTQxMzQyMTIyMiZhZF9pZD02Njg3OTk5MDI4MjgmdXRtX2NhbXBhaWduPToxOkNBUDoyOlRMRC1ERTozOkRFOjQ6QUxMOjU6QkFVOjY6U09GOjc6RGVza3RvcDo5OkFwcGxpY2FudF9UcmFja2luZzoxNDpQU1Q6MTU6TEFMgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTM3NTYxMTEyNzEwNTEwMjIYAA&sigh=jzbNEk7HZJw&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWr79EAZC3B--SxjFMrj6j7rumUz-DWpT6yUJPAoD7h8W2-pxhsb_Cw61n0y_-TFilNUdlFqqVGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225760121192457543831%22,%22debug_reporting%22:true,%22destination%22:%22https://capterra.com.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221043250779%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213640469869945110273%22}&andc=true

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response m.ed3s.com/	62 KB 14 KB	854ms 816ms	Document text/html	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.7 Resource Hash 54edb2b11cb61e82a3d1191d346a641894e4d8d224334a0115881e839dd0e29b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 13696 Content-Type text/html; charset=UTF-8 Date Mon, 21 Aug 2023 19:58:54 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Link <https://m.ed3s.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/3AekT>; rel=shortlink Pragma no-cache Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips Vary Accept-Encoding,User-Agent X-Powered-By PHP/7.4.7
GET H/1.1	200 OK	style-rtl.min.css m.ed3s.com/wp-includes/css/dist/block-library/	102 KB 14 KB	49ms 28ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.3 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Wed, 09 Aug 2023 13:33:57 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "19770-6027d880eda67-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 13789
GET H/1.1	200 OK	style.css m.ed3s.com/wp-content/plugins/quotes-collection/blocks/quotes/	1009 B 669 B	49ms 25ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/plugins/quotes-collection/blocks/quotes/style.css?ver=1569198674 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash ca3d4584b2a1ca4e4b9c74acb052031959d1183968e6d2ca4ade041baa4a13f3 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Mon, 23 Sep 2019 00:31:14 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "3f1-5932d89942b9c-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 304
GET H/1.1	200 OK	style.css m.ed3s.com/wp-content/plugins/quotes-collection/blocks/random-quote/	2 KB 834 B	51ms 25ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/plugins/quotes-collection/blocks/random-quote/style.css?ver=1569198674 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 85a6c493add08ae2d5f540c060924c5c76a90f770481969858aefcf68e45ff43 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Mon, 23 Sep 2019 00:31:14 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "69e-5932d89942b9c-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 469
GET H/1.1	200 OK	view.rtl.css m.ed3s.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/	603 B 639 B	53ms 26ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.rtl.css?minify=false&ver=34ae973733627b74a14e Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash b98c51354d83317cf84aa4fd6c8fcf019ee20bbd63a0afd9767b26201e3b93cb Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Tue, 01 Aug 2023 16:02:54 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "25b-601deae06cfa7-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 274
GET H/1.1	200 OK	mediaelementplayer-legacy.min.css m.ed3s.com/wp-includes/js/mediaelement/	11 KB 3 KB	54ms 25ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Fri, 11 Dec 2020 18:21:38 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "2bf8-5b6345d06c03c-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2592
GET H/1.1	200 OK	wp-mediaelement.min.css m.ed3s.com/wp-includes/js/mediaelement/	4 KB 1 KB	54ms 25ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.3 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Wed, 25 Mar 2020 15:40:09 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "105a-5a1afaeebcaee-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1156
GET H/1.1	200 OK	quotes-collection.css m.ed3s.com/wp-content/plugins/quotes-collection/css/	884 B 779 B	76ms 27ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/plugins/quotes-collection/css/quotes-collection.css?ver=2.5.2 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash f830c443b13b05924b14dee599cdf13395271a7c45bdb34a0a5b3ef86211677c Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Mon, 23 Sep 2019 00:31:14 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "374-5932d899427b4-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 415
GET H/1.1	200 OK	base.min.css m.ed3s.com/wp-content/themes/jannah/assets/css/	41 KB 9 KB	75ms 26ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/css/base.min.css?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 1b48190f6b5b95ba8b42c901a7cfe7f786d19ceb89332eb68a00fd0d74e80134 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Wed, 08 Feb 2023 14:40:54 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "a41f-5f431405d8980-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8564
GET H/1.1	200 OK	style.min.css m.ed3s.com/wp-content/themes/jannah/assets/css/	151 KB 26 KB	82ms 32ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/css/style.min.css?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash c4c0e22071925cf9cc48ccd51af150f3a8ca2bd0df1dff4a50026ea79c86010d Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Fri, 31 Mar 2023 21:50:39 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "25a18-5f839332d89c0-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 25767
GET H/1.1	200 OK	widgets.min.css m.ed3s.com/wp-content/themes/jannah/assets/css/	47 KB 9 KB	79ms 27ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 3f295206eda7b6fcf3e4ddb59fd71bb078467c268ee5f2a214f1f9928c109f3d Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Sat, 01 Apr 2023 04:31:06 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "baae-5f83ecb4c7680-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8606
GET H/1.1	200 OK	helpers.min.css m.ed3s.com/wp-content/themes/jannah/assets/css/	39 KB 8 KB	81ms 27ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash fcee59682cffa6913f1d8cdbb0bd1f5632f8e8533c518bec64c88e4d18dadd52 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Mon, 20 Mar 2023 08:59:09 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "9d07-5f75123d31140-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 7754
GET H/1.1	200 OK	fontawesome.css m.ed3s.com/wp-content/themes/jannah/assets/css/	57 KB 13 KB	82ms 29ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Sat, 04 Jul 2020 10:01:46 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "e526-5a99abab47680-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 12546
GET H/1.1	200 OK	skin.css m.ed3s.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/	12 KB 3 KB	101ms 26ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Sat, 14 Nov 2020 18:20:14 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "2ef2-5b41532413380-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2241
GET H/1.1	200 OK	shortcodes.min.css m.ed3s.com/wp-content/themes/jannah/assets/css/plugins/	13 KB 3 KB	102ms 27ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash f731ebe4dbcb9350959ba58c97711b0a5a25adf8a63b6ad1244c17f8ac8b708b Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Fri, 09 Dec 2022 00:01:36 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "3533-5ef59db6c7800-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 3160
GET H/1.1	200 OK	style-custom.css m.ed3s.com/wp-content/themes/jannah/assets/custom-css/	9 KB 2 KB	111ms 28ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/custom-css/style-custom.css?ver=23970 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash b9d1adbd91ecdd8e1ce6497b760fa624456c75a6e77b42208bd3527d33729374 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Wed, 16 Aug 2023 04:01:16 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "2290-6030258ead73e-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1900
GET H/1.1	200 OK	jetpack-rtl.css m.ed3s.com/wp-content/plugins/jetpack/css/	98 KB 18 KB	112ms 28ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/plugins/jetpack/css/jetpack-rtl.css?ver=12.4 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash f0ce4492975c1fb63366b3853c6b3e3e3dbcc283c55922cfb9d8f1f5cbd9066d Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Tue, 01 Aug 2023 16:02:54 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "18712-601deae037ffe-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 18260
GET H/1.1	200 OK	jquery.min.js Show response m.ed3s.com/wp-includes/js/jquery/	85 KB 30 KB	130ms 29ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Wed, 09 Aug 2023 13:33:56 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "155ba-6027d880d309e-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 30343
GET H/1.1	200 OK	jquery-migrate.min.js Show response m.ed3s.com/wp-includes/js/jquery/	13 KB 5 KB	130ms 27ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Wed, 09 Aug 2023 13:33:56 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "3509-6027d880d309e-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 4872
GET H/1.1	200 OK	quotes-collection.js Show response m.ed3s.com/wp-content/plugins/quotes-collection/js/	4 KB 1 KB	129ms 25ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/plugins/quotes-collection/js/quotes-collection.js?ver=2.5.2 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash c0766ccfd1122c0b085148cf45f6e751405eebc343e9f8ce8f4f5a6ede6c86f4 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Mon, 23 Sep 2019 00:31:14 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "e45-5932d89944adc-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1099
GET H/1.1	200 OK	rtl.css m.ed3s.com/wp-content/themes/jannah/	41 KB 7 KB	110ms 27ms	Stylesheet text/css	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/rtl.css Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 01fafcbe6f1d6a0714f0700850de7f538466d24f26adfaacca8128275d8dfe8c Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Wed, 08 Feb 2023 14:41:13 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "a545-5f431417f7440-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 7222
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	151 KB 54 KB	100ms 71ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 28e653bdbb5f4b1e75e6121ad39a5be237da97743fd2d69fb78505d205d39b6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip X-Content-Type-Options nosniff P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Length 54422 X-XSS-Protection 0 Server cafe ETag 161382791639792892 Vary Accept-Encoding Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control private, max-age=3600 Timing-Allow-Origin * Expires Mon, 21 Aug 2023 19:58:55 GMT
GET H/1.1	200 OK	image-cdn.js Show response m.ed3s.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/	701 B 761 B	136ms 25ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Tue, 01 Aug 2023 16:02:54 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "2bd-601deae063b37-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 383
GET H/1.1	200 OK	frontend.js Show response m.ed3s.com/wp-content/plugins/accesspress-anonymous-post/js/	6 KB 1 KB	118ms 26ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/plugins/accesspress-anonymous-post/js/frontend.js?ver=2.8.2 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash e5158f25cdcfffe9f97cbb63bfefce9628e50e59bd125420b99391a41a583df7 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Tue, 24 May 2022 20:10:35 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "1837-5dfc78cb47ef0-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1098
GET H/1.1	200 OK	comment_count.js Show response m.ed3s.com/wp-content/plugins/disqus-comment-system/public/js/	889 B 818 B	136ms 25ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Mon, 24 Apr 2023 08:09:11 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "379-5fa108595a92d-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 440
GET H/1.1	200 OK	scripts.min.js Show response m.ed3s.com/wp-content/themes/jannah/assets/js/	23 KB 8 KB	139ms 27ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash f52ec3f4d0b043a36683a54caef45ae1158780aede5f886a6a1b63b61668e0d3 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Tue, 27 Dec 2022 14:19:05 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "5b9d-5f0cfef2aa840-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 7316
GET H/1.1	200 OK	lightbox.js Show response m.ed3s.com/wp-content/themes/jannah/assets/ilightbox/	80 KB 25 KB	145ms 27ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash f0df5bac42e20b19dafbdf42b5480133ffdf8885bf9d4fd9a8fa3043e3efd2ae Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Mon, 14 Feb 2022 10:29:31 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "13e34-5d7f7e45198c0-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 25478
GET H/1.1	200 OK	sliders.min.js Show response m.ed3s.com/wp-content/themes/jannah/assets/js/	48 KB 12 KB	144ms 26ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/js/sliders.min.js?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Sun, 14 Feb 2021 09:09:58 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "c0a7-5bb483bbf8580-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 11639
GET H/1.1	200 OK	shortcodes.js Show response m.ed3s.com/wp-content/themes/jannah/assets/js/	11 KB 4 KB	145ms 27ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/js/shortcodes.js?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash b965ff50c9592406d6214cebdbb0776084d3e44283fcb6448efb75be4762d68f Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Sun, 03 Jul 2022 14:49:17 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "2bb0-5e2e7b9423540-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 3913
GET H/1.1	200 OK	desktop.min.js Show response m.ed3s.com/wp-content/themes/jannah/assets/js/	18 KB 6 KB	161ms 25ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 6e16a5a4ca4df1db99b56c97829c5386e54ca43ba2087912cd90336495feeee4 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Wed, 11 Jan 2023 08:23:37 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "4653-5f1f8b789d440-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 5786
GET H/1.1	200 OK	live-search.js Show response m.ed3s.com/wp-content/themes/jannah/assets/js/	14 KB 5 KB	162ms 25ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/js/live-search.js?ver=6.2.0 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Wed, 15 Jul 2020 17:48:27 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "3909-5aa7e87f2f0c0-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 4720
GET H2	200	e-202334.js Show response stats.wp.com/	7 KB 3 KB	77ms 18ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202334.js Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers x-minify-cache hit x-nc HIT hhn date Mon, 21 Aug 2023 19:58:55 GMT content-encoding br server nginx x-minify t etag W/13576-1684464982353.1523 vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Mon, 19 Aug 2024 05:59:38 GMT
GET H/1.1	200 OK	google-translate.min.js Show response m.ed3s.com/wp-content/plugins/jetpack/_inc/build/widgets/google-translate/	796 B 817 B	166ms 26ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/plugins/jetpack/_inc/build/widgets/google-translate/google-translate.min.js?ver=12.4 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 23a3fe27a84c2a2efe9b4099b5f05546b6b83418ddb0560548004323ac02e4ba Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip Last-Modified Tue, 01 Aug 2023 16:02:54 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "31c-601deae058b6f-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 439
GET H2	200	element.js Show response translate.google.com/translate_a/ Redirect Chain http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit&ver=12.4 https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit&ver=12.4	85 KB 30 KB	103ms 52ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit&ver=12.4 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol H2 Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1948c5481c88b564284ef245b40dde2b50ec169077b32eea13c2eaab9eeb21fc Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Mon, 21 Aug 2023 19:58:55 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 21 Aug 2023 19:58:55 GMT X-Content-Type-Options nosniff Server ESF Cross-Origin-Opener-Policy same-origin-allow-popups X-Frame-Options SAMEORIGIN Content-Type application/binary Location https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit&ver=12.4 Cache-Control no-cache, no-store, max-age=0, must-revalidate Content-Length 0 X-XSS-Protection 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET BLOB	200 OK	0a62068f-bb65-400e-8983-7af12b6d1ff6 http://m.ed3s.com/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://m.ed3s.com/0a62068f-bb65-400e-8983-7af12b6d1ff6 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
GET H/1.1	200 OK	count.js Show response ed3s.disqus.com/	1 KB 2 KB	100ms 25ms	Script application/javascript	199.232.196.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ed3s.disqus.com/count.js Requested by Host: m.ed3s.com URL: http://m.ed3s.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 199.232.196.134 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=300; includeSubdomains X-Amz-Cf-Pop DFW3-C1 Age 241 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 871 X-XSS-Protection 1; mode=block Last-Modified Thu, 10 Aug 2023 22:01:45 GMT Server nginx ETag "64d55e49-367" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=300 Link <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect X-Amz-Cf-Id lo1zQ0yv0kVmEEzodnsIyJC18mrvrVKjaF5jQUwlniiov7LYj18kBA==
GET H/1.1	200 OK	tielabs-fonticon.woff m.ed3s.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/	40 KB 40 KB	27ms 26ms	Font font/woff	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff Requested by Host: m.ed3s.com URL: http://m.ed3s.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.2.0 Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash f1bc17112f84d3e3b9e381a292e9ee6263cfb0706f07e34501396dee3a7c8a2a Request headers Referer http://m.ed3s.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.2.0 Origin http://m.ed3s.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Last-Modified Sun, 03 Jul 2022 15:06:22 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "9f6c-5e2e7f65a7780" Vary User-Agent Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 40812
GET H/1.1	200 OK	fa-solid-900.woff2 m.ed3s.com/wp-content/themes/jannah/assets/fonts/fontawesome/	78 KB 78 KB	25ms 25ms	Font font/woff2	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.2.0 Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7 Request headers Referer http://m.ed3s.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.2.0 Origin http://m.ed3s.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:55 GMT Last-Modified Mon, 23 Mar 2020 12:46:02 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "13654-5a18504837680" Vary User-Agent Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 79444
GET H2	200	m=el_main_css www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/	22 KB 5 KB	72ms 20ms	Stylesheet text/css	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.de.s-hi9y3BGD0.O/d=1/rs=AN8SPfrOtzS8wdeiJfkMY7fZzRRBiGxmqA/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sun, 20 Aug 2023 14:50:57 GMT content-encoding gzip x-content-type-options nosniff age 104879 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4144 x-xss-protection 0 last-modified Sat, 15 Jul 2023 01:09:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="rosetta" vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 19 Aug 2024 14:50:57 GMT
GET H2	200	m=el_main Show response translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.s-hi9y3BGD0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOtzS8wdeiJfkMY7fZzRRBiGxmqA/	214 KB 76 KB	86ms 24ms	Script text/javascript	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.s-hi9y3BGD0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOtzS8wdeiJfkMY7fZzRRBiGxmqA/m=el_main Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.de.s-hi9y3BGD0.O/d=1/rs=AN8SPfrOtzS8wdeiJfkMY7fZzRRBiGxmqA/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b793f5d22ad718abf35ec4c17097402732ca94a52ccc691ba458e81b1a2f4526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 17:59:46 GMT content-encoding gzip x-content-type-options nosniff age 7150 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77340 x-xss-protection 0 last-modified Sat, 19 Aug 2023 03:12:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="rosetta" vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 20 Aug 2024 17:59:46 GMT
GET H/1.1	200 OK	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1/	13 KB 6 KB	40ms 20ms	Script text/javascript	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Wed, 16 Aug 2023 08:31:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff Age 473243 Content-Security-Policy-Report-Only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers Cross-Origin-Resource-Policy cross-origin Content-Length 5437 X-XSS-Protection 0 Last-Modified Tue, 03 Mar 2020 19:15:00 GMT Server sffe Cross-Origin-Opener-Policy same-origin; report-to="hosted-libraries-pushers" Vary Accept-Encoding Report-To {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000, stale-while-revalidate=2592000 Accept-Ranges bytes Timing-Allow-Origin * Expires Thu, 15 Aug 2024 08:31:33 GMT
GET H/1.1	200 OK	g.gif pixel.wp.com/	50 B 247 B	46ms 20ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.wp.com/g.gif?v=ext&blog=52963927&post=0&tz=3&srv=m.ed3s.com&j=1%3A12.4&host=m.ed3s.com&ref=&fcp=1146&rand=0.7035171024715425 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 21 Aug 2023 19:58:56 GMT Cache-Control no-cache Server nginx Connection keep-alive Content-Length 50 Content-Type image/gif
GET H/1.1	200 OK	wp-emoji-release.min.js Show response m.ed3s.com/wp-includes/js/	18 KB 5 KB	29ms 28ms	Script application/javascript	148.251.178.89 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://m.ed3s.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3 Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol HTTP/1.1 Server 148.251.178.89 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server.maas1.com Software Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:56 GMT Content-Encoding gzip Last-Modified Mon, 03 Apr 2023 16:22:29 GMT Server Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips ETag "4904-5f870f71925fa-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 5039
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/	392 KB 132 KB	144ms 92ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 115e3a3296504503667d111d734a0f805dce5036d3c39e9b61aa15854418dd74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 134821 x-xss-protection 0 server cafe etag 702412630296028157 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 21 Aug 2023 19:58:56 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame 0BEA	10 KB 5 KB	74ms 21ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://m.ed3s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 44402 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4542 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 07:38:54 GMT etag 13776922816869014096 expires Mon, 04 Sep 2023 07:38:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	css fonts.googleapis.com/	2 KB 1 KB	51ms 29ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.googleapis.com/css?family=El+Messiri%7CEl+Messiri&subset=latin,latin&display=swap Requested by Host: ajax.googleapis.com URL: http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js Protocol HTTP/1.1 Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bc5ac9cb83fac26442d70010fce37084923b3addb8476e7e375457276f3eaf59 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 19:58:56 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin X-XSS-Protection 0 Last-Modified Mon, 21 Aug 2023 19:58:56 GMT Server ESF Cross-Origin-Opener-Policy same-origin-allow-popups X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=86400, stale-while-revalidate=604800 Timing-Allow-Origin * Link <http://fonts.gstatic.com>; rel=preconnect; crossorigin Expires Mon, 21 Aug 2023 19:58:56 GMT
GET DATA	200 OK	truncated Show response / Frame 203E	1 KB 1 KB		Document text/html
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b7637a4cc7e15b52376c9dba975683af0b7987a44b3d05200747c035a6852274 Request headers Referer http://m.ed3s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Type text/html;charset=UTF-8
GET H2	200	24px.svg fonts.gstatic.com/s/i/productlogos/translate/v14/	6 KB 4 KB	73ms 21ms	Image image/svg+xml	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sun, 20 Aug 2023 10:25:09 GMT content-encoding gzip x-content-type-options nosniff age 120827 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3340 x-xss-protection 0 last-modified Wed, 20 Apr 2022 14:24:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 19 Aug 2024 10:25:09 GMT
GET H2	200	googlelogo_color_42x16dp.png www.gstatic.com/images/branding/googlelogo/1x/	910 B 1 KB	21ms 20ms	Image image/png	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 18:49:36 GMT x-content-type-options nosniff age 4160 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 910 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 20 Aug 2024 18:49:36 GMT
GET H3	200	translate_24dp.png www.gstatic.com/images/branding/product/2x/	2 KB 2 KB	21ms 21ms	Image image/png	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/2x/translate_24dp.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sun, 20 Aug 2023 17:00:01 GMT x-content-type-options nosniff age 97135 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1842 x-xss-protection 0 last-modified Thu, 14 Oct 2021 09:08:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 19 Aug 2024 17:00:01 GMT
GET H/1.1	200 OK	K2FhfZBRmr9vQ1pHEey6GIGo8_pv3myYjuXwe55njDw.woff2 fonts.gstatic.com/s/elmessiri/v22/	13 KB 14 KB	40ms 21ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/elmessiri/v22/K2FhfZBRmr9vQ1pHEey6GIGo8_pv3myYjuXwe55njDw.woff2 Requested by Host: fonts.googleapis.com URL: http://fonts.googleapis.com/css?family=El+Messiri%7CEl+Messiri&subset=latin,latin&display=swap Protocol HTTP/1.1 Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e3f2d240a3bd7ddbc5c9bf8599300fa03c640b5a4fd864dd14fb5dbf9e3421d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://fonts.googleapis.com/ Origin http://m.ed3s.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 15 Aug 2023 13:07:16 GMT X-Content-Type-Options nosniff Age 543100 Content-Security-Policy-Report-Only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy cross-origin Content-Length 13712 X-XSS-Protection 0 Last-Modified Mon, 20 Mar 2023 22:52:33 GMT Server sffe Cross-Origin-Opener-Policy same-origin; report-to="apps-themes" Report-To {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Expires Wed, 14 Aug 2024 13:07:16 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	383 B 599 B	110ms 29ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=m.ed3s.com&callback=_gfp_s_&client=ca-pub-3756111271051022 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d5ec156b2474ee8e5e08884c91285196fd0d0fe50bb3683682b3b0d708305298 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 247 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D90B	105 KB 36 KB	646ms 645ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9c8190d9708d68b396eaf26c62478c14335a2b60cfb60bf1c10c727424a643d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://m.ed3s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 36632 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 19:58:56 GMT expires Mon, 21 Aug 2023 19:58:56 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 86EC	561 KB 103 KB	881ms 880ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&adk=2969136045&adf=3689892565&lmt=1692640736&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=http%3A%2F%2Fm.ed3s.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&dt=1692647936084&bpp=4&bdt=380&idt=267&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&nras=1&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=282 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e02a388fa289334958e46eef5eb253d347ad9a6f5292ee59694d5a296ae65956 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://m.ed3s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 105584 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 19:58:57 GMT expires Mon, 21 Aug 2023 19:58:57 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	K2FhfZBRmr9vQ1pHEey6GIGo8_pv3myYjuXwe55ijDz-oQ.woff2 fonts.gstatic.com/s/elmessiri/v22/	11 KB 12 KB	20ms 20ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/elmessiri/v22/K2FhfZBRmr9vQ1pHEey6GIGo8_pv3myYjuXwe55ijDz-oQ.woff2 Requested by Host: fonts.googleapis.com URL: http://fonts.googleapis.com/css?family=El+Messiri%7CEl+Messiri&subset=latin,latin&display=swap Protocol HTTP/1.1 Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash feef7f45ec65c0f533bbd80ffcc80f7e5bd9af8944368b05a60fb789496d4a55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://fonts.googleapis.com/ Origin http://m.ed3s.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 15 Aug 2023 13:07:16 GMT X-Content-Type-Options nosniff Age 543100 Content-Security-Policy-Report-Only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy cross-origin Content-Length 11100 X-XSS-Protection 0 Last-Modified Mon, 20 Mar 2023 22:53:56 GMT Server sffe Cross-Origin-Opener-Policy same-origin; report-to="apps-themes" Report-To {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Expires Wed, 14 Aug 2024 13:07:16 GMT
GET H2	200	css fonts.googleapis.com/ Frame D90B	14 KB 2 KB	96ms 33ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 21 Aug 2023 19:58:57 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 21 Aug 2023 18:57:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 21 Aug 2023 19:58:57 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame D90B	2 KB 973 B	87ms 24ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11363 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame D90B Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CiIaLAMLjZOz6Hv6lpt8P15a5yAKQtZPAcrff1s3CEZ-v6MjFOBABIObuuypglYKAgJAHoAH-_eKWAcgBAagDAcgDywSqBLoBT9B3FlOUDcn42kFl3jKm2dqdp0A0RvWmDsX2uJjd5UgSxAf... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215579342374826715954%22,%22debug_reporting%22:true,%22destination%22:%22https://evony.com%22,%22event_report_window%22:%22...	0 0	106ms 59ms	Fetch text/css	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215579342374826715954%22,%22debug_reporting%22:true,%22destination%22:%22https://evony.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22316194558%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214396689184029075441%22}&andc=true Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H3 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:57 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"15579342374826715954","debug_reporting":true,"destination":"https://evony.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["316194558"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"14396689184029075441"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 21 Aug 2023 19:58:57 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 21 Aug 2023 19:58:57 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15579342374826715954","debug_reporting":true,"destination":"https://evony.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["316194558"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"14396689184029075441"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame D90B	23 KB 9 KB	70ms 25ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11363 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9092 x-xss-protection 0 server cafe etag 9312205082594545078 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame C8BA	143 B 166 B	37ms 29ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 2114 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 19:23:43 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame D90B	3 KB 1 KB	72ms 30ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11372 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame D90B	20 KB 8 KB	62ms 21ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11372 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8273 x-xss-protection 0 server cafe etag 16365778639179992903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D90B	180 KB 57 KB	1255ms 1178ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:58 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57620 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1692185840427238" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 21 Aug 2023 19:58:58 GMT
GET H3	200	e822d7071992e030a786d1a51b1f59a7.js Show response www.gstatic.com/mysidia/ Frame D90B	35 KB 15 KB	35ms 27ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 14:52:49 GMT content-encoding gzip x-content-type-options nosniff age 277568 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14926 x-xss-protection 0 last-modified Fri, 18 Aug 2023 02:42:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 16 Nov 2023 14:52:49 GMT
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/13661779012606188097/ Frame D90B	5 KB 5 KB	76ms 42ms	Image image/jpeg	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/13661779012606188097/14763004658117789537?w=100&h=100 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bdce69cd0413d4b41e2cd9ae92bc650984f97784a46aa9cb595ce83c6591d3b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 07:29:31 GMT x-content-type-options nosniff age 217766 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5230 x-xss-protection 0 last-modified Tue, 27 Sep 2022 09:58:08 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 18 Aug 2024 07:29:31 GMT
GET DATA	200 OK	truncated / Frame D90B	161 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame C8BA Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	37ms 31ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 19:58:57 GMT expires Mon, 21 Aug 2023 19:58:57 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 19:58:57 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	358ms 54ms	Preflight text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215579342374826715954%22,%22debug_reporting%22:true,%22destination%22:%22https://evony.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22316194558%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214396689184029075441%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 21 Aug 2023 19:58:57 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame D90B	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 674742c6587f85e81b96d3b09fa4652f4012ee28bf3e2a6d736035345fc13b28 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/png
GET H2	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/	154 KB 53 KB	76ms 76ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/reactive_library_fy2021.js?bust=31077199 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3853a75454626ab6ee655c6804e359b473263cdf3dbba3609189804fbc3e570e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:57 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53678 x-xss-protection 0 server cafe etag 10405808640487854992 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 21 Aug 2023 19:58:57 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 0CE9	119 KB 41 KB	588ms 587ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dd1c8f4948cd7abc7322e1659ead51d318dc9d051e89a851c8d0a53de9d0b446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://m.ed3s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 42200 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 19:58:58 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/ Frame D303	10 KB 4 KB	23ms 22ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://m.ed3s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 6781 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4542 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 18:05:56 GMT etag 13776922816869014096 expires Mon, 04 Sep 2023 18:05:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/ Frame 7A94	10 KB 4 KB	22ms 22ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://m.ed3s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 6781 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4542 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 18:05:56 GMT etag 13776922816869014096 expires Mon, 04 Sep 2023 18:05:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/ Frame CCA8	10 KB 4 KB	31ms 30ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://m.ed3s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 6781 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4542 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 18:05:56 GMT etag 13776922816869014096 expires Mon, 04 Sep 2023 18:05:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/ Frame 386C	10 KB 4 KB	29ms 28ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://m.ed3s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 6781 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4542 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 18:05:56 GMT etag 13776922816869014096 expires Mon, 04 Sep 2023 18:05:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/ Frame D303	4 KB 744 B	30ms 29ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 21 Aug 2023 19:58:57 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 21 Aug 2023 18:06:09 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 21 Aug 2023 19:58:57 GMT
GET H3	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame D303	205 B 229 B	29ms 28ms	Image image/png	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 15 Aug 2023 16:54:37 GMT x-content-type-options nosniff age 529460 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 14 Aug 2024 16:54:37 GMT
GET H3	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame D303	604 B 628 B	22ms 21ms	Image image/png	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 22:30:08 GMT x-content-type-options nosniff age 163729 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 18 Aug 2024 22:30:08 GMT
GET H2	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame D303	15 KB 6 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2e047ef4f0df4b7a920fa4098e5f3b2b3c43da69b10462c37112606228b222c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:06:39 GMT content-encoding br x-content-type-options nosniff age 3138 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6441 x-xss-protection 0 server cafe etag 6802313557646952851 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 19:06:39 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame D303	20 KB 8 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 17:17:39 GMT content-encoding br x-content-type-options nosniff age 9678 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8570 x-xss-protection 0 server cafe etag 11167480076894372452 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 17:17:39 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 7A94	2 KB 926 B	34ms 30ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11363 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 7A94	23 KB 9 KB	34ms 31ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11363 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9092 x-xss-protection 0 server cafe etag 9312205082594545078 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 7A94	3 KB 1 KB	34ms 32ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11372 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 7A94	20 KB 8 KB	31ms 29ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11372 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8273 x-xss-protection 0 server cafe etag 16365778639179992903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7A94	180 KB 56 KB	433ms 431ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:58 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57620 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1692185840427238" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 21 Aug 2023 19:58:58 GMT
GET H3	200	e822d7071992e030a786d1a51b1f59a7.js Show response www.gstatic.com/mysidia/ Frame 7A94	35 KB 15 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 14:52:49 GMT content-encoding gzip x-content-type-options nosniff age 277568 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14926 x-xss-protection 0 last-modified Fri, 18 Aug 2023 02:42:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 16 Nov 2023 14:52:49 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame CCA8	2 KB 926 B	21ms 21ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11363 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame CCA8	23 KB 9 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11363 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9092 x-xss-protection 0 server cafe etag 9312205082594545078 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame CCA8	3 KB 1 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11372 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame CCA8	20 KB 8 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11372 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8273 x-xss-protection 0 server cafe etag 16365778639179992903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame CCA8	180 KB 56 KB	388ms 360ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:58 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57620 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1692185840427238" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 21 Aug 2023 19:58:58 GMT
GET H3	200	e822d7071992e030a786d1a51b1f59a7.js Show response www.gstatic.com/mysidia/ Frame CCA8	35 KB 15 KB	37ms 22ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 14:52:49 GMT content-encoding gzip x-content-type-options nosniff age 277568 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14926 x-xss-protection 0 last-modified Fri, 18 Aug 2023 02:42:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 16 Nov 2023 14:52:49 GMT
GET H3	200	css fonts.googleapis.com/ Frame 386C	7 KB 1 KB	44ms 35ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 21 Aug 2023 19:58:57 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 21 Aug 2023 19:53:34 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 21 Aug 2023 19:58:57 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 386C	2 KB 892 B	34ms 20ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11363 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 386C	23 KB 9 KB	35ms 19ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11363 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9092 x-xss-protection 0 server cafe etag 9312205082594545078 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 386C	3 KB 1 KB	47ms 33ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11372 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 386C	20 KB 8 KB	34ms 21ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11372 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8273 x-xss-protection 0 server cafe etag 16365778639179992903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H3	200	e822d7071992e030a786d1a51b1f59a7.js Show response www.gstatic.com/mysidia/ Frame 386C	35 KB 15 KB	34ms 21ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 14:52:49 GMT content-encoding gzip x-content-type-options nosniff age 277568 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14926 x-xss-protection 0 last-modified Fri, 18 Aug 2023 02:42:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 16 Nov 2023 14:52:49 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/11981786206532015136/ Frame 386C	165 KB 165 KB	43ms 34ms	Image image/jpeg	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/11981786206532015136/14763004658117789537 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 279fe4afcbf1daeed06795eeb3535a32cd8b6818f89e938e547810fb4f869638 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 07:59:50 GMT x-content-type-options nosniff age 302347 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 169416 x-xss-protection 0 last-modified Thu, 30 Mar 2023 11:36:21 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 17 Aug 2024 07:59:50 GMT
GET DATA	200 OK	truncated / Frame 386C	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 386C	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	css fonts.googleapis.com/ Frame A2F8	14 KB 1 KB	35ms 34ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 21 Aug 2023 19:58:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 21 Aug 2023 18:08:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 21 Aug 2023 19:58:58 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame A2F8	2 KB 892 B	23ms 23ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11364 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame A2F8	23 KB 9 KB	26ms 24ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11364 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9092 x-xss-protection 0 server cafe etag 9312205082594545078 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 46DA	143 B 166 B	30ms 25ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 2115 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 19:23:43 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame A2F8	3 KB 1 KB	25ms 20ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11373 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame A2F8	20 KB 8 KB	25ms 20ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11373 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8273 x-xss-protection 0 server cafe etag 16365778639179992903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame A2F8	180 KB 56 KB	278ms 271ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:58 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57620 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1692185840427238" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 21 Aug 2023 19:58:58 GMT
GET H3	200	e822d7071992e030a786d1a51b1f59a7.js Show response www.gstatic.com/mysidia/ Frame A2F8	35 KB 15 KB	26ms 22ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 14:52:49 GMT content-encoding gzip x-content-type-options nosniff age 277569 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14926 x-xss-protection 0 last-modified Fri, 18 Aug 2023 02:42:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 16 Nov 2023 14:52:49 GMT
GET DATA	200 OK	truncated / Frame 386C	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1a561502d30a630761b41906a4bc2d175e372daeb92f2d8d573a49e42f4dce3a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/png
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 386C Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CoGVtAMLjZP_ZIIj89wXhp4uwBNfmwfNxiNrm9fURZBABIObuuypglYKAgJAHoAHv4riTAcgBCakC7bKZ7lzEYz6oAwHIA8sEqgTOAU_QH5vYzcU4NwYbHkcq37S-zmp5SXwwnw6JIQzUUwv... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216770959132669634111%22,%22debug_reporting%22:true,%22destination%22:%22https://estetikincim.com%22,%22event_report_window...	0 0	58ms 57ms	Fetch text/css	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216770959132669634111%22,%22debug_reporting%22:true,%22destination%22:%22https://estetikincim.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22309211503%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215490094040976616017%22}&andc=true Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol H3 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:58 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"16770959132669634111","debug_reporting":true,"destination":"https://estetikincim.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["309211503"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"15490094040976616017"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 21 Aug 2023 19:58:58 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 21 Aug 2023 19:58:58 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16770959132669634111","debug_reporting":true,"destination":"https://estetikincim.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["309211503"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"15490094040976616017"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response pagead2.googlesyndication.com/bg/ Frame 60D2	37 KB 14 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sun, 20 Aug 2023 13:24:43 GMT content-encoding br x-content-type-options nosniff age 110055 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14754 x-xss-protection 0 last-modified Mon, 14 Aug 2023 12:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 19 Aug 2024 13:24:43 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 46DA Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	44ms 43ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 19:58:58 GMT expires Mon, 21 Aug 2023 19:58:58 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 19:58:58 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	css fonts.googleapis.com/ Frame 0CE9	14 KB 1 KB	32ms 31ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 21 Aug 2023 19:58:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 21 Aug 2023 18:49:30 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 21 Aug 2023 19:58:58 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 0CE9	2 KB 892 B	20ms 19ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11364 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 0CE9	23 KB 9 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:34 GMT content-encoding br x-content-type-options nosniff age 11364 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9092 x-xss-protection 0 server cafe etag 9312205082594545078 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:34 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 0CE9	3 KB 1 KB	33ms 32ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11373 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 0CE9	20 KB 8 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 16:49:25 GMT content-encoding br x-content-type-options nosniff age 11373 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8273 x-xss-protection 0 server cafe etag 16365778639179992903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 04 Sep 2023 16:49:25 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 0CE9	0 0	37ms 36ms	Image text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTleEBvGFpT3iDfkvjwU22jJM6XtsnRgd53oS_lrLrNX8fomdlgbDlV3FfQzsInN4S_I4h1oOLx8tpdnEQKiqUglsfwQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0CE9	180 KB 56 KB	115ms 113ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:58 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57620 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1692185840427238" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 21 Aug 2023 19:58:58 GMT
GET H3	200	e822d7071992e030a786d1a51b1f59a7.js Show response www.gstatic.com/mysidia/ Frame 0CE9	35 KB 15 KB	36ms 35ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 14:52:49 GMT content-encoding gzip x-content-type-options nosniff age 277569 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14926 x-xss-protection 0 last-modified Fri, 18 Aug 2023 02:42:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 16 Nov 2023 14:52:49 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	58ms 57ms	Preflight text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216770959132669634111%22,%22debug_reporting%22:true,%22destination%22:%22https://estetikincim.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22309211503%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215490094040976616017%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 21 Aug 2023 19:58:58 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	14710147350184484473 tpc.googlesyndication.com/simgad/ Frame 0CE9	21 KB 21 KB	27ms 27ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/14710147350184484473?w=600&h=314 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a3a668bcd23681573a0775e21bd730881fdf3cc0fd4e79b40d60f5b8a3593a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Wed, 16 Aug 2023 04:18:05 GMT x-content-type-options nosniff age 488453 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21946 x-xss-protection 0 last-modified Mon, 22 May 2023 15:38:37 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 15 Aug 2024 04:18:05 GMT
GET DATA	200 OK	truncated / Frame 0CE9	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 0CE9	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 00526e46a0cd4e0849012e53b5a9a2d003af41042d22f7cd4d6e2aaeb38577fd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 53D1	1 KB 643 B	47ms 35ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 25261 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 12:57:57 GMT etag 48472445140208031 expires Tue, 22 Aug 2023 12:57:57 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 0CE9	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 487fe78d5d5d3f99fd0f30fb299eb4f6c0085a90390ddd0a7270c0cb3d34ee83 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dpixel cms.quantserve.com/ Frame 53D1	35 B 464 B	89ms 22ms	Image image/gif	2620:116:800d:21:b314:a0ef:ab7c:d546 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEONk5h4pUwsGCZu3TLWQXGc&google_cver=1&google_push=AXcoOmTTmKMbYEJ78ygA7J8qAQWuUAzIEfqOGC3NdPKBQneTkQSXHHWCT5nt9cH63-92yWERXE54hN3Up1Hi9YUskQ3VqRghNOJYyOg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Mon, 21 Aug 2023 19:58:58 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 53D1 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF6eTqH5vhysCDhGVDUPn6I&google_push=AXcoOmQXvUOAPokRBPcmzFzXINBtN146OMqgTKwtmC4LhuDWsZUXcG44xb...	170 B 188 B	32ms 31ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF6eTqH5vhysCDhGVDUPn6I&google_push=AXcoOmQXvUOAPokRBPcmzFzXINBtN146OMqgTKwtmC4LhuDWsZUXcG44xbsWVKy1ybkvfvsTcz9DiVZYNiTJDJ7ZxM-bT2XxsGU42Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H3 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Mon, 21 Aug 2023 19:58:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-fra-eddf8230066-FRA pragma no-cache date Mon, 21 Aug 2023 19:58:58 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1692647938.454665,VS0,VE93 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF6eTqH5vhysCDhGVDUPn6I&google_push=AXcoOmQXvUOAPokRBPcmzFzXINBtN146OMqgTKwtmC4LhuDWsZUXcG44xbsWVKy1ybkvfvsTcz9DiVZYNiTJDJ7ZxM-bT2XxsGU42Q cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H2	200	google match.adsrvr.org/track/cmf/ Frame 53D1	70 B 265 B	154ms 45ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESELdp8gcmIvEyBfS7FIkVqu4&google_cver=1&google_push=AXcoOmQ9aItqF8CQ4WVpCMH3FwMIrduNs3_4NckY8e3CdM_AsdQUVc_lhvUYVMS13VVLP-yMFo_es2V3VgH7xLRYJvmNJnYej1s9QfE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers content-type image/gif pragma no-cache date Mon, 21 Aug 2023 19:58:58 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	pixel cm.g.doubleclick.net/ Frame 53D1 Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIUkJUJZ9rMYSo3Z9z04ETk&google_cver=1&google_push=AXcoOmRSDXBz6K9Jonh-HvrGmZ0ToLoM06Am48KQvx9hYo2fX0bDOal3Opb3T7OG55iuwg2VHP2w7selstP... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRSDXBz6K9Jonh-HvrGmZ0ToLoM06Am48KQvx9hYo2fX0bDOal3Opb3T7OG55iuwg2VHP2w7selstP9VsqaUBM4BlGM20zIe-U&google_hm=McSfCsbOTOiZW00Mf...	170 B 329 B	34ms 34ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRSDXBz6K9Jonh-HvrGmZ0ToLoM06Am48KQvx9hYo2fX0bDOal3Opb3T7OG55iuwg2VHP2w7selstP9VsqaUBM4BlGM20zIe-U&google_hm=McSfCsbOTOiZW00MfmxW4Bs Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H2 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Mon, 21 Aug 2023 19:58:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 21 Aug 2023 19:58:57 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRSDXBz6K9Jonh-HvrGmZ0ToLoM06Am48KQvx9hYo2fX0bDOal3Opb3T7OG55iuwg2VHP2w7selstP9VsqaUBM4BlGM20zIe-U&google_hm=McSfCsbOTOiZW00MfmxW4Bs content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 53D1 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELGstFW9tAxNMrbmqh7PpXM&google_cver=1&google_push=AXcoOmT1jYLPgM0YGGaP_jZv1hfOdN4zOqCjlP4pzIHd4oIp4rSRL9xSsjheJUMZVwdRsLRL_wEFQEwro-T443... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTg2NzUzNzM2MzM2ODA5Ng%3D%3D&google_push=AXcoOmT1jYLPgM0YGGaP_jZv1hfOdN4zOqCjlP4pzIHd4oIp4rSRL9xSsjheJUMZVwdRsLRL_wEFQEwro-T443h_kI...	170 B 232 B	35ms 35ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTg2NzUzNzM2MzM2ODA5Ng%3D%3D&google_push=AXcoOmT1jYLPgM0YGGaP_jZv1hfOdN4zOqCjlP4pzIHd4oIp4rSRL9xSsjheJUMZVwdRsLRL_wEFQEwro-T443h_kIjJWNwJH6-6Hw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H2 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Mon, 21 Aug 2023 19:58:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTg2NzUzNzM2MzM2ODA5Ng%3D%3D&google_push=AXcoOmT1jYLPgM0YGGaP_jZv1hfOdN4zOqCjlP4pzIHd4oIp4rSRL9xSsjheJUMZVwdRsLRL_wEFQEwro-T443h_kIjJWNwJH6-6Hw Date Mon, 21 Aug 2023 19:58:58 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 53D1	43 B 363 B	113ms 34ms	Image image/gif	178.250.7.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRpnzLZXGXCCfqkYHWfpv47YJRMco54uUW6_Y7Y4r5rtBfze1VLdOvcFQ8AzAfBk8WFUCs-Ikhyx4dxcZPNeUVs9PzPtZw5XXg&google_gid=CAESEO-5Muw3nzkrOZ8d_EJ7Sd4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Mon, 21 Aug 2023 19:58:58 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 194104 expires Mon, 21 Aug 2023 00:00:00 GMT
GET H2	200	report sync.teads.tv/um/ Frame 53D1 Redirect Chain https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELIqZu_Smj72... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQPD5ttgZEK7jfKlABhkdhBvBiuu-gE0De20GI6-9kwb9R5c__vNgpGWaz8NtJP0z2yIqiw7pg5A6O0hlyGbQuCAxWrq4Q6Y4XT https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 163 B	47ms 47ms	Image image/gif	23.32.185.35 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H2 Server 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-32-185-35.deploy.static.akamaitechnologies.com Software akka-http/10.2.10 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers expires Mon, 21 Aug 2023 19:58:58 GMT pragma no-cache date Mon, 21 Aug 2023 19:58:58 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.10 content-length 23 content-type image/gif Redirect headers pragma no-cache date Mon, 21 Aug 2023 19:58:58 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 53D1	0 130 B	106ms 31ms	Image text/html	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqfALrH7KThaCK43dXyEl_RfGb86xrF89RBywahAfWQ7hAxi4635-GDzrMtXHvqj4pcbfU1g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:58 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame D90B	33 KB 33 KB	70ms 25ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Wed, 16 Aug 2023 05:14:28 GMT x-content-type-options nosniff age 485070 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 15 Aug 2024 05:14:28 GMT
GET H3	200	-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response pagead2.googlesyndication.com/bg/ Frame 186D	37 KB 14 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sun, 20 Aug 2023 13:24:43 GMT content-encoding br x-content-type-options nosniff age 110055 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14754 x-xss-protection 0 last-modified Mon, 14 Aug 2023 12:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 19 Aug 2024 13:24:43 GMT
GET H3	200	-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response pagead2.googlesyndication.com/bg/ Frame 9280	37 KB 14 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sun, 20 Aug 2023 13:24:43 GMT content-encoding br x-content-type-options nosniff age 110055 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14754 x-xss-protection 0 last-modified Mon, 14 Aug 2023 12:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 19 Aug 2024 13:24:43 GMT
GET H3	200	-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response pagead2.googlesyndication.com/bg/ Frame 7EDE	37 KB 14 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Requested by Host: m.ed3s.com URL: http://m.ed3s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sun, 20 Aug 2023 13:24:43 GMT content-encoding br x-content-type-options nosniff age 110055 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14754 x-xss-protection 0 last-modified Mon, 14 Aug 2023 12:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 19 Aug 2024 13:24:43 GMT
GET H3	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 0CE9	33 KB 33 KB	32ms 21ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Wed, 16 Aug 2023 05:14:28 GMT x-content-type-options nosniff age 485070 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 15 Aug 2024 05:14:28 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 0CE9 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CRCZ7AcLjZNyhJdrVtwfJu7nQDuKH05Ry1fumh9IR2dkeEAEg5u67KmCVgoCAkAegAdv8uvEDyAEJqAMByAPLBKoEugFP0PTPe31-UuOS5Aw8mP1J7MEvOCf4YKC7sm5YOfcgyMP8Kwz74DZ... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225760121192457543831%22,%22debug_reporting%22:true,%22destination%22:%22https://capterra.com.de%22,%22event_report_window%2...	0 0	63ms 62ms	Fetch text/css	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225760121192457543831%22,%22debug_reporting%22:true,%22destination%22:%22https://capterra.com.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221043250779%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213640469869945110273%22}&andc=true Protocol H3 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:59 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"5760121192457543831","debug_reporting":true,"destination":"https://capterra.com.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1043250779"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"13640469869945110273"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 21 Aug 2023 19:58:59 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 21 Aug 2023 19:58:58 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5760121192457543831","debug_reporting":true,"destination":"https://capterra.com.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1043250779"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"13640469869945110273"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	120ms 74ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230817&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 25eedbf97aba63b13e711a8215888c4f33d4ee91d427018c337ad9cf7657348c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:59 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11737 x-xss-protection 0
GET H3	200	-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response pagead2.googlesyndication.com/bg/ Frame 9033	37 KB 14 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=280&adk=3618349774&adf=2596954808&pi=t.aa~a.3971763561~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1692640737&rafmt=1&to=qs&pwprc=7962121447&format=1200x280&url=http%3A%2F%2Fm.ed3s.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1692647937543&bpp=4&bdt=1839&idt=4&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D391bd5ad323efbe3-22a99fec57de00b1%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MaqLcLHlgUni1gz5_go-yDiBvPt7A&gpic=UID%3D00000d8ceda1ee80%3AT%3D1692647936%3ART%3D1692647936%3AS%3DALNI_MbEOCgH3plQ7DMMRQJy7BsS9_gv1g&prev_fmts=468x60%2C0x0&nras=2&correlator=6076686044341&frm=20&pv=1&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&psts=AOrYGslki856fTrulMowspVwBtY8azBO5pkbaZVDtU2Vtyu-OreklvcJ1a1WKSNg6SahqGFJ3PRN6gRRndvfrgv1U831yye_&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NkoZlfijmi&p=http%3A//m.ed3s.com&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sun, 20 Aug 2023 13:24:43 GMT content-encoding br x-content-type-options nosniff age 110055 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14754 x-xss-protection 0 last-modified Mon, 14 Aug 2023 12:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 19 Aug 2024 13:24:43 GMT
GET H3	200	-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response pagead2.googlesyndication.com/bg/ Frame B3F2	37 KB 14 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3756111271051022&output=html&h=60&slotname=9118211255&adk=645216496&adf=3417569298&pi=t.ma~as.9118211255&w=468&lmt=1692640736&format=468x60&url=http%3A%2F%2Fm.ed3s.com%2F&wgl=1&dt=1692647936063&bpp=4&bdt=359&idt=261&shv=r20230817&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=6076686044341&frm=20&pv=2&ga_vid=815741112.1692647936&ga_sid=1692647936&ga_hid=1811810326&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31077148%2C44800493%2C31077199&oid=2&pvsid=1081834827308164&tmod=1713576397&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpoeE%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hnBxBvaSfT&p=http%3A//m.ed3s.com&dtd=277 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sun, 20 Aug 2023 13:24:43 GMT content-encoding br x-content-type-options nosniff age 110055 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14754 x-xss-protection 0 last-modified Mon, 14 Aug 2023 12:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 19 Aug 2024 13:24:43 GMT
OPTIONS H3	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	57ms 56ms	Preflight text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225760121192457543831%22,%22debug_reporting%22:true,%22destination%22:%22https://capterra.com.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221043250779%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213640469869945110273%22}&andc=true Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 21 Aug 2023 19:58:59 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3756111271051022&plah=m.ed3s.com&bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 21 Aug 2023 19:58:59 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 27F2	13 KB 5 KB	40ms 40ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://m.ed3s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 24656 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 13:08:03 GMT expires Tue, 20 Aug 2024 13:08:03 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 9454	829 B 559 B	50ms 49ms	Document text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e0ef92bd5293a21b7a652eb55a3f2340078e90f7b589997ba05d06141c35cff3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Pp3N4RBdVhEhEL-UMsA49g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://m.ed3s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 537 content-security-policy script-src 'report-sample' 'nonce-Pp3N4RBdVhEhEL-UMsA49g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 21 Aug 2023 19:58:59 GMT expires Mon, 21 Aug 2023 19:58:59 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response pagead2.googlesyndication.com/bg/ Frame 27F2	37 KB 14 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sun, 20 Aug 2023 13:24:43 GMT content-encoding br x-content-type-options nosniff age 110056 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14754 x-xss-protection 0 last-modified Mon, 14 Aug 2023 12:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 19 Aug 2024 13:24:43 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 9454	0 0	120ms 120ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230817&jk=1081834827308164&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 27F2	0 10 B	19ms 19ms	Image text/plain	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?bQRRLQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 19:58:59 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	125ms 124ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230817&jk=1081834827308164&bg=!OTqlOnXNAAZGPLJIZjw7ADQBe5WfOHZ9t-3dJVO711Egm6rlAnoYktJ0RggjcWBpRMdBdBKwUEyU69I0bJag3d5J4ebkAgAAAHVSAAAAB2gBBwoAHAm1goN7LbinU0Gk0dVPP9RvUQ7i6Ao9MHcXMAaZArGRqVQclEtFsgUlosliNv_bNSFItaXpXsWHHHiyX4pnrno9w3nZc0p2rz6HGOUtYwZ_MfcHmye9V3SdodkU7fp4FADt1vfLeHIHPPVES8jKxauld9thy9niYbPeKjUYKbIHpkyIqfTLK9d7btxt0osTk2fnr5xKWN9aTRMdq1rRAqu0hHG23xpMl3C9TcxkYyK3DuYZnUJRvxoGa5xRKmADKQrh_puKaymFn09f1zalAeQxOO6rPgrJ3C2yRakPm2WA7bN5o55UpnP5k0b9LjTkorfHTr-7g0Ur8XBvZ2xkbfnOD9_I9GuphxDORvN5BHm9eFsvIbMeJtJWJt5Ui9FXPFgYK2mfNH9l7hVik_gpcUe-fPSchPWyUmSAoMPT1TiSZIfgfgfVDv_NR2ukzBPzkJ7mqudmNlZ0zBU9rNCClk4HwBPr9uxsLC_hx74JPNmEIme_c0uVba9INy57a9zvWzE7TJ91bFLsXER6nM_E9e0DJX19urFIBrYPNUjzgOkX0tbkvaSdekIvyhmlHAX7feZMT6bZt-1Rpe810JrL6m5Ib6ovdu_avr6_L0WqT5r2_LQ9Fpz_8K8pQgrfh-QGpEkLA0amB0r6ARAsK2kszEmNGvEEIEelFJ48gb_Tx7Gz4vkiS4rsAwjeW9l4hCC5FrhSdsbR9AqeKa-Qn6xKEYwN7d7qMNDFv250QwNBek3CkR81cTULmbtQF5RttOJSZiDuzVPcz-7j3U-O1JqDTqPyqVltrHm5WNk2W2cK336sywKgsKdpemuCkq6gbXGanRmeSx-fFQVnaWzwUOR9UFg7eL5lfoIXaLa58fO5RA_Ewj315rTkiqFAl2I4rQ8Oz359RtXYvU-wju7AQCUoIyfNMjIXHpsJFR8W8D4-mlKA_dl0duKiisxcETMRSYt9Zw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://m.ed3s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D90B	42 B 64 B	125ms 125ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCxEUGacGarWj6ZKVTrYybLiYAlyOwPcoXlwiZj7mRJeZe6MaLS0ZfGq3HgfhmNnMAIBpyCK7bgUescdcWatV3c_UhMS7mhPBLZSQy55J7bdoOwYqSfrbIIlTzHgxIizn8Hi4uuCRGbfLg&sai=AMfl-YQPPwNLaOoEJYjf4BpO4XeFokULj2byRW60cJ63eAq_bdsypEyZV61hUgTC1syyJ2kVf27CniAc_XAR&sig=Cg0ArKJSzNtUcObDyD9PEAE&cid=CAQSGwBpAlJWgs7ByRWXyW3telRmxAN-5UKRql8o4hgB&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=645216496&rs=2&la=0&cr=0&vs=4&r=v&rst=1692647936342&rpt=2597&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Mon, 21 Aug 2023 19:59:00 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT