nerdbrx.com Open in urlscan Pro
2606:4700:20::ac43:48e9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nerdbrx-cc-mx-ipc-1.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZuZXJkYnJ4LmNvbSUyRnJlY29tZW5kYWNpb24tcHJlc3RhbW...
Effective URL:
https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Submission: On October 12 via manual (October 12th 2023, 11:20:41 pm UTC) from MX — Scanned from DE

Summary HTTP 90 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 16 domains to perform 90 HTTP transactions. The main IP is 2606:4700:20::ac43:48e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is nerdbrx.com.
TLS certificate: Issued by GTS CA 1P5 on October 12th 2023. Valid for: 3 months.

This is the only time nerdbrx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.22.138.120 52.22.138.120	14618 (AMAZON-AES) (AMAZON-AES)
1 11	2606:4700:20:... 2606:4700:20::ac43:48e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:9e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:ddf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2491:4a00:1e:d9e9:a000:21	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:2400:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:2251:4a00:9:fddd:fc40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	3.230.247.119 3.230.247.119	14618 (AMAZON-AES) (AMAZON-AES)
90	20

1 52.22.138.120 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-138-120.compute-1.amazonaws.com

nerdbrx-cc-mx-ipc-1.lt.acemlna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::ac43:48e9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nerdbrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:9e4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.atpnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk.atpnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hash.atpnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ddf (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.adtechpanda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:4a00:1e:d9e9:a000:21 (United States)

ASN16509 (AMAZON-02, US)

d3ezccgthbs4u8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:2400:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:4a00:9:fddd:fc40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.247.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-247-119.compute-1.amazonaws.com

rdr.atpnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	263 KB
16	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474 www.google.com — Cisco Umbrella Rank: 2	64 KB
11	nerdbrx.com 1 redirects nerdbrx.com	189 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	253 KB
7	gstatic.com www.gstatic.com	60 KB
4	atpnd.com cdn.atpnd.com — Cisco Umbrella Rank: 468802 trk.atpnd.com — Cisco Umbrella Rank: 481503 hash.atpnd.com — Cisco Umbrella Rank: 576394 rdr.atpnd.com	12 KB
3	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 13175 api.rudderlabs.com — Cisco Umbrella Rank: 6945	31 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	88 KB
1	cloudfront.net d3ezccgthbs4u8.cloudfront.net	9 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	adtechpanda.com tracker.adtechpanda.com — Cisco Umbrella Rank: 752165	584 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	59 KB
1	acemlna.com 1 redirects nerdbrx-cc-mx-ipc-1.lt.acemlna.com	255 B
90	16

	Domain	Requested by
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com nerdbrx.com 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com www.gstatic.com
14	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
11	nerdbrx.com	1 redirects nerdbrx.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com nerdbrx.com www.googletagservices.com
7	www.gstatic.com	nerdbrx.com 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	1 redirects cdn.atpnd.com securepubads.g.doubleclick.net
3	526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googleadservices.com
2	api.rudderlabs.com	cdn.rudderlabs.com
2	www.googletagservices.com	nerdbrx.com 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	nerdbrx.com 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
2	fonts.googleapis.com	526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com nerdbrx.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	connect.facebook.net	nerdbrx.com connect.facebook.net
1	rdr.atpnd.com	cdn.rudderlabs.com
1	cdn.rudderlabs.com	cdn.atpnd.com
1	hash.atpnd.com	cdn.atpnd.com
1	trk.atpnd.com	cdn.atpnd.com
1	d3ezccgthbs4u8.cloudfront.net	cdn.atpnd.com
1	www.facebook.com	nerdbrx.com
1	tracker.adtechpanda.com	nerdbrx.com
1	www.googletagmanager.com	nerdbrx.com
1	cdn.atpnd.com	nerdbrx.com
1	nerdbrx-cc-mx-ipc-1.lt.acemlna.com	1 redirects
90	24

This site contains no links.

Subject Issuer	Validity	Valid
nerdbrx.com GTS CA 1P5	`2023-10-12` - `2024-01-10`	3 months	crt.sh
atpnd.com GTS CA 1P5	`2023-09-05` - `2023-12-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-22` - `2023-10-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.rudderlabs.com Amazon RSA 2048 M02	`2023-06-14` - `2024-07-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
rdr.atpnd.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Frame ID: AC394E537CAED921D9F4B30D8AB3DE67
Requests: 44 HTTP requests in this frame

Frame: https://nerdbrx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: CE7A4484B00D2A42DF0567CCB1E85452
Requests: 2 HTTP requests in this frame

Frame: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 894081EEE28E3D13880497A49B70B989
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1221C82A28710BE4769D4BD0882C052B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6478BE26545B4A0481772C0B19BB3EBF
Requests: 2 HTTP requests in this frame

Frame: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 05161D3996A28DE024FA566C37006AFD
Requests: 5 HTTP requests in this frame

Frame: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39F8439658F56F8D230D4394E6BF4A53
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 552FB442F0F7FF229AE36EDD03EDB56E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FCBE2C02FA099032C9EF6FE931C5F44F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html
Frame ID: 6F2669C0E7D81BB5AF138227930A4B77
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: F1057AFC4D364CBDDBE5DBDA5FC3182A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: 7B732F199AF3CD4D4A5A6D37CC07544E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Recomendación préstamo Creditea - Nerd BRXpesquisarpesquisar

Page URL History Show full URLs

https://nerdbrx-cc-mx-ipc-1.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZuZXJkYnJ4LmNvbSUyRnJlY29tZW... HTTP 302
https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

RxJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

90
Requests

98 %
HTTPS

85 %
IPv6

16
Domains

24
Subdomains

20
IPs

2
Countries

1149 kB
Transfer

3080 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nerdbrx-cc-mx-ipc-1.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZuZXJkYnJ4LmNvbSUyRnJlY29tZW5kYWNpb24tcHJlc3RhbW8tY3JlZGl0ZWElMkYlM0Z1dG1fc291cmNlJTNEYWN0aXZlY2FtcGFpZ24lMjZ1dG1fY2FtcGFpZ24lM0QxNA==&sig=3TWscKHXgXfwbErUnj51TcQrq71it7t7A5XXw7wa6nze&iat=1697151933&a=%7C%7C254733989%7C%7C&account=nerdbrx-cc-mx-ipc-1.activehosted.com&email=spRIOOpOaGTGKjVeZ0GDBbidHXapVN3CFIzvuxe1d1UI7W4%3D%3ANFtUpCAWCWjoQhNJiVHy5%2Bv0ojqdzQZs&s=4e4b2eb4708b9c03f2cb53ab270cdf5a&i=168A173A6A1387 HTTP 302
https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://nerdbrx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://nerdbrx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 66

https://securepubads.g.doubleclick.net/pagead/adview?ai=CrcOzRn8oZZb4Bea3x_AP8oW_kAadlq-bc7TN0JShEae-99qcQBABIOTn2ZkBYJXikIKgB6ABmNG_3SnIAQmpAtSgUCcpq7E-4AIAqAMByANIqgSWAk_QS0vfvToqipDJY_giymqF0omTi2CWqJGh0q4wkttVP6mX3bYtwqFVFMYLeRabVqffFHwBfofnLNWPt8kHJdYRA9-MgqhsBEGM-eaKW6_42gJ3EXGQ5F34V9KQd6odC13-pSODV2n2f-9BBBZZcpsMbnSw09GHFKNp8HOBbJBPl3x4rTcAUF7Bqnr1v8bVSeQjX1S5hjBfGmhDV8kffgjaH5UCPqWkFBD5EUnDRYdvVuYdHphm1btJnzO3vWBoa2TgSfX5RQG0ULQF8LqMOxT1V63eMI7k332DQzgD4oz2i9M0qpHNEAspkUXjRkMFbjJHPg8kHhLHAkeAu1oEJSU7blbbdviXDjaYYN9MLk0N1OHe4IjDwASry7aEswTgBAGIBay5kMlLkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5iJkL0EqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQl7zvAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCZ0BaHR0cHM6Ly93d3cuY2hlY2syNC5kZS9yZWNodHNzY2h1dHp2ZXJzaWNoZXJ1bmcvbHAvdmVyZ2xlaWNoZW4vYS8_d3BzZXQ9Z29vZ2xlX3JzX2NvX2dkbl9yZW1hJnBrX3NvdXJjZT1hdWQtMjIwNjczMDE0OTY3MSZwa19jb250ZW50PTIwMjg2MDIwNzgwXzE1MTEzODQ0NDcxNYAKA8gLAeINEwjy56uA0_GBAxXm2xEIHfLCD2LYEwzQFQGYFgGAFwGyFx8KHQgAEhRwdWItNDI2MTEyNzI3NTIxNDIyMhjxuY8B&sigh=Ewbell-f5ZA&uach_m=[UACH]&ase=2&cid=CAQSSwDICaaN84yNXbALigOTX1Xsr-sfJX_XJRN-xyr-7aALylqcxUhPFBIocIRsEgrpBf3kXI0NGmZqr2FFb5dgedggF39xV6MZsVsaZxgB&template_id=419&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225729944737645224933%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211201931416%22],%224%22:[%2210-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210148382352825513825%22}&andc=true

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

90 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nerdbrx.com/recomendacion-prestamo-creditea/
Redirect Chain

https://nerdbrx-cc-mx-ipc-1.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZuZXJkYnJ4LmNvbSUyRnJlY29tZW5kYWNpb24tcHJlc3RhbW8tY3JlZGl0ZWElMkYlM0Z1dG1fc291cmNlJTNEYWN0aXZlY2FtcGFpZ24l...
https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

136 KB
25 KB

185ms
136ms

Document
text/html

2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b33916cf86cd6532e5156f7590d95b9052360733c8d2ddfea68c491a80a79b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-ray: 8153130aae11902e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 12 Oct 2023 23:20:36 GMT
last-modified: Tue, 19 Sep 2023 14:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6rVtfUtsZZoLdtUJSGHmqF4LdyyQSKkfLs3L8W%2BiFXHXTAmTubUFD55uArisvaBkKdWuHaujqqh3OBohrHkBPEHD5qCkqCzwpPln3OPlTuygq2%2FgKyz2meqzuOegxi%2B1fsDG4t3fock"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: application/json
date: Thu, 12 Oct 2023 23:20:36 GMT
location: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
x-amz-apigw-id: MtjSrE7YIAMEBDQ=
x-amzn-requestid: 24405ce7-cb03-491c-90a9-2579cd5cb7c8
x-amzn-trace-id: Root=1-65287f44-04d52c092c6a98bc7a943a08;Sampled=0;lineage=12ce62b2:0

GET
H2 200 classic-themes.min.css
nerdbrx.com/wp-includes/css/ 217 B
449 B 122ms
122ms Stylesheet
text/css 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nerdbrx.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Dec 2022 12:54:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=femsHPte0IIXa79WzuZu4MU5A3jyF8ZKxwTsIi6SorrMOxe5nC5KnBqGnpxZGKlHSnBTH15EXdfbhi16dEAUUpFLUdHSAndEKBXhFoUS0RQnpkl1%2BfuvyP6V6Y7uKR7I09oPhiU%2B5Xpk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 8153130b8e63902e-FRA

GET
H2 200 main.min.css
nerdbrx.com/wp-content/themes/twentytwentyone/assets/css/ 39 KB
9 KB 121ms
121ms Stylesheet
text/css 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nerdbrx.com/wp-content/themes/twentytwentyone/assets/css/main.min.css?ver=1
Requested by: Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7edd9ff3209643e0642f3726bb1bb7ca2982436d092b966e8e0bf6ebb2190b0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 16:15:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BD%2B298DvPUQi%2F5xCfNI7NoxFw6tCD0Jx7momftkUMPjc7irPrmnKBUmqD9KtJry%2BId4aJYCSoCMrybBtja2Pz%2BKISgcyylRmfseKopgpqpEYP%2BW5eXYIKZ9zugNeTIvk2GwxDKYAQG2E"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 8153130b8e64902e-FRA

GET
H2 200 nerdbrx.js Show response
cdn.atpnd.com/scripts/ 43 KB
11 KB 514ms
474ms Script
text/javascript 2606:4700:20::681a:9e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.atpnd.com/scripts/nerdbrx.js
Requested by: Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7372d1cddce1e2c9d3e0f711cc625f498698d4e3ab00164eae8085b02cd32d5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 05 Oct 2023 11:03:47 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=53689
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lN91NhKVqGCIoduNUjFBDetTr3Zerw1P9YnMDEnEJNYBU9K45R%2B%2Fqns%2F%2BFs21zahHXHmtL70MDN0iLqvQQ2IJO72WpXRRxE599o0F7q2n762Kg8p5asum47Cw95gCvNDGDp8rDDPDXzy8x0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: max-age=14400
cf-ray: 8153130c8a762c3d-FRA
link: <https://cdn.atpnd.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 lazyload.min.js Show response
nerdbrx.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 114ms
113ms Script
application/javascript 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nerdbrx.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Dec 2022 12:56:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpDItac81XUAVdOXyfyBu%2BkqnOAFVqhZ3vy4JudWuNVPjANZkBCUCMa2yDgHUaSwPyLjhp%2F7DZJ7tIIQbHyt8HsRwDB%2BHyMECBDVI53SsiIWXLydCvHEtr9SQ9RuLsxZix2RfxlpwskF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8153130c4ec2902e-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
59 KB 65ms
30ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLHLZP2

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8c4635e179250046f8c1d44433605411791226280e9c487cedd399a8bfbfc52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60160
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 22:52:30 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Oct 2023 23:20:36 GMT

GET
H2 200 /
nerdbrx.com/resena-prestamo-creditea/ 0
25 KB 131ms
130ms Other
text/html 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nerdbrx.com/resena-prestamo-creditea/
Requested by: Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:36 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 18 Sep 2023 22:23:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xBcTAkQXGF%2BFUQXTN6UJxLFp4KSt3EDdVyMd%2BwzajIzlvMPmug3Sow0vI%2Fp2X4qkKxE56vMUVEI73ZCUeheo6Jr6GL%2FZKBtrtxWx9qgiz9e9dFuj9rzUOO1C%2FYhxwlaSHgQOXfXM8sv"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-apo-via: origin,no-cache
cf-ray: 8153130c6ece902e-FRA

GET
H2 200 /
nerdbrx.com/aplicar-prestamo-creditea/ 0
26 KB 135ms
134ms Other
text/html 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nerdbrx.com/aplicar-prestamo-creditea/
Requested by: Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:36 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 09 Oct 2023 20:45:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhTJ7lzeMtsN%2F1DjjmOzuzexpXnqBy1tLCjVQAupuGRh1lEIDgumpEob83UGowNRy4OtwB4V%2B5kw2qm2TcQn%2BngBCzsNfPAkEznDY4%2B9dQDU9ph7z9UbZUR5a5%2Be1X%2FVzFept%2BiqJTsx"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-apo-via: origin,no-cache
cf-ray: 8153130c6ecf902e-FRA

GET
DATA 200
OK truncated
/ 64 B
64 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
69 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed84e03205a64df50645b980da3272ebc4908b85ab981242944c80384dee6bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 stimulus.min.js Show response
nerdbrx.com/wp-content/themes/twentytwentyone/assets/js/ 35 KB
9 KB 114ms
114ms Script
application/javascript 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nerdbrx.com/wp-content/themes/twentytwentyone/assets/js/stimulus.min.js
Requested by: Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3226da462af13fcd31c313f212207f848ee112915f2dc4a6c50769a087111f28

Request headers

Referer: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Origin: https://nerdbrx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Dec 2022 12:56:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3wPuKokeWy8B6HDxtiaubQP7seAwvty6PlT7R2rwWWbYhYAv9MnbPeGGziqZkpRfw094Q7q2MstV%2FHPwg8RH4mQ0KP%2F%2FxsuexkbZm5J78VLFnYnlMbNiHKVXDvjEnwE7uobCYmxLFvw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8153130cbeea902e-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 29ms
11ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 12 Oct 2023 23:20:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53364
x-xss-protection: 0
pragma: public
x-fb-debug: +3HL/nHLk6YeLpB0QF4Rnx8w3xWiRJ06LFkRi5PsVlig7E2O5wWOCUzJLTcPg8sNwfUPEFOLbRUBmHLmi6co5w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 creditea.png
nerdbrx.com/wp-content/uploads/2023/04/ 87 KB
87 KB 113ms
113ms Image
image/png 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nerdbrx.com/wp-content/uploads/2023/04/creditea.png
Requested by: Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc25cc248a819c353f4413e62b6a306cf9662a910efe7b65eb57088aa39fd7fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:36 GMT
cf-cache-status: HIT
last-modified: Sat, 06 May 2023 13:55:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPvd53FCbfM9Juh9KtqWN23MlznuuHACU6zwGHsnpA1AOJ4SFxSJPQj4snBvjhu4cjRIqRCoHVkQ%2BWhKcm%2F0re8Nnz4qygwjVxDK4DDBDIzSt4LRJc1CkPgdcXfAo58ChV3AYMCGvTTC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 8153130d3f16902e-FRA

GET
H2 200 1208523550028829 Show response
connect.facebook.net/signals/config/ 131 KB
35 KB 70ms
69ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1208523550028829?v=2.9.133&r=stable&domain=nerdbrx.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e520b10ed8aa469e926458817fcf95c5e70e95a94dc9edd91c089f569d313243

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 12 Oct 2023 23:20:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 1cYJ83IKdSG0ioZ2UKPLfAdMCAker4mtPD0z6/pUr/Ur2Rz2Vs84d+jPS+fXB8/5cFiRK7jTZGEBEoTh+XswVw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
tracker.adtechpanda.com/ 187 B
584 B 55ms
16ms Fetch
application/json 2606:4700:20::681a:ddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.adtechpanda.com/
Requested by: Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53de2dc8e7fadeb1463341c71c5a61b0ddabe1a402180b4f172da5e570023ce5

Request headers

accept: application/json
Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:36 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWK%2BHVIlTzsnPzw%2BRk23PJSvqUYEs4fkv1UWx1AZaGkl9dojGIm%2BKJuURPIs8%2FnAimkS8XDME%2FjkE6OzWlQTGTeiYezKNoSRrkyp71YrOZHDN%2BU4Lq73WKO04d39izTVwkiD1xSFlBjRGlA6QY%2B%2FjFJ1N7Ir"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 8153130dea093620-FRA

GET
H2

200

main.js Show response
nerdbrx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame CE7A
Redirect Chain

https://nerdbrx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://nerdbrx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

14ms
14ms

Script
application/javascript

2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nerdbrx.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Server

2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d95cc208f8c06b4de4fa6aff5f78d01a0887bae3cbc9b5f4ffe7da7a13967582

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9IdHDIm5UuE%2BKSXT4QZIOQKcy71ZCBEfS7n2ZXIQ67Hw1Lt4VO%2FDw73Bm%2Fx65cLWTeXjuvC7lY9cWtDellPRn878Pm6ofayHVrTcTjc8a5maCDohqgS8%2BfQj%2FlzocfUUEkfUKEBqub3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8153130ddf59902e-FRA

Redirect headers

date: Thu, 12 Oct 2023 23:20:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSDosPJ0wP8OLFVBEeMJwCyDW4jqUzcQIhxlbBIJnpP0gyCq7d%2F%2F9Iuk0ncswH%2BPYWW%2B%2BQ7ZcEUWyMiHjRTPR7DpDNn4jOC9L%2Bs5NUXAQH6gy0AaJfTwgWjEbKuD3vvexWAK1tiO2mXm"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8153130dcf52902e-FRA

POST
H2 200 8153130aae11902e Show response
nerdbrx.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame CE7A 0
453 B 29ms
29ms XHR
text/plain 2606:4700:20::ac43:48e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nerdbrx.com/cdn-cgi/challenge-platform/h/g/jsd/r/8153130aae11902e
Requested by: Host: nerdbrx.com
URL: https://nerdbrx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 12 Oct 2023 23:20:36 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153130e8fb5902e-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJG3CQ4zLvTYNv2h6KHpHYc9fnRfH2vm8V4MN8ZV4lseEpm5UYUS6LugF%2B1HI1zqIu%2FOlE3iEfZyCaSADEnUqHZJPs6JUBbObhrlX%2BHXT8tVD89ABDQWUjlHa00g%2F90CQqoDQ6aKBavs"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1208523550028829&ev=PageView&dl=https%3A%2F%2Fnerdbrx.com%2Frecomendacion-prestamo-creditea%2F%3Futm_source%3Dactivecampaign%26utm_campaign%3D14&rl=&if=false&ts=1697152836896&sw=1600&sh=1200&v=2.9.133&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1697152836894.975639106&ler=empty&it=1697152836724&coo=false&rqm=GET

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Oct 2023 23:20:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 150ms
52ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.atpnd.com
URL: https://cdn.atpnd.com/scripts/nerdbrx.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3cf7104bcb930f2e7327786bd5ec714e1f54a2cdb307e13c382745873902f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29132
x-xss-protection: 0
server: cafe
etag: 273 / 19642 / 31078769 / config-hash: 5599166546347420432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 12 Oct 2023 23:20:37 GMT

GET
H2 200 price.js Show response
d3ezccgthbs4u8.cloudfront.net/nerdbrx/ 8 KB
9 KB 969ms
862ms Script
binary/octet-stream 2600:9000:2491:4a00:1e:d9e9:a000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ezccgthbs4u8.cloudfront.net/nerdbrx/price.js
Requested by: Host: cdn.atpnd.com
URL: https://cdn.atpnd.com/scripts/nerdbrx.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4a00:1e:d9e9:a000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7e745f2901f13ecdcac2ae87ee07148409aa69c69f36f8ed603a34137d4e0aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:38 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2023 09:01:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
etag: "58c78f3edbab2dbe16b484b1a7678a53"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 8407
x-amz-cf-id: hpDXwRcUmcJY3OGZs5O3Hi-vVylLQR9XgkIbaT5TNzZmL5KjSiUDUA==

GET
H2 200 / Show response
trk.atpnd.com/ 187 B
569 B 50ms
14ms Fetch
application/json 2606:4700:20::681a:9e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.atpnd.com/
Requested by: Host: cdn.atpnd.com
URL: https://cdn.atpnd.com/scripts/nerdbrx.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53de2dc8e7fadeb1463341c71c5a61b0ddabe1a402180b4f172da5e570023ce5

Request headers

accept: application/json
Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:37 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FxqGa1SWO%2BWfsb8b5ec2%2BLo8y%2BDOb9KhlRvtUhac84Qf1ijPv8pIYSRq4INY9dgu7XggZJuncz0O3%2B4mG8gUFL02XzN%2FgSHLM4RhYZLgbcgnT0WfyBWeHVC6ttdLiVwkgI2a8sgi5Qco24%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 8153130fce2c3a43-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/ 420 KB
132 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 10:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45830
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134786
x-xss-protection: 0
server: cafe
etag: 13749274744457858240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 11 Oct 2024 10:36:47 GMT

GET
H2 200 22875833199 Show response
fundingchoicesmessages.google.com/i/ 158 KB
52 KB 104ms
50ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22875833199?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2f1a1ce16d6bbdfca1c065a1cb71b1326d28aa66933fec5d16a32a7be530f77

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z0teiHNHN4jNAYEb6qqmlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-z0teiHNHN4jNAYEb6qqmlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXyKQDxZayDLQ65D11REdJPp5RFQ_-UTeluHTKPQFv84vfl2bSOi5ZWABX_B1RCStk9KEjN9dZGREffMVljNnw1juUqSDPTz36uq1NDHguI2aiQj0KIPY-netweSF72bNjgS3H_EQ== Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXyKQDxZayDLQ65D11REdJPp5RFQ_-UTeluHTKPQFv84vfl2bSOi5ZWABX_B1RCStk9KEjN9dZGREffMVljNnw1juUqSDPTz36uq1NDHguI2aiQj0KIPY-netweSF72bNjgS3H_EQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3MTUyODM3LDQzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9uZXJkYnJ4LmNvbS9yZWNvbWVuZGFjaW9uLXByZXN0YW1vLWNyZWRpdGVhLyIsbnVsbCxbWzgsImJQNUhEcE1WejVjIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.bP5HDpMVz5c.es5.O/am=gAE/d=1/rs=AJlcJMzsvhBFyNlZ-Jt6-NbRBiQpad7RyA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

390cf808f5de5860d7e441334259aeab6610d341dcf71153a15d22c7ad3d5f7f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cTAdbkRQ0dPU_YC5TzSkXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-cTAdbkRQ0dPU_YC5TzSkXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxX4Idh0XU0crEf1_yjCyky1nDyXeYSClXlg7eFnjW6lthKd6ExkAoh35A2eOOFavoVWiYeIQdTe2QULhxADdHllXgBnkkDKVOjqNf0FamuBuxSe_FlcpHgkfNyVHaP5KfupImIEHA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX4Idh0XU0crEf1_yjCyky1nDyXeYSClXlg7eFnjW6lthKd6ExkAoh35A2eOOFavoVWiYeIQdTe2QULhxADdHllXgBnkkDKVOjqNf0FamuBuxSe_FlcpHgkfNyVHaP5KfupImIEHA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3MTUyODM3LDQ4NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9uZXJkYnJ4LmNvbS9yZWNvbWVuZGFjaW9uLXByZXN0YW1vLWNyZWRpdGVhLyIsbnVsbCxbWzgsImJQNUhEcE1WejVjIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcc7539f958f8f8d015597669289e3b9df174ba32e4357664e62358bebef4a34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q0YeNa1_IE4-AOykmKqBLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-q0YeNa1_IE4-AOykmKqBLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 307 KB
79 KB 477ms
477ms Fetch
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3341794863695153&correlator=2724949149741657&eid=31078769%2C31077227&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=22875833199%2Cnbx_desktop_top%2Cnbx_interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C300x250%7C336x280%2C1x1&fluid=height%2C0&ifi=1&sfv=1-0-40&ists=1&fas=0%2C8&sc=1&cookie_enabled=1&abxe=1&dt=1697152838041&lmt=1695125635&adxs=650%2C-9&adys=351%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnerdbrx.com%2Frecomendacion-prestamo-creditea%2F%3Futm_source%3Dactivecampaign%26utm_campaign%3D14&vis=1&psz=800x-1%7C0x-1&msz=800x-1%7C0x-1&fws=512%2C2&ohw=0%2C0&ga_vid=1205961105.1697152838&ga_sid=1697152838&ga_hid=1882039753&ga_fc=false&dlt=1697152836400&idt=870&prev_scp=m2_af%3D0.05%7Cm2_af%3D0.05&cust_params=marketplace%3Dadexchange%26experiment%3Dcontrol%26utm_source%3Dactivecampaign%26utm_medium%3Dnull%26utm_campaign%3D14%26utm_content%3Dnull%26utm_term%3Dnull%26request_uri%3D%252Frecomendacion-prestamo-creditea%252F%26land_uri%3D%252Frecomendacion-prestamo-creditea%252F%26utm_campaign_medium%3D14_null%26utm_campaign_term%3D14_null%26utm_source_req_uri%3Dactivecampaign_%252Frecomendacion-prestamo-c%26utm_source_land_uri%3Dactivecampaign_%252Frecomendacion-prestamo-c%26price_rule_hash%3Df788885d50fc4b78b0da4a64a81b13e2%252Cf55a3ac494c4ae8f4800e27bcf9b8c02&adks=131827308%2C2417429024&frm=20&is_cau=%2C

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08438a8a5c74b8e42f6aab1d1399db7768cf99424023697589f8bf4e30194c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80605
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nerdbrx.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 85ms
38ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4df0ca1ad44e10d243f6dfa869ff4837bcf5629427677ed2240cf38c553758b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12191
x-xss-protection: 0

GET
H2 200 container.html Show response
526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8940 6 KB
3 KB 111ms
22ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nerdbrx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 23:20:38 GMT
expires: Fri, 11 Oct 2024 23:20:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/ 38 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl_page_level_ads.js?cb=31078769

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc2b61cf28583354672e9ceb5b4c4d8e182e8e9e2003df6fa8723a1dc459fbd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 10:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45829
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13428
x-xss-protection: 0
server: cafe
etag: 7072425772309545193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 11 Oct 2024 10:36:49 GMT

GET
H2 200 / Show response
hash.atpnd.com/0e57bd2184fcb3c4bf2c79d362ee0357/ 31 B
338 B 49ms
40ms Fetch
application/json 2606:4700:20::681a:9e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hash.atpnd.com/0e57bd2184fcb3c4bf2c79d362ee0357/
Requested by: Host: cdn.atpnd.com
URL: https://cdn.atpnd.com/scripts/nerdbrx.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 201eda224f05d06860f7773cb903863ed8b54e401348f92b9f95678986749fd1

Request headers

accept: application/json
Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPjCWZ4eOYJI8jfwKsqZn%2B44O6AiMqUvk8YrIINIuROtAfzEa7a%2FWYwjykiwx1MJIKRDO1mixrYoQl%2FGuhI%2F1osJ2X81tDflD92Rq%2BcCjXX06%2BrUlB5QKJW1%2F%2Fqqm5sXcSz9WiGVHULCFCwe"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 81531315ea273a43-FRA
content-length: 31

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v2/ 93 KB
30 KB 497ms
424ms Script
application/javascript 2600:9000:214f:2400:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v2/rudder-analytics.min.js?transport=beacon
Requested by: Host: cdn.atpnd.com
URL: https://cdn.atpnd.com/scripts/nerdbrx.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2400:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5156291c4336da3cfa4a386363b1c996710c87f6ce3862dfcfc57d65c933a1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
content-encoding: gzip
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified: Mon, 12 Oct 2020 11:33:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"ed6e3461f4dc53994e36eabe89a16202"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=900
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZWlgZbYHx-G0pzQwzEU9k-ScUEMTLlSTjeQiTSF9dLSTcr8blYEILQ==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 45ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 23:20:38 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1221 13 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nerdbrx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 21:50:18 GMT
expires: Fri, 11 Oct 2024 21:50:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6478 829 B
1 KB 76ms
23ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbe3ac317f1206be604e798a729f4648556f7185ce7600e12cec5f0f00a24319

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4hA-9dByQ03aAKYl8BQngA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nerdbrx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4hA-9dByQ03aAKYl8BQngA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 23:20:38 GMT
expires: Thu, 12 Oct 2023 23:20:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1221 37 KB
14 KB 65ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 19:59:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Oct 2024 19:59:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6478 0
0 49ms
48ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310110101&jk=3341794863695153&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1221 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OlnMGg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 container.html Show response
526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0516 6 KB
3 KB 19ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nerdbrx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 23:20:38 GMT
expires: Fri, 11 Oct 2024 23:20:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 32ms
31ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.145778239229982

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5V-q67oRrow7eKeWHl5WlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-5V-q67oRrow7eKeWHl5WlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 69ms
68ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.5536973424584168

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vtXduc6l-UVRvNw-Afd4ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-vtXduc6l-UVRvNw-Afd4ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39F8 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nerdbrx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 23:20:38 GMT
expires: Fri, 11 Oct 2024 23:20:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0516 4 KB
1 KB 59ms
22ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Oct 2023 23:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:49:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Oct 2023 23:20:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 552F 14 KB
1 KB 49ms
24ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Oct 2023 23:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:43:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Oct 2023 23:20:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 552F 2 KB
892 B 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 13:38:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 552F 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 13:36:47 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FCBE 143 B
383 B 86ms
27ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 23:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 552F 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 17:21:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 552F 20 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 552F 187 KB
59 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 23:20:38 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame 552F 37 KB
15 KB 87ms
37ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 10:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 23:20:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 10:17:18 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 0516 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 13:52:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0516 205 B
520 B 60ms
16ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 18:51:21 GMT
x-content-type-options: nosniff
age: 102557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 10 Oct 2024 18:51:21 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0516 604 B
696 B 101ms
56ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 07:47:39 GMT
x-content-type-options: nosniff
age: 228779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 09 Oct 2024 07:47:39 GMT

GET
H2 200 88cf7d8f92971695aa333eeba8ca195d.js Show response
www.gstatic.com/mysidia/ Frame 39F8 9 KB
4 KB 41ms
12ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 08:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 08:22:16 GMT

GET
H2 200 e68f8ec74926968a541734be8897a625.js Show response
www.gstatic.com/mysidia/ Frame 39F8 36 KB
14 KB 64ms
35ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e68f8ec74926968a541734be8897a625.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4755a52910466d3bd7b706550f76af98eeb94b7092368df86e6e0c914eff2756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 09:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14678
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 23:20:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 09:22:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 39F8 2 KB
892 B 27ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 13:38:14 GMT

GET
H2 200 ef1f6d24bef59513d7c49e9cf5bba5ca.js Show response
www.gstatic.com/mysidia/ Frame 39F8 22 KB
9 KB 43ms
16ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef1f6d24bef59513d7c49e9cf5bba5ca.js?tag=exit_2019

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19aaa87c8184f65551d5c44d78d03aa8230d28c7c04d142f731f0fa129fd9cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9440
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 23:20:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 21:11:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 39F8 23 KB
9 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 13:36:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 39F8 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 17:21:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 39F8 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 39F8 187 KB
59 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 23:20:38 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame 39F8 37 KB
15 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 10:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 23:20:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 10:17:18 GMT

GET
H2 200 / Show response
api.rudderlabs.com/sourceConfig/ 1 KB
1 KB 289ms
289ms XHR
application/json 2600:9000:2251:4a00:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderlabs.com/sourceConfig/?p=web&v=1.1.5

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v2/rudder-analytics.min.js?transport=beacon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:4a00:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0607deaf32265cce9b912f1c4e83b278e31ddd04e0f120f48c886831ffe36b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic MXFsSlhGTWVZVW1UeXVjWDZLVVZRVkVqQkJNOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f490efe0-6955-11ee-9897-27dcfaa6bc1b
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-amz-cf-id: QYs1ZzbzjPZ18irqyi_bdVEAzjsx28CKCOFGo2KFJFwq4Xg94WRvvQ==

OPTIONS
H2 204 /
api.rudderlabs.com/sourceConfig/ Frame 0
0 218ms
150ms Preflight 2600:9000:2251:4a00:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderlabs.com/sourceConfig/?p=web&v=1.1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4a00:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://nerdbrx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Oct 2023 23:20:38 GMT
vary: Origin
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-id: 0xlGkhC7Hke5rDApQ21xnizQqyjsTfAdfHCB0m9YRwTpFg-H6FE0VQ==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-request-id: f45f3180-6955-11ee-9743-7b27b6134c37

POST
H3 204 AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 116ms
45ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MM0n7eDU97K1eMKaYOcTsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 23:20:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MM0n7eDU97K1eMKaYOcTsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nerdbrx.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/ Frame 6F26 31 KB
5 KB 31ms
27ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e68f8ec74926968a541734be8897a625.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26df8c7ab8689333bf021789f50674b7d673efd5f7bc9910356db977dc3bdf64

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 97813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5027
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 20:10:25 GMT
expires: Thu, 10 Oct 2024 20:10:25 GMT
last-modified: Sun, 18 Jun 2023 21:24:52 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 253ms
140ms Preflight
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CrcOzRn8oZZb4Bea3x_AP8oW_kAadlq-bc7TN0JShEae-99qcQBABIOTn2ZkBYJXikIKgB6ABmNG_3SnIAQmpAtSgUCcpq7E-4AIAqAMByANIqgSWAk_QS0vfvToqipDJY_giymqF0omTi2CWqJGh0q4wkttVP6mX3bYtwqFVFMYLeRabVqffFHwBfofnLNWPt8kHJdYRA9-MgqhsBEGM-eaKW6_42gJ3EXGQ5F34V9KQd6odC13-pSODV2n2f-9BBBZZcpsMbnSw09GHFKNp8HOBbJBPl3x4rTcAUF7Bqnr1v8bVSeQjX1S5hjBfGmhDV8kffgjaH5UCPqWkFBD5EUnDRYdvVuYdHphm1btJnzO3vWBoa2TgSfX5RQG0ULQF8LqMOxT1V63eMI7k332DQzgD4oz2i9M0qpHNEAspkUXjRkMFbjJHPg8kHhLHAkeAu1oEJSU7blbbdviXDjaYYN9MLk0N1OHe4IjDwASry7aEswTgBAGIBay5kMlLkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5iJkL0EqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQl7zvAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCZ0BaHR0cHM6Ly93d3cuY2hlY2syNC5kZS9yZWNodHNzY2h1dHp2ZXJzaWNoZXJ1bmcvbHAvdmVyZ2xlaWNoZW4vYS8_d3BzZXQ9Z29vZ2xlX3JzX2NvX2dkbl9yZW1hJnBrX3NvdXJjZT1hdWQtMjIwNjczMDE0OTY3MSZwa19jb250ZW50PTIwMjg2MDIwNzgwXzE1MTEzODQ0NDcxNYAKA8gLAeINEwjy56uA0_GBAxXm2xEIHfLCD2LYEwzQFQGYFgGAFwGyFx8KHQgAEhRwdWItNDI2MTEyNzI3NTIxNDIyMhjxuY8B&sigh=Ewbell-f5ZA&uach_m=[UACH]&ase=2&cid=CAQSSwDICaaN84yNXbALigOTX1Xsr-sfJX_XJRN-xyr-7aALylqcxUhPFBIocIRsEgrpBf3kXI0NGmZqr2FFb5dgedggF39xV6MZsVsaZxgB&template_id=419&nis=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 12 Oct 2023 23:20:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 39F8
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CrcOzRn8oZZb4Bea3x_AP8oW_kAadlq-bc7TN0JShEae-99qcQBABIOTn2ZkBYJXikIKgB6ABmNG_3SnIAQmpAtSgUCcpq7E-4AIAqAMByANIqgSWAk_QS0vfvToqipDJY_giymqF0omT...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225729944737645224933%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%22...

0
0

90ms
58ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225729944737645224933%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211201931416%22],%224%22:[%2210-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210148382352825513825%22}&andc=true

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5729944737645224933","debug_reporting":true,"destination":"https://check24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11201931416"],"4":["10-12"],"6":["true"]},"priority":"500","source_event_id":"10148382352825513825"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Oct 2023 23:20:39 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 12 Oct 2023 23:20:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5729944737645224933","debug_reporting":true,"destination":"https://check24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11201931416"],"4":["10-12"],"6":["true"]},"priority":"500","source_event_id":"10148382352825513825"}&andc=true
access-control-allow-origin: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 39F8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a07867d8aef71f08f78d52c873402ed17146aae40ab3c112573c152a4eccf8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FCBE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
307 B

38ms
37ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 23:20:38 GMT
expires: Thu, 12 Oct 2023 23:20:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 23:20:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6F26 6 KB
3 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 00:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 13 Oct 2023 00:52:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6F26 34 KB
13 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 13 Oct 2023 02:28:43 GMT

GET
H3 200 123e8847863ae9c5258c4c038dc68aa2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/ Frame 6F26 4 KB
4 KB 48ms
46ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/123e8847863ae9c5258c4c038dc68aa2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918bfeceac579806a0030fd36ed715d5ff1e2da8fc7b8352fae190a475a92ec7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 09 Oct 2023 12:11:46 GMT
x-content-type-options: nosniff
age: 299332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4430
x-xss-protection: 0
last-modified: Sun, 18 Jun 2023 21:24:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Oct 2024 12:11:46 GMT

GET
H3 200 b3b76b7fec96d0e0cd349b9ab07c448b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/ Frame 6F26 4 KB
4 KB 49ms
47ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/b3b76b7fec96d0e0cd349b9ab07c448b.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb09cb394e92531972f9edf27388c6abc59e8fe7d9bd1a0ba191c3f5ab66a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 09 Oct 2023 12:11:46 GMT
x-content-type-options: nosniff
age: 299332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4004
x-xss-protection: 0
last-modified: Sun, 18 Jun 2023 21:24:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Oct 2024 12:11:46 GMT

GET
H3 200 a6a7aca7a9af738ac9571424c2bf6352.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/ Frame 6F26 4 KB
2 KB 44ms
42ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/a6a7aca7a9af738ac9571424c2bf6352.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f6d54421d1c0fd25c0128834d0fce75bb9902cf30a8e769650d001ac6c24f60

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 12 Oct 2023 16:42:48 GMT
age: 23870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1707
x-xss-protection: 0
last-modified: Sun, 18 Jun 2023 21:24:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Oct 2024 16:42:48 GMT

GET
H3 200 ddf4148034d810afa5ecac0c325baab2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/ Frame 6F26 26 KB
27 KB 46ms
44ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/ddf4148034d810afa5ecac0c325baab2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50960475e1bd02bb1d6592a19512eb1f6909ce7c63ea4282aac65857c443c34f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 07 Oct 2023 07:08:05 GMT
x-content-type-options: nosniff
age: 490353
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27123
x-xss-protection: 0
last-modified: Sun, 18 Jun 2023 21:24:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Oct 2024 07:08:05 GMT

GET
H3 200 07f6617c661f5e643e9f86e2ce17a380.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/ Frame 6F26 40 KB
40 KB 45ms
43ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/07f6617c661f5e643e9f86e2ce17a380.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0fa3660d2e4f60e3d542f90d1ab7a5256a6942774927001a1cfc09104833b6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 09 Oct 2023 12:05:03 GMT
x-content-type-options: nosniff
age: 299735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40978
x-xss-protection: 0
last-modified: Sun, 18 Jun 2023 21:24:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Oct 2024 12:05:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310110101&jk=3341794863695153&bg=!GhmlGVbNAAbjlzx0w5c7ADQBe5WfOMkzBSugTw3Asc9_nD5ZBf7XY0Hp-933RCy1l2vohYQyTnIgZrLPWd2YmSsloq3RAgAAAEpSAAAACmgBBwoAX5axKGcOuLs0op54SRr8QtawlNXCLhYn8PlD94wRkh8CWF-ksjWQWK-Yh0lwGHQa4RjQCVHBEC5VWZuQuei_GSKUyII-t_3VAUHAddlu6cxiGtkmWDEPcm9NRl_rIxszmQLHfM_hFZ-VHxeYD0QrJRwrqf7sdiTUIiWZ9OvEkdDMeZMlOYuK_wDLXV2JFeVoDIkkPC3w9VXW3EK680FYAZf0Bx9XNA_fyDiYGTkF9V8j8KJHi7RYigmm6taoGgONyU_JHVO0FmejsqMrtt1iBqXBwy3djLR_ZAqLFZei4i-wWlu-GCUILr57PVNpS-SyHcNhSN00qCEqalbuZoNnA8-zpvNXcSw3wBqLME7ICGjteHtw9sAqH3eaqJuh2IWjXTsw4X8CBZgnXgx0XrRBE6ulzKAPx0IXJ3IBGMQNrycsXdH1bIaPaxGfrAVSdkua0LBIel-4jGxl3YnNiCmD_cXszPIOCO3OZONiFx4vpSKu04CmDPfzb6fODbwyGGFH3xRmafVI-tSeVoDMQfo5wAbV7Xnymw8aG5f5YlGfSn1cjdiQc8ddNOK3dPFkCHGZ_tk8ICUoUdxNadheACAK5kLKDSgE_ly5hUEOhcGS599dohfUYCLcVJ5jVqZXCEP4gobSh1hj5wtHj9vDzzOTRhvgsGgVXZLousNBd8c6wDBE0KiCtMFLV4L94m2mkz602GXUL3SxZEKMSiDjMtBwvJhDmY1FRY-bViCsr684wi7Vo9wKv_uOBp7Y98VYIh12VmUuA-gWSgyafloBBE7AqXJ-QPINDqIv4O4YyKBdDTTq-at6YKtgnY0-3woMdc-eR644m6IoWynduv5_ng0x-lKSrJVGB9eRVSANTK1gzv3wET0l5mwsNm9J2dv9w7Geqp6PimhULbokOjlIbY3r4sHf9z65hOjlGoaW2ZCMtJ5JIpxFKjWLG0h1bhgQrb0attOg6uIX_ElIyDtNShgdFWE1_hC87AXvJGl_S1LzlJMJxXxW-2vhWZ7WCveYzmp43dw_v9Pl5kQVo3y9heBywPoh0DzDvWLbrti3eCdWiqiI2y6mxQQl4-Lb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame F105 37 KB
14 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: 526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
URL: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 240848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Oct 2024 04:26:30 GMT

GET
H3 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B73 37 KB
14 KB 27ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: nerdbrx.com
URL: https://nerdbrx.com/recomendacion-prestamo-creditea/?utm_source=activecampaign&utm_campaign=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 240848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Oct 2024 04:26:30 GMT

GET
H3 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F26 37 KB
14 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 240848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Oct 2024 04:26:30 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 130ms
60ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 12 Oct 2023 23:20:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 batch
rdr.atpnd.com/beacon/v1/ 2 B
197 B 356ms
116ms Ping
text/plain 3.230.247.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rdr.atpnd.com/beacon/v1/batch?writeKey=1qlJXFMeYUmTyucX6KUVQVEjBBM

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v2/rudder-analytics.min.js?transport=beacon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.230.247.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-247-119.compute-1.amazonaws.com

Software

nginx/1.25.1 /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
strict-transport-security: max-age=31536000
server: nginx/1.25.1
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://nerdbrx.com
access-control-allow-credentials: true
content-length: 2

GET
H3 200 adplayer. Show response
fundingchoicesmessages.google.com/f/AGSKWxVjtSPUikVqduWMQUGUwKxXxWr7MxLKE9Teaf59no5lohxNKv4MRM1yvKjOW9xcUK9dSQHXs1gwc3PNJLoocaC8GT3idgINfRSLjWK6FvXzx990dYpol9Ar5W9WGiVOZl9ESFy16OsT2uR9fhVaGXlxXXA2E... 54 B
109 B 35ms
35ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVjtSPUikVqduWMQUGUwKxXxWr7MxLKE9Teaf59no5lohxNKv4MRM1yvKjOW9xcUK9dSQHXs1gwc3PNJLoocaC8GT3idgINfRSLjWK6FvXzx990dYpol9Ar5W9WGiVOZl9ESFy16OsT2uR9fhVaGXlxXXA2ESNsNeQX9eEnKxug4aaAHH63_aP9E9av/_/longad._728x901.-468x060-_ad_utils-/adplayer.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.bP5HDpMVz5c.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwvxSb_f7ipDNHMf_P8zJcx9mm0JQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

909ea6c7ca1eec7d8bbf788bc156fa57d8cbab3aab22f3bc5222cfcdb1f9ee22

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rUbD9bULAgObmBeQi0JFIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-rUbD9bULAgObmBeQi0JFIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 83 KB
30 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0557fe210d8ce635ca309c1972a99149c04ec30c9666cafce0445113d5ba617e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30362
x-xss-protection: 0
server: cafe
etag: 11395571080521075679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Oct 2023 00:05:02 GMT

POST
H3 204 AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 31ms
31ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a3KDhr67oe1aeRf_Vd__AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-a3KDhr67oe1aeRf_Vd__AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nerdbrx.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 42ms
41ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CFaINI9tktLl606UXvd67w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-CFaINI9tktLl606UXvd67w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://nerdbrx.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 55ms
55ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uftazUMjhq8gX6wqmw493w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uftazUMjhq8gX6wqmw493w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nerdbrx.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 61ms
61ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-foxIz4A9zqqPx_G4zn0aUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-foxIz4A9zqqPx_G4zn0aUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://nerdbrx.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUpAqP5NhWVocy3yVbu84_vM0N5JTAVu7uDf5oxE_lCXU35xjVyyqedW6i964o95V7VwBnGOo-CGFiCW8h5XyN7s5sOJ3S89TtWrUv9KvGof1Rr_yrb3JTJd8JjDHyOSRozVRBMKQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUpAqP5NhWVocy3yVbu84_vM0N5JTAVu7uDf5oxE_lCXU35xjVyyqedW6i964o95V7VwBnGOo-CGFiCW8h5XyN7s5sOJ3S89TtWrUv9KvGof1Rr_yrb3JTJd8JjDHyOSRozVRBMKQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3MTUyODM5LDQ1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbmVyZGJyeC5jb20vcmVjb21lbmRhY2lvbi1wcmVzdGFtby1jcmVkaXRlYS8iLG51bGwsW1s4LCJiUDVIRHBNVno1YyJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2be5bb37ec207a6630a8e884d97b996b8c3d893db87e97ecdfb25755087a98f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hbiJWOIUpeibLzmaqzHa3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nerdbrx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-hbiJWOIUpeibLzmaqzHa3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWhh2meVRwfQc8bWbGLLqiSLFFAatJiJpN4QEIAIHfQ0McJyFnwJj9FzhzxcIanzG2zt29q3BPEJHAqGeIJYFcJBonvoHhBpJSEPcpvfdAQdh2W4ScK88hXrSkLftvSAnF480tFew== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 27ms
27ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWhh2meVRwfQc8bWbGLLqiSLFFAatJiJpN4QEIAIHfQ0McJyFnwJj9FzhzxcIanzG2zt29q3BPEJHAqGeIJYFcJBonvoHhBpJSEPcpvfdAQdh2W4ScK88hXrSkLftvSAnF480tFew==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jXmM_aJV22-NfVCon_HuoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-jXmM_aJV22-NfVCon_HuoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nerdbrx.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 61ms
61ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXN-BcDDAD8kwnViBA-DlMR8ZXyu--iHraUkeijlZ1DwavPglajjSuJpfyfFAPPBm7Ind22CiCg-TPi60zPJAFi8-OGUYmBRzLvvjMFoKHGV9xw0i4ogVZlR1VGp7VoXwZLI9vNzg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CZ1gp39dkOyQQQ_gOqPynw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nerdbrx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 23:20:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CZ1gp39dkOyQQQ_gOqPynw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nerdbrx.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 39F8 42 B
174 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrA2Kwj18be6dtO-KtjPq1nC2dL08QkH-c9bOBB0joDtSLCxRwWmvm3D4e0IMchQEFE0HhvK7Jf9WyMVssM-usIfAGWkR58IbUlCQm_ZGb0VVxNDOKl6_lfC1r6vtNitxqiLKM7WP4wQCv&sai=AMfl-YQGHJWwgw5GcCh5ASaASogGE2hG3HReeTBix6jAHfUsREcsLnC5DwLsqnEK7tTwaF1Jd_y2lhpNqzFvalmw4aNR9Lh-i-d874ZlfdYFafOcW2Wmr59Z7eNViNkihZtpMCOUDUKR_HSFLY2m&sig=Cg0ArKJSzEptIGPlzenJEAE&cid=CAQSSwDICaaN84yNXbALigOTX1Xsr-sfJX_XJRN-xyr-7aALylqcxUhPFBIocIRsEgrpBf3kXI0NGmZqr2FFb5dgedggF39xV6MZsVsaZxgB&id=lidar2&mcvt=1000&p=351,632,631,968&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=131827308&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697152838591&rpt=207&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 23:20:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nerdbrx.com/	1970-01-21 00:11:28	Name: pll_language Value: mex
.nerdbrx.com/	1970-01-20 17:35:28	Name: _gcl_au Value: 1.1.1770131718.1697152837
.nerdbrx.com/	1970-01-20 17:35:28	Name: _fbp Value: fb.1.1697152836894.975639106
.nerdbrx.com/	1970-01-21 00:11:28	Name: cf_clearance Value: O6IMNXbDzw2GTLSJBggCQnqHt2VA6Kq4Ml7WqiNFLeU-1697152836-0-1-92a93226.2b854b8d.c5a86dc6-0.2.1697152836
.nerdbrx.com/	1970-01-21 00:47:28	Name: __gads Value: ID=2329c18a70ce5c5d:T=1697152838:RT=1697152838:S=ALNI_Mb0iNiIiya1E62SCrgPIaAUekDTbQ
.nerdbrx.com/	1970-01-21 00:47:28	Name: __gpi Value: UID=00000c975344efaa:T=1697152838:RT=1697152838:S=ALNI_MbsNk_S4z2N3JEjvqVn7ab8L54TWA
.nerdbrx.com/	1970-01-21 00:11:28	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX18uti3BTXXZjH2qP7OvSm2AR2cRMOz7ElQ%3D
.nerdbrx.com/	1970-01-21 00:11:28	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX1%2BbO425bpNXBKsz3olCF9lI7u3Xa2QmEomJtcfVhiX5yJDS6JdoX2BbeaE%2B2SOCDvYMtBOzw6kJSg%3D%3D
.nerdbrx.com/	1970-01-21 00:11:28	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX1%2FJvLpMZ%2FYAvUwy9TnOtbZovpcCCfL2wzQ%3D
.nerdbrx.com/	1970-01-21 00:11:28	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX19opJ4Qmo2xHzSK46FU%2FHD0pO3rXxSqVas%3D
.nerdbrx.com/	1970-01-21 00:11:28	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX18%2FoXJq0KfsRKD4BVbvrM1sCmH%2FDFoKNsI%3D
.doubleclick.net/	1970-01-20 15:25:56	Name: DSID Value: NO_DATA
.nerdbrx.com/	1970-01-20 15:25:52	Name: avStaticViewed Value: true
.doubleclick.net/	1970-01-21 00:47:28	Name: IDE Value: AHWqTUk30zcb29CU-xct8aDs-8FDTSqj9Q3A18EwBJndpsYZR6qZ7ukwF_HMVKywC4Q
.googleadservices.com/	1970-01-20 17:35:28	Name: ar_debug Value: 1
.nerdbrx.com/	1970-01-21 00:11:28	Name: FCNEC Value: %5B%5B%22AKsRol9_8T_vnaILK6AFVwFy_l9A4iJOLEp8J7_5ZcCiUBf-Hwz3mQtCfYE1sje5Hyzcd7MGBSQEcvHBsxhV7Q49lYPiqYDzU3on9ZROAV9rmxPPn7GPJ7GakMD0j3DwyzQ8zMtudhtWomrWASrKe0_ZvJhDPGrArg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18416784942682238738/RSV%20-%20REM%20-%202023%20-%2082%25%20-%20336x280%20-%20V1/index.html#t=1709080053341128978&p=https%3A%2F%2F526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com Message: <link rel=preload> has an invalid `href` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

526160bf4fec5dd9d59fb386f53632cd.safeframe.googlesyndication.com
api.rudderlabs.com
cdn.atpnd.com
cdn.rudderlabs.com
connect.facebook.net
d3ezccgthbs4u8.cloudfront.net
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hash.atpnd.com
nerdbrx-cc-mx-ipc-1.lt.acemlna.com
nerdbrx.com
pagead2.googlesyndication.com
rdr.atpnd.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
tracker.adtechpanda.com
trk.atpnd.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.194
2600:9000:214f:2400:16:a497:9700:93a1
2600:9000:2251:4a00:9:fddd:fc40:93a1
2600:9000:2491:4a00:1e:d9e9:a000:21
2606:4700:20::681a:9e4
2606:4700:20::681a:ddf
2606:4700:20::ac43:48e9
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:806::2008
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.230.247.119
52.22.138.120
0557fe210d8ce635ca309c1972a99149c04ec30c9666cafce0445113d5ba617e
0607deaf32265cce9b912f1c4e83b278e31ddd04e0f120f48c886831ffe36b4e
08438a8a5c74b8e42f6aab1d1399db7768cf99424023697589f8bf4e30194c62
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19aaa87c8184f65551d5c44d78d03aa8230d28c7c04d142f731f0fa129fd9cdb
201eda224f05d06860f7773cb903863ed8b54e401348f92b9f95678986749fd1
26df8c7ab8689333bf021789f50674b7d673efd5f7bc9910356db977dc3bdf64
2a07867d8aef71f08f78d52c873402ed17146aae40ab3c112573c152a4eccf8d
2b33916cf86cd6532e5156f7590d95b9052360733c8d2ddfea68c491a80a79b9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3226da462af13fcd31c313f212207f848ee112915f2dc4a6c50769a087111f28
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
390cf808f5de5860d7e441334259aeab6610d341dcf71153a15d22c7ad3d5f7f
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3f6d54421d1c0fd25c0128834d0fce75bb9902cf30a8e769650d001ac6c24f60
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4755a52910466d3bd7b706550f76af98eeb94b7092368df86e6e0c914eff2756
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50960475e1bd02bb1d6592a19512eb1f6909ce7c63ea4282aac65857c443c34f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
5156291c4336da3cfa4a386363b1c996710c87f6ce3862dfcfc57d65c933a1fc
53de2dc8e7fadeb1463341c71c5a61b0ddabe1a402180b4f172da5e570023ce5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7372d1cddce1e2c9d3e0f711cc625f498698d4e3ab00164eae8085b02cd32d5f
7c0fa3660d2e4f60e3d542f90d1ab7a5256a6942774927001a1cfc09104833b6
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7edd9ff3209643e0642f3726bb1bb7ca2982436d092b966e8e0bf6ebb2190b0d
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
909ea6c7ca1eec7d8bbf788bc156fa57d8cbab3aab22f3bc5222cfcdb1f9ee22
918bfeceac579806a0030fd36ed715d5ff1e2da8fc7b8352fae190a475a92ec7
a2be5bb37ec207a6630a8e884d97b996b8c3d893db87e97ecdfb25755087a98f
a7e745f2901f13ecdcac2ae87ee07148409aa69c69f36f8ed603a34137d4e0aa
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bf3cf7104bcb930f2e7327786bd5ec714e1f54a2cdb307e13c382745873902f5
c2f1a1ce16d6bbdfca1c065a1cb71b1326d28aa66933fec5d16a32a7be530f77
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
cc25cc248a819c353f4413e62b6a306cf9662a910efe7b65eb57088aa39fd7fa
cedb09cb394e92531972f9edf27388c6abc59e8fe7d9bd1a0ba191c3f5ab66a6
d4df0ca1ad44e10d243f6dfa869ff4837bcf5629427677ed2240cf38c553758b
d8c4635e179250046f8c1d44433605411791226280e9c487cedd399a8bfbfc52
d95cc208f8c06b4de4fa6aff5f78d01a0887bae3cbc9b5f4ffe7da7a13967582
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
dbe3ac317f1206be604e798a729f4648556f7185ce7600e12cec5f0f00a24319
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e520b10ed8aa469e926458817fcf95c5e70e95a94dc9edd91c089f569d313243
ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6
ed84e03205a64df50645b980da3272ebc4908b85ab981242944c80384dee6bb9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc2b61cf28583354672e9ceb5b4c4d8e182e8e9e2003df6fa8723a1dc459fbd3
fcc7539f958f8f8d015597669289e3b9df174ba32e4357664e62358bebef4a34
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

nerdbrx.com Open in urlscan Pro 2606:4700:20::ac43:48e9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

98 %HTTPS

85 %IPv6

16 Domains

24 Subdomains

20 IPs

2 Countries

1149 kBTransfer

3080 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nerdbrx.com Open in urlscan Pro
2606:4700:20::ac43:48e9 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

98 %
HTTPS

85 %
IPv6

16
Domains

24
Subdomains

20
IPs

2
Countries

1149 kB
Transfer

3080 kB
Size

16
Cookies

90 HTTP transactions
3 data transactions