ndb.com Open in urlscan Pro
67.225.226.38 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ndb.com/
Submission: On February 21 via manual (February 21st 2024, 8:47:45 pm UTC) from US — Scanned from DE

Summary HTTP 125 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 15 domains to perform 125 HTTP transactions. The main IP is 67.225.226.38, located in United States and belongs to LIQUIDWEB, US. The main domain is ndb.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 7th 2024. Valid for: 3 months.

This is the only time ndb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	67.225.226.38 67.225.226.38	32244 (LIQUIDWEB) (LIQUIDWEB)
21	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2.16.184.115 2.16.184.115	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4 12	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	66.102.1.154 66.102.1.154	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:6f::a	15169 (GOOGLE) (GOOGLE)
125	20

9 67.225.226.38 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: ndb.com

ndb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.184.115 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-184-115.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:6f::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5ednsk.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	887 KB
18	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	216 KB
13	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 bid.g.doubleclick.net — Cisco Umbrella Rank: 910	174 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 477	140 KB
9	ndb.com ndb.com	56 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131
5	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 592 www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2197	39 KB
4	google.com apis.google.com — Cisco Umbrella Rank: 108 www.google.com — Cisco Umbrella Rank: 2	78 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1307 r5---sn-4g5ednsk.c.2mdn.net — Cisco Umbrella Rank: 471754	950 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	82 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3564	361 B
0	cloudfront.net Failed d31qbv1cthcecs.cloudfront.net Failed
0	verisign.com Failed seal.verisign.com Failed
0	geotrust.com Failed smarticon.geotrust.com Failed
0	comodo.net Failed secure.comodo.net Failed
125	15

	Domain	Requested by
33	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
21	pagead2.googlesyndication.com	ndb.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com
9	ndb.com	ndb.com
8	www.googleadservices.com
6	fonts.googleapis.com	googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	imasdk.googleapis.com	googleads.g.doubleclick.net
2	r5---sn-4g5ednsk.c.2mdn.net
2	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	ndb.com www.google-analytics.com
2	ssl.google-analytics.com	ndb.com
2	apis.google.com	ndb.com apis.google.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	s7.addthis.com	ndb.com
0	d31qbv1cthcecs.cloudfront.net Failed	ndb.com
0	seal.verisign.com Failed	ndb.com
0	smarticon.geotrust.com Failed	ndb.com
0	secure.comodo.net Failed	ndb.com
125	24

This site contains links to these domains. Also see Links.

Domain
customer.ndb.com
www.mcafeesecure.com
www.webutation.net
members.ndb.com
www.facebook.com
twitter.com
www.automaticbacklinks.com
nordicvpn.com

Subject Issuer	Validity	Valid
ndb.com cPanel, Inc. Certification Authority	`2024-02-07` - `2024-05-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-02-13` - `2024-04-23`	2 months	crt.sh

This page contains 17 frames:

Primary Page: https://ndb.com/
Frame ID: C8815AA5644D76C1C31AC32154FA5F2A
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/zrt_lookup_fy2021.html
Frame ID: 17E8195FE50F8E40EF2B9EE80A103914
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1120870900851611&output=html&h=15&slotname=3583361956&adk=3873545050&adf=3374848032&pi=t.ma~as.3583361956&w=728&lmt=1708548460&url=https%3A%2F%2Fndb.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708548460630&bpp=3&bdt=420&idt=289&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&correlator=3947716604800&frm=20&pv=2&ga_vid=1669021588.1708548461&ga_sid=1708548461&ga_hid=1141262434&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081348%2C44785292%2C44795921%2C95324581%2C95325067%2C95322180%2C95324155%2C95324160%2C95325793&oid=2&pvsid=598704430103455&tmod=766683944&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302
Frame ID: 594F03E88049231D283574977117B3F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1120870900851611&output=html&adk=1812271804&adf=3025194257&lmt=1708548460&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fndb.com%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708548460644&bpp=2&bdt=434&idt=299&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3583361956&nras=1&correlator=3947716604800&frm=20&pv=1&ga_vid=1669021588.1708548461&ga_sid=1708548461&ga_hid=1141262434&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081348%2C44785292%2C44795921%2C95324581%2C95325067%2C95322180%2C95324155%2C95324160%2C95325793&oid=2&pvsid=598704430103455&tmod=766683944&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=311
Frame ID: 73046E91965878B8A809427BF4AFF605
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1120870900851611&output=html&h=280&adk=2781267418&adf=3261275988&pi=t.aa~a.3938508211~rp.4&w=747&fwrn=4&fwrnh=100&lmt=1708548462&rafmt=1&to=qs&pwprc=9861555751&format=747x280&url=https%3A%2F%2Fndb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708548462080&bpp=1&bdt=1869&idt=2&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3583361956&nras=2&correlator=3947716604800&frm=20&pv=1&ga_vid=1669021588.1708548461&ga_sid=1708548461&ga_hid=1141262434&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081348%2C44785292%2C44795921%2C95324581%2C95325067%2C95322180%2C95324155%2C95324160%2C95325793&oid=2&pvsid=598704430103455&tmod=766683944&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Frame ID: 57DA36477395D5A3A7C217F1C680C17F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F0AA1D14FECBB41C9394D8FD764D9A2A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 9D5DE1E9309E9C06AD74C3F3FF72B3FB
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: ABEB5F90AED7C90099A8E113F5F271E6
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8F4D3823C455E8E15F17D3399BA447C9
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/abg_lite_fy2021.js
Frame ID: 5FBE929F331AB56F647F15442A11EAD9
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 18D1E33D98580C74259AC0B20E8B4B4B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B85735277C0D70E842756198113A3720
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js
Frame ID: A945E32909409DEDDEF0262E8C73F9DE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js
Frame ID: 06841D2888D8AAEB0066257593096FA0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js
Frame ID: BF98A61355D578CBFCE09FD83B30E1F7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js
Frame ID: 66DA4CF51447C81AD7D991D28AAD3705
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 64EA12FB31F371F3BD84EC7847F5CF25
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Database Index | NDB.com - National DataBase - Serving Since 1994

Detected technologies

AddThis (Widgets) Expand

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

125
Requests

92 %
HTTPS

80 %
IPv6

15
Domains

24
Subdomains

20
IPs

2
Countries

1672 kB
Transfer

4755 kB
Size

17
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://customer.ndb.com/customer/terms.php
Title: Terms

Search URL Search Domain Scan URL

URL: http://customer.ndb.com/customer/login.php
Title: Members

Search URL Search Domain Scan URL

URL: https://www.mcafeesecure.com/

Search URL Search Domain Scan URL

URL: http://www.webutation.net/go/review/ndb.com

Search URL Search Domain Scan URL

URL: http://members.ndb.com/customer/login.php
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NDB.com

Search URL Search Domain Scan URL

URL: https://twitter.com/NDBcom

Search URL Search Domain Scan URL

URL: https://www.automaticbacklinks.com/
Title: Automatic Backlinks

Search URL Search Domain Scan URL

URL: https://nordicvpn.com/blog/
Title: Nordic VPN

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=CQmlxbWHWZeigBpDA6tkPzsUFiY2Yg3b25YKlmAywkB8QASDHybgdYJWitYLAB6ABlJbn1ALIAQmpAoGKgnl1I7I-qAMByAPLBKoE3wFP0ExArsds_9nbnAOcfa1g8K9B9RQGHCHCttS4jxiUPZ8xHqfASEm1UI77xDomYHSBJNiq7hXzy_HskAnrfKHTHJ5S9ohv8tfvxA5zBpyRf5YW7IX4meUc6fDfvEHjV0Sa5KSFCyQs53NH0kSVBEDuuSc7vSnidCyjenwdeVPG5drKwzJn7YhQu6tn6tyzpMu7iPQrkP_1aQtUyEHZ0tofUS4S8cPhOEu244B8kKLqda8HkV_nBzpnm-BJpNwK7mwYWOvc2Y7g8_yEfC9GVzaAdeWfXzZs4uxkHgKUYKCQwATSwZLA3gKIBcTSl7EekgUECAQYAZIFBAgFGASgBi6AB9TpmKsBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQ4oQd0ggmCIDhgHAQARgfMgLrAjoJgECAgISAgIQISL39wTpYyfHlgKe9hAOaCR5odHRwczovL3N0YXJ0Lm15ZGF0ZXMubWUvZGUtbi-ACgHICwG4E-QD2BMMiBQH0BUBmBYBgBcBshccChoIABIUcHViLTExMjA4NzA5MDA4NTE2MTEYAA&sigh=n8RoLKdJKOs&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_0-4orFCdfLRgc1jhsnaWpwSgekdX084K1ETXsd82u-KZ1Ge_ZxWdjhjIAql0IUF6P6aBzxmfsk3m0VDbu56Tjd2huAHeQroQKYkYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210093069459337904853%22,%22debug_reporting%22:true,%22destination%22:%22https://mydates.me%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22714722068%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213420750298900019393%22}&andc=true

Request Chain 88

https://googleads.g.doubleclick.net/pagead/adview?ai=Cr72abWHWZeegBpDA6tkPzsUFiY2Yg3b25YKlmAywkB8QASDHybgdYJWitYLAB6ABlJbn1ALIAQmpAoGKgnl1I7I-qAMByAPLBKoE3wFP0MjRbZM7nOMlnqxu8WyByN6ERgmS6LCc8qSIf-e7U9zEfM4O_gdjccQ4d7TNl7XTm8nsHG5KJtWiBQOUEwbSuiQUK97w714MPkvlGDogZeeUefB0yqi-we9gNTv3m92CWRO8oRpadTbaTIMnUcNrCBfDrjAdfuDHap29id28lWzI9OPvVsaHRDxs4PtKdTrhO0px4xg4Dr849GgHOQ6bVAsKp2gidCo_qVy-RW3BE-X_NUy1inXgNPgSA9w6JIa5eETRPTLKgdyGwUEOOSoa5NsrmOlediA4cmSRHBg9wATSwZLA3gKIBcTSl7EekgUECAQYAZIFBAgFGASgBi6AB9TpmKsBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQy_ZK0ggmCIDhgHAQARgfMgLrAjoJgECAgISAgIQISL39wTpYyfHlgKe9hAOaCR5odHRwczovL3N0YXJ0Lm15ZGF0ZXMubWUvZGUtbi-ACgHICwG4E-QD2BMMiBQH0BUBmBYBgBcBshccChoIABIUcHViLTExMjA4NzA5MDA4NTE2MTEYAA&sigh=Mhy-j5KlMFA&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_0-4orFCdfLRgc1jhsnaWpwSgekdX084K1ETXsd82u-KZ1Ge_ZxWdjhjIAql0IUF6P6aBzxmfsk3m0VDbu56Tjd2huAHeQroQKYkYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221850828528818845787%22,%22debug_reporting%22:true,%22destination%22:%22https://mydates.me%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22714722068%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211520498318000505633%22}&andc=true

Request Chain 92

https://googleads.g.doubleclick.net/pagead/adview?ai=C0zxDbWHWZemgBpDA6tkPzsUFrPHA1nXwvoaijg9kEAEgx8m4HWCVorWCwAegAYCH7PACyAEJqQKBioJ5dSOyPqgDAcgDywSqBNABT9Aoxo0yBPDwdXDy573MJIy26xupUiXoMRzAzSxlf6iDrBrLdqottdziYExSBNC0PMwYkvPFbr_Dt6BTD_e8xKnZQi8gw4sU0RKblCeHPDyTAHXBcIcMaWTV5Th0BKQLmoKkuuOjcVEKjL_omxpTLGzXJ7xIaFXUnxOXQewvba0yt-ZSDnFz4g5RyaQhRMwnkEXGKe8BJKW5TAoxfFz_qCiQ-IQC_vIsZ3I3eBPQwqFOJXTZdDh_OSgq6MFLii1kw6WKFCEKWhcBCk6XH-qQdsAEzsuCzucDiAWq0YeMO5IFBAgEGAGSBQQIBRgEoAYugAfo-JOPAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEEMuEMdIIJgiA4YBwEAEYHzIC6wI6CYBAgICEgICECEi9_cE6WMnx5YCnvYQDmgkbaHR0cHM6Ly9nZW93b3JsZC5tb2JpLz9sPWRlgAoByAsBuBPkA9gTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi0xMTIwODcwOTAwODUxNjExGAA&sigh=a7LUHqQfz5M&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_0-4orFCdfLRgc1jhsnaWpwSgekdX084K1ETXsd82u-KZ1Ge_ZxWdjhjIAql0IUF6P6aBzxmfsk3m0VDbu56Tjd2huAHeQroQKYkYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212115346789434841830%22,%22debug_reporting%22:true,%22destination%22:%22https://geoworld.mobi%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22773522304%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217317560754738067633%22}&andc=true

Request Chain 113

https://googleads.g.doubleclick.net/pagead/adview?ai=Cir0abmHWZdarDYywodAPw7W7uAyjp8HWdZnVkoWzCrKm3obpDhABIMfJuB1glaK1gsAHoAGAh-zwAsgBCakCgYqCeXUjsj6oAwHIA8sEqgTPAU_QTz0a2HU56tZOKDDo_CmZBKlBaKLL0QNkdNILO-wE-VM4FqmI-zxzac_EGK9f1u_1iPi615LIU6aCZa_Gt-vYk4D7lsnQc9zsIOrA4dsFPcl0y0fqC0AhNsCd9KGPQkLnxUAqeAvvOqOfeXCwRbjZekQXtejnhvOizc33h4UMhxs1Wo92uJyvMC-NvY9ohnHUzsq7NlHXmMkZNm9i2UdUpggjjMYzOQmMYaLltPuvS0Jxm6c0tEXAbLeY_wOxh6_SqPr1kLOx3NmpJZGVGsAEwsfznqkCiAXvtcSwGpIFBAgEGAGSBQQIBRgEoAYugAfo-JOPAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEEM6MW9IIJgiA4YBwEAEYHzIC6wI6CYBAgICEgICECEi9_cE6WNfeqoGnvYQDmgkWaHR0cHM6Ly9nZW93b3JsZC5tb2JpL4AKAcgLAbgT5APYEw2IFAnQFQGAFwGyFxwKGggAEhRwdWItMTEyMDg3MDkwMDg1MTYxMRgA&sigh=o2Zd2sHGUsA&uach_m=%5BUACH%5D&ase=2&cid=CAQSPAAvHhf_GbCxw_UkaU9_XuOAGHHb5_IE2iEIevYjkbyGKua2-J5pq8ozhkYKyLRzkLBud6eg8i_HrTJsvhgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223691334325921243817%22,%22debug_reporting%22:true,%22destination%22:%22https://geoworld.mobi%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22773522304%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22199455362788686017%22}&andc=true

Request Chain 118

https://gcdn.2mdn.net/videoplayback/id/ebbc75ad1b295f0d/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214474/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/71AF2E2651F112EA2052D0EC6919601F6A1D0DE8.9EBF911D2647CE5B0F24015436896BCDAE8D8A9B/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-4g5ednsk.c.2mdn.net/videoplayback/id/ebbc75ad1b295f0d/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214474/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2B291D83A4DE55DE8339C8F8F920D557E0676301.5A6AF518C8549EF7C6D796AE857FF2746B609934/key/cms1/cms_redirect/yes/mh/rO/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1708547133/mv/u/mvi/5/pl/29/file/file.mp4

125 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ndb.com/ 19 KB
6 KB 6040ms
5518ms Document
text/html 67.225.226.38
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ndb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.225.226.38 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: ndb.com
Software: Apache /
Resource Hash: edd6ae05b7bb45d4d0ff374cd653d0fb8492a39acfb5d2104cbd02ae577b871e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=86400, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5620
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Feb 2024 20:47:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=500
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK main.css
ndb.com/inc/ 22 KB
4 KB 146ms
145ms Stylesheet
text/css 67.225.226.38
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ndb.com/inc/main.css
Requested by: Host: ndb.com
URL: https://ndb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.225.226.38 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: ndb.com
Software: Apache /
Resource Hash: c73701f344cc34eaff95c76cb2f880c35b0f90f687ea730f44b9f0a59ca654a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 20:47:39 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Oct 2014 14:24:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2600000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 4031
Expires: Fri, 22 Mar 2024 20:47:39 GMT

GET trustlogo.js
secure.comodo.net/trustlogo/javascript/ 0
0

GET cot.js
secure.comodo.net/trustlogo/javascript/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 194ms
93ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ndb.com
URL: https://ndb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c48a73205a874a4ec251a9a32780d82bf51ee4d2a833e5b95f951e9b091c448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51280
x-xss-protection: 0
server: cafe
etag: 6727053796273857170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 21 Feb 2024 20:47:40 GMT

GET
H/1.1 200
OK 13.gif
ndb.com/mobile/img/ 43 B
364 B 429ms
144ms Image
image/gif 67.225.226.38
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndb.com/mobile/img/13.gif
Requested by: Host: ndb.com
URL: https://ndb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.225.226.38 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: ndb.com
Software: Apache /
Resource Hash: 90ff7d3dbd875b2023601a6da16b73d3c46d2d0d346a41bb0a8a438883e641b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 20:47:40 GMT
Last-Modified: Mon, 08 May 2017 09:30:01 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=2600000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=496
Content-Length: 43
Expires: Fri, 22 Mar 2024 20:47:40 GMT

GET
H/1.1 200
OK webutation.png
ndb.com/img/ 6 KB
6 KB 430ms
145ms Image
image/png 67.225.226.38
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndb.com/img/webutation.png
Requested by: Host: ndb.com
URL: https://ndb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.225.226.38 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: ndb.com
Software: Apache /
Resource Hash: df00c59d341a2a6eaf35103487226f56f0ef344f811aa124f5b53c0743238d4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 20:47:40 GMT
Last-Modified: Tue, 28 Aug 2012 19:01:46 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2600000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 6081
Expires: Fri, 22 Mar 2024 20:47:40 GMT

GET si.js
smarticon.geotrust.com/ 0
0

GET getseal
seal.verisign.com/ 0
0

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 327ms
47ms Script
text/javascript 2.16.184.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ndb.com
URL: https://ndb.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.184.115 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-184-115.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 20:47:40 GMT
server: Oracle API Gateway
opc-request-id: /34C0B3DE5142B6D920B43AC39F80798B/3AE6B785CB6FA5B3A1C4D1E0E251CE25
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK FacebookButton40.jpg
ndb.com/img/ 4 KB
5 KB 274ms
145ms Image
image/jpeg 67.225.226.38
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndb.com/img/FacebookButton40.jpg
Requested by: Host: ndb.com
URL: https://ndb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.225.226.38 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: ndb.com
Software: Apache /
Resource Hash: ef3918be2ac0fd753c6c28f4080a0417307a7a1c9ccb8a70d3763995817d7bf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 20:47:39 GMT
Last-Modified: Tue, 26 Jun 2012 12:54:01 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2600000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=498
Content-Length: 4511
Expires: Fri, 22 Mar 2024 20:47:39 GMT

GET
H/1.1 200
OK TwitterButton40.jpg
ndb.com/img/ 4 KB
4 KB 308ms
148ms Image
image/jpeg 67.225.226.38
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndb.com/img/TwitterButton40.jpg
Requested by: Host: ndb.com
URL: https://ndb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.225.226.38 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: ndb.com
Software: Apache /
Resource Hash: a1ea25facd4296b5b02748a1e69b7cb5e18bd422aa24317cfb491f5ca80530f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 20:47:40 GMT
Last-Modified: Tue, 26 Jun 2012 12:54:02 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2600000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 3936
Expires: Fri, 22 Mar 2024 20:47:40 GMT

GET
H/1.1 200
OK rss-logo40.jpg
ndb.com/img/ 4 KB
4 KB 429ms
144ms Image
image/jpeg 67.225.226.38
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndb.com/img/rss-logo40.jpg
Requested by: Host: ndb.com
URL: https://ndb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.225.226.38 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: ndb.com
Software: Apache /
Resource Hash: 25524fb7d8757bdcab19831f71d8e2a3d73d2203d712876b89450301a8b9a002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 20:47:40 GMT
Last-Modified: Sun, 22 Jul 2012 13:09:17 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2600000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 3837
Expires: Fri, 22 Mar 2024 20:47:40 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 56 KB
22 KB 176ms
48ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: ndb.com
URL: https://ndb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85cc905198fc18b098bcd68528e6fc182a09048bc13047831638f6be4355232

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 20:47:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21875
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "669a7ea6e576e625"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Feb 2024 20:47:40 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: ndb.com
URL: https://ndb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 19:54:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3163
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 21 Feb 2024 21:54:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ndb.com
URL: https://ndb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 19:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3571
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 21 Feb 2024 21:48:09 GMT

GET atrk.js
d31qbv1cthcecs.cloudfront.net/ 0
0

GET
H/1.1 200
OK Hdr_logo_nat-tp.png
ndb.com/img/ 21 KB
21 KB 434ms
147ms Image
image/png 67.225.226.38
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndb.com/img/Hdr_logo_nat-tp.png
Requested by: Host: ndb.com
URL: https://ndb.com/inc/main.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.225.226.38 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: ndb.com
Software: Apache /
Resource Hash: d191ff4832d0b1b128dd349403314a901b149c2fef7f5a3a81489d05df005c94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/inc/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 20:47:40 GMT
Last-Modified: Tue, 26 Jun 2012 12:53:38 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2600000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 21251
Expires: Fri, 22 Mar 2024 20:47:40 GMT

GET
H/1.1 200
OK tabs.gif
ndb.com/img/ 5 KB
5 KB 266ms
144ms Image
image/gif 67.225.226.38
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndb.com/img/tabs.gif
Requested by: Host: ndb.com
URL: https://ndb.com/inc/main.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.225.226.38 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: ndb.com
Software: Apache /
Resource Hash: 86abb3259617f4512c386d61116fbc8b759cf66d6e9cffe7186929ce187eefd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/inc/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 20:47:40 GMT
Last-Modified: Tue, 26 Jun 2012 12:53:48 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=2600000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=497
Content-Length: 4858
Expires: Fri, 22 Mar 2024 20:47:40 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 46ms
46ms Image
image/gif 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=128012396&utmhn=ndb.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Database%20Index%20%7C%20NDB.com%20-%20National%20DataBase%20-%20Serving%20Since%201994&utmhid=1141262434&utmr=-&utmp=%2F&utmht=1708548460512&utmac=UA-26576192-2&utmcc=__utma%3D168918974.1669021588.1708548461.1708548461.1708548461.1%3B%2B__utmz%3D168918974.1708548461.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1972694968&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: ndb.com
URL: https://ndb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
215 B 47ms
46ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1141262434&t=pageview&_s=1&dl=https%3A%2F%2Fndb.com%2F&ul=en-us&de=UTF-8&dt=Database%20Index%20%7C%20NDB.com%20-%20National%20DataBase%20-%20Serving%20Since%201994&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=168918974.1669021588.1708548461.1708548461.1708548461.1&_utmz=168918974.1708548461.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1708548460529&_u=IQBCAEABAAAAACAAI~&jid=1482553857&gjid=322680617&cid=1669021588.1708548461&tid=UA-55005806-1&_gid=1394138487.1708548461&_r=1&_slc=1&z=2084511574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

c8a0bde889915d04a6aab681a717666b915e5faaf0d20c9f646c96f7940d64d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ndb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ndb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.aeZ_fR6R8dw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8sci9Edc4jbYPjA7lmgveCIC2AvA/ 158 KB
55 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.aeZ_fR6R8dw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8sci9Edc4jbYPjA7lmgveCIC2AvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd584bebfc505e242f951af9bf2853cd3fda0c6141e27d3313426566fd343a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55922
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 17:51:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 20:04:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 143ms
56ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HC0WMXK4EJ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b445811d083617ab5ce8810190b8483ada068a97df44615127d9c7fcc6b8b8ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 20:47:40 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 407 KB
138 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1120870900851611&plah=ndb.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe6989641c7b107b17fac5d4bed19da03c2e53e416f64f3606e037f2682c86a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141358
x-xss-protection: 0
server: cafe
etag: 7263773036060914674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 20:47:40 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/ Frame 17E8 9 KB
5 KB 126ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 07:31:16 GMT
etag: 3890843268177463596
expires: Wed, 06 Mar 2024 07:31:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 134ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HC0WMXK4EJ&gtm=45je42h0v9107672300za200&_p=1708548460579&gcd=13l3l3l3l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1669021588.1708548461&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fndb.com%2F&dt=Database%20Index%20%7C%20NDB.com%20-%20National%20DataBase%20-%20Serving%20Since%201994&sid=1708548460&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6664
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HC0WMXK4EJ&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ndb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 594F 603 B
245 B 461ms
460ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1120870900851611&output=html&h=15&slotname=3583361956&adk=3873545050&adf=3374848032&pi=t.ma~as.3583361956&w=728&lmt=1708548460&url=https%3A%2F%2Fndb.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708548460630&bpp=3&bdt=420&idt=289&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&correlator=3947716604800&frm=20&pv=2&ga_vid=1669021588.1708548461&ga_sid=1708548461&ga_hid=1141262434&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081348%2C44785292%2C44795921%2C95324581%2C95325067%2C95322180%2C95324155%2C95324160%2C95325793&oid=2&pvsid=598704430103455&tmod=766683944&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1120870900851611&plah=ndb.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 20:47:41 GMT
expires: Wed, 21 Feb 2024 20:47:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7304 568 KB
95 KB 970ms
970ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1120870900851611&output=html&adk=1812271804&adf=3025194257&lmt=1708548460&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fndb.com%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708548460644&bpp=2&bdt=434&idt=299&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3583361956&nras=1&correlator=3947716604800&frm=20&pv=1&ga_vid=1669021588.1708548461&ga_sid=1708548461&ga_hid=1141262434&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081348%2C44785292%2C44795921%2C95324581%2C95325067%2C95322180%2C95324155%2C95324160%2C95325793&oid=2&pvsid=598704430103455&tmod=766683944&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=311

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2e0f602756a1944d0e0b5e169f49fcb07039ae7fa834a598e90fb9b51270151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 97547
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 20:47:41 GMT
expires: Wed, 21 Feb 2024 20:47:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 184ms
104ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240220&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

774bc9e31cd2ea70a00dd1fdd92d2ec422bc30e595f6cc6b88e5e4cc82a3cbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12479
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 166 KB
56 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6488f2b4fe024410743dabd64b6eb61ea5e59b1fa6adffd667f4499c1fed225a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57359
x-xss-protection: 0
server: cafe
etag: 3160318596995138228
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 20:47:42 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 57DA 114 KB
39 KB 688ms
687ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1120870900851611&output=html&h=280&adk=2781267418&adf=3261275988&pi=t.aa~a.3938508211~rp.4&w=747&fwrn=4&fwrnh=100&lmt=1708548462&rafmt=1&to=qs&pwprc=9861555751&format=747x280&url=https%3A%2F%2Fndb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708548462080&bpp=1&bdt=1869&idt=2&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3583361956&nras=2&correlator=3947716604800&frm=20&pv=1&ga_vid=1669021588.1708548461&ga_sid=1708548461&ga_hid=1141262434&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081348%2C44785292%2C44795921%2C95324581%2C95325067%2C95322180%2C95324155%2C95324160%2C95325793&oid=2&pvsid=598704430103455&tmod=766683944&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a01aed834e69651317a3fe8067cfac7975b269ce97e5e4457cb9d9c6f372c166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 20:47:42 GMT
expires: Wed, 21 Feb 2024 20:47:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/ Frame F0AA 9 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 17:09:49 GMT
etag: 3890843268177463596
expires: Wed, 06 Mar 2024 17:09:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/ Frame 9D5D 9 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 17:09:49 GMT
etag: 3890843268177463596
expires: Wed, 06 Mar 2024 17:09:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/ Frame ABEB 9 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 17:09:49 GMT
etag: 3890843268177463596
expires: Wed, 06 Mar 2024 17:09:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/ Frame 8F4D 9 KB
4 KB 41ms
41ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 17:09:49 GMT
etag: 3890843268177463596
expires: Wed, 06 Mar 2024 17:09:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 242ms
141ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 20:47:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame F0AA 5 KB
1 KB 136ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 20:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 19:26:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 20:47:42 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/elements/html/ Frame F0AA 15 KB
6 KB 161ms
79ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 19:04:51 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/elements/html/ Frame F0AA 22 KB
9 KB 167ms
85ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 19:04:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9D5D 6 KB
801 B 122ms
57ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 20:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 19:01:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 20:47:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame 9D5D 2 KB
856 B 190ms
135ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/ Frame 9D5D 23 KB
9 KB 177ms
124ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame 9D5D 3 KB
1 KB 182ms
129ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame 9D5D 20 KB
8 KB 97ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9D5D 204 KB
61 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 21:14:17 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 9D5D 36 KB
15 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:44:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame ABEB 6 KB
801 B 109ms
55ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 20:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 20:15:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 20:47:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame ABEB 2 KB
875 B 165ms
122ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/ Frame ABEB 23 KB
9 KB 177ms
135ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame ABEB 3 KB
1 KB 133ms
93ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame ABEB 20 KB
8 KB 81ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame ABEB 204 KB
61 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 21:14:17 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame ABEB 36 KB
15 KB 124ms
50ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:44:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8F4D 4 KB
752 B 90ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 20:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 19:29:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 20:47:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame 8F4D 2 KB
856 B 166ms
134ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/ Frame 8F4D 23 KB
9 KB 159ms
129ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame 8F4D 3 KB
1 KB 169ms
139ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame 8F4D 20 KB
8 KB 81ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8F4D 204 KB
61 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 21:14:17 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 8F4D 36 KB
15 KB 147ms
83ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:44:04 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/3217711501561353173/ Frame 8F4D 16 KB
16 KB 120ms
93ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3217711501561353173/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73ebf432b9297f7374cc20d254eabf6ad2ccead492b05471670580dce705a72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 13:52:14 GMT
date: Thu, 15 Feb 2024 13:52:14 GMT
x-content-type-options: nosniff
age: 543328
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16317
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 16:27:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 10329976837787478702
tpc.googlesyndication.com/simgad/ Frame 8F4D 22 KB
22 KB 133ms
107ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10329976837787478702?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c63da48fbb051e139025f019a3e77591429ce3b4368af4b1dd075d763b6d181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires: Thu, 20 Feb 2025 07:43:16 GMT
date: Wed, 21 Feb 2024 07:43:16 GMT
x-content-type-options: nosniff
age: 47066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22370
x-xss-protection: 0
last-modified: Sun, 20 Oct 2019 13:28:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/ Frame 5FBE 23 KB
9 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5FBE 9 KB
846 B 51ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 20:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 19:00:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 20:47:42 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/ Frame 5FBE 15 KB
3 KB 210ms
43ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48031
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 16:58:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:27:11 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/ Frame 5FBE 379 KB
132 KB 211ms
44ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ea0a2bf2e4ba86815782535de2bf697c77611dc7bf30a709bc9220aa21c0c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134652
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 16:58:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:31:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame 5FBE 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
DATA 200
OK truncated
/ Frame 8F4D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28d96ab8862f846e833cdeee4362a16ac2b091c4e0533295bdab3e0bab5b423c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 18D1 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 07:44:25 GMT
expires: Thu, 20 Feb 2025 07:44:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B857 829 B
1 KB 136ms
49ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b998563767595c7bccbdbfbd87f2774ebda6aa3636ff5539d84a68bb6642fa42

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5BaGnuP3IS-dGwC9MQtplg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ndb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5BaGnuP3IS-dGwC9MQtplg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 20:47:42 GMT
expires: Wed, 21 Feb 2024 20:47:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/122127491677675145/ Frame ABEB 39 KB
39 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/122127491677675145/2076313506083323656

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5792d2aad44edfa3c7d232d705484a25255f594525b6b9e1b1a8b9b0ca1f242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 13:57:42 GMT
date: Thu, 15 Feb 2024 13:57:42 GMT
x-content-type-options: nosniff
age: 543000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39870
x-xss-protection: 0
last-modified: Tue, 27 Aug 2019 08:41:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/14341743368593341305/ Frame ABEB 2 KB
2 KB 47ms
46ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14341743368593341305/2728354180183721846?w=100&h=100&tw=1&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b352d6c2b010b883cb0a4b68971be9c4185ee38b667ed01a0ed4ff27bc8f95f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires: Thu, 20 Feb 2025 07:43:04 GMT
date: Wed, 21 Feb 2024 07:43:04 GMT
x-content-type-options: nosniff
age: 47078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2295
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 05:44:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame ABEB 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ABEB 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d8f2305dd012fc711a0a55c2b8539a017564d884503e016992fe274aaba8095

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ABEB 15 KB
16 KB 150ms
44ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:38:45 GMT
x-content-type-options: nosniff
age: 47337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:38:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ABEB 15 KB
15 KB 191ms
85ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:57:47 GMT
x-content-type-options: nosniff
age: 46195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:57:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ABEB 15 KB
15 KB 157ms
52ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:30:26 GMT
x-content-type-options: nosniff
age: 47836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:30:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F4D 15 KB
16 KB 200ms
100ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:38:45 GMT
x-content-type-options: nosniff
age: 47337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:38:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F4D 15 KB
15 KB 222ms
122ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:30:26 GMT
x-content-type-options: nosniff
age: 47836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:30:26 GMT

GET
H3 200 8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js Show response
pagead2.googlesyndication.com/bg/ Frame A945 50 KB
19 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js

Requested by

Host: ndb.com
URL: https://ndb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f13b32e612863a4776a59c4767e0d55c2339defea65adb7ce65c1e347749d1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19817
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:42:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame ABEB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQmlxbWHWZeigBpDA6tkPzsUFiY2Yg3b25YKlmAywkB8QASDHybgdYJWitYLAB6ABlJbn1ALIAQmpAoGKgnl1I7I-qAMByAPLBKoE3wFP0ExArsds_9nbnAOcfa1g8K9B9RQGHCHCttS4jxi...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210093069459337904853%22,%22debug_reporting%22:true,%22destination%22:%22https://mydates.me%22,%22event_report_window%22:%2...

0
0

162ms
79ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210093069459337904853%22,%22debug_reporting%22:true,%22destination%22:%22https://mydates.me%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22714722068%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213420750298900019393%22}&andc=true

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:42 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10093069459337904853","debug_reporting":true,"destination":"https://mydates.me","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["714722068"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"13420750298900019393"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Feb 2024 20:47:42 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 20:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10093069459337904853","debug_reporting":true,"destination":"https://mydates.me","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["714722068"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"13420750298900019393"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/122127491677675145/ Frame 9D5D 39 KB
39 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/122127491677675145/2076313506083323656

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5792d2aad44edfa3c7d232d705484a25255f594525b6b9e1b1a8b9b0ca1f242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 13:57:42 GMT
date: Thu, 15 Feb 2024 13:57:42 GMT
x-content-type-options: nosniff
age: 543000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39870
x-xss-protection: 0
last-modified: Tue, 27 Aug 2019 08:41:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/14341743368593341305/ Frame 9D5D 2 KB
2 KB 47ms
47ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14341743368593341305/2728354180183721846?w=100&h=100&tw=1&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b352d6c2b010b883cb0a4b68971be9c4185ee38b667ed01a0ed4ff27bc8f95f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires: Thu, 20 Feb 2025 07:43:04 GMT
date: Wed, 21 Feb 2024 07:43:04 GMT
x-content-type-options: nosniff
age: 47078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2295
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 05:44:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 9D5D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9D5D 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e031094b89c2df677edfd8918405029e24eacb6ed760c5a8c5be0be5a783ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D5D 15 KB
16 KB 184ms
111ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:38:45 GMT
x-content-type-options: nosniff
age: 47337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:38:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D5D 15 KB
15 KB 212ms
139ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:57:47 GMT
x-content-type-options: nosniff
age: 46195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:57:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D5D 15 KB
15 KB 206ms
133ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:30:26 GMT
x-content-type-options: nosniff
age: 47836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:30:26 GMT

GET
H3 200 8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0684 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js

Requested by

Host: ndb.com
URL: https://ndb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f13b32e612863a4776a59c4767e0d55c2339defea65adb7ce65c1e347749d1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19817
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:42:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9D5D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cr72abWHWZeegBpDA6tkPzsUFiY2Yg3b25YKlmAywkB8QASDHybgdYJWitYLAB6ABlJbn1ALIAQmpAoGKgnl1I7I-qAMByAPLBKoE3wFP0MjRbZM7nOMlnqxu8WyByN6ERgmS6LCc8qSIf-e...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221850828528818845787%22,%22debug_reporting%22:true,%22destination%22:%22https://mydates.me%22,%22event_report_window%22:%22...

0
0

160ms
79ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221850828528818845787%22,%22debug_reporting%22:true,%22destination%22:%22https://mydates.me%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22714722068%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211520498318000505633%22}&andc=true

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:42 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1850828528818845787","debug_reporting":true,"destination":"https://mydates.me","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["714722068"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"11520498318000505633"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Feb 2024 20:47:42 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 20:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1850828528818845787","debug_reporting":true,"destination":"https://mydates.me","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["714722068"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"11520498318000505633"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 198ms
78ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Feb 2024 20:47:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 197ms
79ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Feb 2024 20:47:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 18D1 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:27:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Feb 2025 07:27:21 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8F4D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C0zxDbWHWZemgBpDA6tkPzsUFrPHA1nXwvoaijg9kEAEgx8m4HWCVorWCwAegAYCH7PACyAEJqQKBioJ5dSOyPqgDAcgDywSqBNABT9Aoxo0yBPDwdXDy573MJIy26xupUiXoMRzAzSxlf6i...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212115346789434841830%22,%22debug_reporting%22:true,%22destination%22:%22https://geoworld.mobi%22,%22event_report_window%22...

0
0

78ms
78ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212115346789434841830%22,%22debug_reporting%22:true,%22destination%22:%22https://geoworld.mobi%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22773522304%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217317560754738067633%22}&andc=true

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:42 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12115346789434841830","debug_reporting":true,"destination":"https://geoworld.mobi","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["773522304"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"17317560754738067633"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Feb 2024 20:47:42 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 20:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12115346789434841830","debug_reporting":true,"destination":"https://geoworld.mobi","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["773522304"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"17317560754738067633"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js Show response
pagead2.googlesyndication.com/bg/ Frame BF98 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js

Requested by

Host: ndb.com
URL: https://ndb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f13b32e612863a4776a59c4767e0d55c2339defea65adb7ce65c1e347749d1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19817
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:42:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B857 0
0 88ms
87ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240220&jk=598704430103455&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 5FBE 0
45 B 169ms
61ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lsw9n35r&c=6973195534172&slotId=3486597767086&qqid=CKOL7ICnvYQDFRCgOgUdzmIBAA&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FBE 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CjuUrbWHWZeOgBpDA6tkPzsUF1Z_etHXLpd2_ghLqn9yg1AEQASDHybgdYJWitYLAB6ABvL3SmQPIAQWoAwHIA5sEqgSHAk_Q-k6xkYizkojMSHJASLvs5lmeDWiW6KM3gpv_tmeqB1nM6eQs96YR9lzQ-KShARJF7SpOt8BXntUrFp9GiVP8EOWMwpJVxntJteyDwWr6x9KF-A0Pl5tx_hRcmpFEqAlQUHyckM5tFbVsOMPU5-Ht4iNlgUHdUfAV0BiJ7WPA4_yMs86lzobdE2hGqste3LKGpChzRiU7miphu86Q83EYV9DixadTwd1ylVerJc1TFM3r7pmpaIMnjvyPh-sEXzlIxIzD6JpcmhrClvhJJ7exl9jeSHLN_mVd53cRFwtd0nvhuvujMdmgKDpMj8OVv9ibtwVt7okjlca2bozbhC1V9Ee7KQ4fwASrlfO1ygPgBAOIBeDU2OEwkAYBoAZOgAeswq1mqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJgiA4YBwEAEYHzIC6wI6CYBAgICEgICECEi9_cE6WMnx5YCnvYQDgAoBmAsByAsBgAwBqg0CREWwE7a8wBbQEwDYEwuIFAHYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1708548462789&ai=CjuUrbWHWZeOgBpDA6tkPzsUF1Z_etHXLpd2_ghLqn9yg1AEQASDHybgdYJWitYLAB6ABvL3SmQPIAQWoAwHIA5sEqgSHAk_Q-k6xkYizkojMSHJASLvs5lmeDWiW6KM3gpv_tmeqB1nM6eQs96YR9lzQ-KShARJF7SpOt8BXntUrFp9GiVP8EOWMwpJVxntJteyDwWr6x9KF-A0Pl5tx_hRcmpFEqAlQUHyckM5tFbVsOMPU5-Ht4iNlgUHdUfAV0BiJ7WPA4_yMs86lzobdE2hGqste3LKGpChzRiU7miphu86Q83EYV9DixadTwd1ylVerJc1TFM3r7pmpaIMnjvyPh-sEXzlIxIzD6JpcmhrClvhJJ7exl9jeSHLN_mVd53cRFwtd0nvhuvujMdmgKDpMj8OVv9ibtwVt7okjlca2bozbhC1V9Ee7KQ4fwASrlfO1ygPgBAOIBeDU2OEwkAYBoAZOgAeswq1mqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJgiA4YBwEAEYHzIC6wI6CYBAgICEgICECEi9_cE6WMnx5YCnvYQDgAoBmAsByAsBgAwBqg0CREWwE7a8wBbQEwDYEwuIFAHYFAHQFQH4FgGAFwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5FBE 0
234 B 159ms
59ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lsw9n35y&c=6973195534172&slotId=3486597767086&qqid=CKOL7ICnvYQDFRCgOgUdzmIBAA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1f4&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5FBE 31 KB
18 KB 202ms
84ms XHR
text/xml 66.102.1.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CTP_Euef5F1TepmQf6nJXIAzggBypAA8jfH5IvgncGkv8Xe5jQOubu9NdNwhcN6WhuIz5TGfres0ti3L4Bfop38eZClQ&cry=1&dbm_d=AKAmf-BagoSrp4Et4c-zuVyb_QH_5uBD4iYQ5LzC4gjLs0KJ1HGNsMfHir4K0eqBXU9wff7ibsXst_hg8DwTjxAXaF-9kGYpO4AAFvaudPe7aq_EEvii228tFzXpx7vuCDGhreFjEY6KfWRqsQKK4EhdNr9IGG0oEF1GPA7AVXoNXadBK6NHuCMmR6V9TmjnTPi3mnCOrGms2yQlHtaj6Wu0YlAukN5o4c_Gzw7Tb4MXGQ6JF5Blh688VxHaV8OAfiOQrUB9Ss5mEjwy18o5E-orTRG1Gh47oeWZ7x17HAyohRhUh1LDPiD4M2d6JDg2_QAgKGVbdpqvYCDUXhRmTutLIacCj1D1_EluxWVqR_AuxQaMNaZo8c8Tj_dzuystMsqv0BS1Eq9feychU2M6TMT5_bxmT2hgrYGJdg5KE-gwCwK7T31IqMF6bYSiWXaE22ThsZ-kkUXC-6Z0Ds01tPQiHOhcvMkSvj4r4Y9fHunniCz2CagcRU_7MxXLT9-9cDCs1TSg10-Fd8AVcUUrPV4oss22ZTfcjx6XoKKLdVdLwcYvAugsTvRshMgoSJGFlAkDoRcL_QKMFkSGyWN22jSrZhfWvyAc2A3fh9UYn02CGMDeCz0ucBpzw4TJN04w5gyQTFuDVmqtZWspHGKqP1fI5RzNXo0HwtkX_gre7qeMjhwv_fRbr8cCQKgsNQcswHe0jcbjvQfq3wl6mMBjD1k_q0nAzs1vwtfaMLNCX9C3aHYWOg_lx1R8tNqgm3hr2kdVlXiqeo6NYREorV2aW1tlPhQ8XGmSHul-p43TfFXvv1PvrRaKvIh9tH4rYEyfoVH2CanDl0FFKaeYx2g0KyAJfizg_ZEd9QC6eO6PKyj_yLGqfjJfRTDDbsa4y13HHoVGReqPBQz1qowVxywwZNMnNdyjQdEnx-qefLNeOI68H1_F2T3zkMpmVswrbso_KzET9hHLlwTZDcv4LTBD6E5lRW9ZZm9FHjORvwUmwCFSwHKlXbdytpl_7P5SaUGF2YYjME18hXJ9plbQlooxJ8KVdftn5i6azVCOlJAgWQFm6R1odtGZmwm7m9nqw11t5JW4nGvvndrKk7i5cPpB8DvpJK6xg1S5-qSCCnsZbq6l__XvjbpqiyMMLEF-omN0IPTpDfC-B0IakF8SoKrX7DvxGmhpVkDNIf1UDQg__Bh5Tc_TZluPh8oVCNulE2tH17s_H2CGm6W21saKY60Rg1hMQD6XrzRLF7qYoHlW3voqZBU1LPyK3DB-H2yd3yQT6ndIR2dtE3-VMHFEZCal3AOQg7rOde0lwlQjS_WdlAXKmWwCHIrnHS8ZZWP4FTr2tcuVIb2ACvUilly0NOWhKdrhrkkqEnXVRONVQwNBdfmKJgFk-BxAPT9-TDdpl5waG3BYTHrkh8a9iQOGq1-ib5HR2XHnx8HuD4eG20WcTpvPzwBt1skyvT7PsQd4is_3uQGMcGhUcrda9Z32sYmy7xOO_qctJ7DfksTWi0rohmhDc7rb9xGYU0Q_dgWz9D0mT9CEHumOv5GzjbeU6OKiPBhASuwdicV5pAxOW3KuuDAd6QzB5FKdHUb0B4IQhcDnwE19VjK7MfexD88qdW3VkM711fe2BuXdlMUUrOrgrtwVqNxYSCmiS7DqDfXHZYs9Rj8KG_xbfc3akfjyJHhGevSHNpeyoPWkdZ6OiRCyU-ruOImEH_oa3wz-3VJ7m7haAxa1opJMAkF-4TUA9bwiWVOxnCEDSXMdKllrs_U3wXbx306eJWCHBVA1SgwA3PYHkVbuuaTFjZNvCM2wT4Osyz3GIIYCocYZqa94xVeZTS69baQ998eKPEdckBhfG0k0jNVPAzdwWMJHx2VQjHiMQMo5iR9SeRWSII4jNP5T4716Fo1yvgkQhiiSAeMHKdnVtvJo_RlmwJJvOzYVvfvcDfcQxmiSvNTDsVFXF0ifwb1_gBsbcxfn70Y9kEls8CSnIHrwztf2KVzXKgY5dJQ0yDcpkG0HG9aVEnrwwNVv7oCmogpDljMJ_ghSFEQ8YcqxRvcLoaUxyEcqlFq0B99kkwf4sFGmZacy8PPDY7NK6ckaNWW3UzDnNrvEf-BUk_GJqajhWgxU3bir-nUNrBwQODG6GD-R_-HNsqYR4HTxyeolIghZ09ZcwSqIo0gUA58duEGo4SPOF-VVIcxaIeqo3s8vN23SVHSprTQ86HmPd3cFTiGOFrIY55Ba5hUtAXN1z6amsk8jbi0ThMGC713eHLLO8-SOlOcoGi1YLTkEIA_eLulIOzfTt95Fr43odwMojP3Tn0gPT354-Z0tK98jqIJMOMl8WZ4ySMPm8x_rbWgWrvWT9xIj-l9PsV8O3B7UNltHEY67RRfThq9t3xOEd2PbxPo56d3tovGuoMjV8WXeysV_8Udj3Z-fndEmWTRG4hMr_CjuLZHhcjxF2y_RQEHZS_CP18KJ5zZQy1BbYyoHCH8-ZJ5gWvWgSE2MMH1UOR-4bslVOHT2iSvoHyvuSNR2TP7rwAuNIyj9AYWe_JPhiP1mmRSVlN4RmeKZ4nURGcfdkz0Hb0YcqyeHnurrQfreFPi1S0yD_ZjlcdvIxx3aZLxqnVmL0t2fX0R_c0BiWQZRgn1GbaKqMGQ7P8brL4RXyxsc3AAxSV_xe-qffzlZYRmlm83-Y0paB3EZpquUUudc5As9BtuT9ZlbzYHgZyST6dOvQgAGfhGYIZbsz7ul5DojT2RmRYx4w78_8_TW9mruZmrcNTiMHLEmqCisHXdUF8b5tkY9wNXlYKDeNcR7n-aooHMETXkXoobdC5jnkOhJhzlrddOX8W_motP73w9vDVna-QXTjKk_mviu35iQOU15NI0-6IClluFIyK_WaGANYgw0cr79SfvyXR0I7gaBjQM4aQzj3g8lPesDFcmK3lcwEGdhXprm21VMcOQhUvAgMewv_7kPKbFvo7s6gxrJhz9LmrdkJQrMJzxMYtcpmCCFALgS61oNa0RGJbXMDOTJ4pAnUwLyoFmMWJw_W_eAQd-I3IkXzH_G4iOb9zciA_AjjJB1F9Ir3TOJHukB88i0a6LuEGzU6HCE99eAWeROAsXeARSrAWxUznCk5MBhCM7r0OaPGIPyKxENC0BMevZy1v73f00QBsw4WrRtImgseFlBFc-vYcnNpdxRT_6dc7VK1LI5dKFabrAKJt-gWK5wfDjQeJgvfNSKSmAlJ8WinoDDxTHc0iXBDtwbfTZaViOOHT6cM-ajACMOe6Kv8jgvs9tI4ttyOlxK3eeRu9L208U07Xl91sYAi2Vxe-a5jh68QNxUxUn3O9u1bNfJa6NqqCmJxy8T4fcBrLXz9iY8XZk95Y9OPYNCdiyLdXcQTp65e4SKH1hqAfHQ3y3VIWIx-BCWgZrGl3IAV8K7vcAXPAU_MUSgmcABSbXczWVX8rrHKyp5V_YZ09zFbQVJwBupFWyQJsskt_dMp60IxRN0CnxM3DiZDA53WrUfuPxMjb2bu-zWTjTEYmyzt-QoU-qIE0H0HaofaUgbxo6ONJX7VfuuB6jsEw&cid=CAQSTwAvHhf_0-4orFCdfLRgc1jhsnaWpwSgekdX084K1ETXsd82u-KZ1Ge_ZxWdjhjIAql0IUF6P6aBzxmfsk3m0VDbu56Tjd2huAHeQroQKYkYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f154.1e100.net

Software

cafe /

Resource Hash

11c2f39d39238d777b705ec5f86d8a9e0f9865d4e43bde781168f14ecc7e8760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17563
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 57DA 4 KB
679 B 61ms
60ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1120870900851611&output=html&h=280&adk=2781267418&adf=3261275988&pi=t.aa~a.3938508211~rp.4&w=747&fwrn=4&fwrnh=100&lmt=1708548462&rafmt=1&to=qs&pwprc=9861555751&format=747x280&url=https%3A%2F%2Fndb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708548462080&bpp=1&bdt=1869&idt=2&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3583361956&nras=2&correlator=3947716604800&frm=20&pv=1&ga_vid=1669021588.1708548461&ga_sid=1708548461&ga_hid=1141262434&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081348%2C44785292%2C44795921%2C95324581%2C95325067%2C95322180%2C95324155%2C95324160%2C95325793&oid=2&pvsid=598704430103455&tmod=766683944&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 20:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 19:05:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 20:47:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame 57DA 2 KB
822 B 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/ Frame 57DA 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame 57DA 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/ Frame 57DA 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240220/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 14:20:35 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 57DA 0
0 50ms
49ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDFdcEKE7HrPXYu6BmWVPypvoE_IRuYu5J4Zn6GgaBg6BJgM89uPgAzLsUvSrMrCHbzDPp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1120870900851611&output=html&h=280&adk=2781267418&adf=3261275988&pi=t.aa~a.3938508211~rp.4&w=747&fwrn=4&fwrnh=100&lmt=1708548462&rafmt=1&to=qs&pwprc=9861555751&format=747x280&url=https%3A%2F%2Fndb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708548462080&bpp=1&bdt=1869&idt=2&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3583361956&nras=2&correlator=3947716604800&frm=20&pv=1&ga_vid=1669021588.1708548461&ga_sid=1708548461&ga_hid=1141262434&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1504&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081348%2C44785292%2C44795921%2C95324581%2C95325067%2C95322180%2C95324155%2C95324160%2C95325793&oid=2&pvsid=598704430103455&tmod=766683944&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 57DA 204 KB
61 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 21:14:17 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 57DA 36 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:44:04 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4536939099708634335/ Frame 57DA 6 KB
6 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4536939099708634335/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de71d903dfd84a219550753a442d1d29e89008228340ec2088631e80246eb37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 13:54:06 GMT
date: Thu, 15 Feb 2024 13:54:06 GMT
x-content-type-options: nosniff
age: 543216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5749
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 16:34:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10329976837787478702/ Frame 57DA 7 KB
7 KB 47ms
46ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10329976837787478702/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2091fc9a751fc74b088ffb15aa475f87ed030dec2a54d6003e90e789e7a0b6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

expires: Thu, 20 Feb 2025 06:20:03 GMT
date: Wed, 21 Feb 2024 06:20:03 GMT
x-content-type-options: nosniff
age: 52059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7528
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 05:56:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 81ms
79ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Feb 2024 20:47:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 57DA 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 996c8d5c3eb3bc9e0be17720a369d0997cf50d985ef900fa6ac63cd4775d182a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 57DA 16 KB
16 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:52:39 GMT
x-content-type-options: nosniff
age: 46503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:52:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 57DA 15 KB
15 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:30:26 GMT
x-content-type-options: nosniff
age: 47836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:30:26 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 57DA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cir0abmHWZdarDYywodAPw7W7uAyjp8HWdZnVkoWzCrKm3obpDhABIMfJuB1glaK1gsAHoAGAh-zwAsgBCakCgYqCeXUjsj6oAwHIA8sEqgTPAU_QTz0a2HU56tZOKDDo_CmZBKlBaKLL0QN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223691334325921243817%22,%22debug_reporting%22:true,%22destination%22:%22https://geoworld.mobi%22,%22event_report_window%22:...

0
0

80ms
80ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223691334325921243817%22,%22debug_reporting%22:true,%22destination%22:%22https://geoworld.mobi%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22773522304%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22199455362788686017%22}&andc=true

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3691334325921243817","debug_reporting":true,"destination":"https://geoworld.mobi","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["773522304"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"199455362788686017"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Feb 2024 20:47:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 20:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3691334325921243817","debug_reporting":true,"destination":"https://geoworld.mobi","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["773522304"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"199455362788686017"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js Show response
pagead2.googlesyndication.com/bg/ Frame 66DA 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f13b32e612863a4776a59c4767e0d55c2339defea65adb7ce65c1e347749d1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19817
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:42:48 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 18D1 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-gDe6A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 5FBE 0
45 B 61ms
60ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lsw9n367&c=6973195534172&slotId=3486597767086&qqid=CKOL7ICnvYQDFRCgOgUdzmIBAA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5FBE 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 02:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 02:38:11 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-4g5ednsk.c.2mdn.net/videoplayback/id/ebbc75ad1b295f0d/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214474/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5FBE
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/ebbc75ad1b295f0d/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214474/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r5---sn-4g5ednsk.c.2mdn.net/videoplayback/id/ebbc75ad1b295f0d/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214474/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

206ms
40ms

Fetch
video/mp4

2a00:1450:4001:6f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednsk.c.2mdn.net/videoplayback/id/ebbc75ad1b295f0d/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214474/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2B291D83A4DE55DE8339C8F8F920D557E0676301.5A6AF518C8549EF7C6D796AE857FF2746B609934/key/cms1/cms_redirect/yes/mh/rO/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1708547133/mv/u/mvi/5/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:6f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 20:47:43 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4308767
Last-Modified: Tue, 31 Oct 2023 15:32:48 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 21 Feb 2024 20:47:43 GMT

Redirect headers

date: Wed, 21 Feb 2024 20:47:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r5---sn-4g5ednsk.c.2mdn.net/videoplayback/id/ebbc75ad1b295f0d/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214474/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2B291D83A4DE55DE8339C8F8F920D557E0676301.5A6AF518C8549EF7C6D796AE857FF2746B609934/key/cms1/cms_redirect/yes/mh/rO/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1708547133/mv/u/mvi/5/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 5FBE 453 B
585 B 79ms
78ms Image
image/png 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-1120870900851611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 20:47:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Wed, 21 Feb 2024 21:37:43 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 78ms
78ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Feb 2024 20:47:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 64EA 23 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 04:32:47 GMT
expires: Thu, 20 Feb 2025 04:32:47 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 64EA 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 15:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Feb 2025 15:14:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 64EA 0
20 B 82ms
82ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BnDz3bmHWZeeAOpqThcIP1fedgAMAAAAAOAHgBAI&bg=!OTqlOnXNAAZN4L4YbeA7ADQBe5WfOMgJVWZI3AhhsqbRudE-UuCEIY9BX-8uXm8BnWBn9aimbn7VmutyBB6F4Qv_2-bRAgAAAHtSAAAAAmgBB5kDAb1aoLxVANxmF-yTdJxsn-d_9PbVv4rzsDngTtv_xHbe-rexH7HldHfd3S6fzliofWVGlolW09yot-FMAMuwoqp24UKYkR1flj3jT4PuDNFceOLEewnBbxMEaJoPs3Rom3o7dllk5pmzf38ylfpdHc8H_ZRN-SMNPmx9qn6EEAOo1y4XFFptRubeyai87H0PBfkKueXvkWWLQr9fto-shIg_G_5dvzlmK8jb4yJSYPNmCzRebH6GFgHZSPpDAHDbKKRF8f4srKd52Pe3ZyY1Kw1hPpjDeEC7eHs2LY1g1PQwimHOEMG9XZibFACdcJCIkESyZ887A7Pt5IHN_g0raA9DUnsA92VLTSapTmXl_Inlov_fMqx7m-aSUTblKQOqXgRccQyh1LC-7tAG-V7bKxl769zYhfMsfLvXLMfMIB0VXlJha-AkmnW82fpekUbW7Zmkbb5jGe3VwSVGGj1KKHGyODFG5YTVW6syGMW5NY3d4xnHK5Oyl9ivydXh0qJKA6rQsqFXNVIw-pa8nszpVlii1xmEWn6ewLYmi-dsAsLPuPXZ1tQgJUQUNWbVP4AI7sr4-TbB1huiNsoOc-Rsw1UBOPvMMRHDAZFbGgBX4V5iSQfRInfy0siYPjfmGeJt9Yl2CFe8uiGjDWfzSYUbvzB56YNjCQww4s-zAmjrPnoVGYPvUkAmjRPZCO3bhgyuBETjWaa7vDjywh6dwZ5r3KKUR6TGhVfXhgxgi2Kewp1YzQ0aYsYwxBeMKPmUCD6fA_5lhBhKxfRS5PN7pBYzASGw2BRy60OL2BMMJxppFCQfNStwoS5pDYs3ol4gd2SYuutYENJAvny3YBkuuhaPS6r_U7FOcpfoz0E6PdIoKUO0dso-KoR8Fgl_g18qzBecGiSE7u5Z1IWEt_DsrnWjbMwVY1FukVFc1nQqXz3Fzh_Ptxf8bsjRx6a4oi-g53t-YPz1o-zVIPMDcGt5d2RJbxMoMxuLNchBrv4HgtlmnUy-RSX1qz9E3vQHnU6NFHF0fVE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r5---sn-4g5ednsk.c.2mdn.net/videoplayback/id/ebbc75ad1b295f0d/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3843214474/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5FBE 320 KB
0 83ms
40ms Media
video/mp4 2a00:1450:4001:6f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6f::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 21 Feb 2024 20:47:43 GMT
date: Wed, 21 Feb 2024 20:47:43 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4308766/4308767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4308767
last-modified: Tue, 31 Oct 2023 15:32:48 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ABEB 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9rDQdWfmuyIdMbu-iWi9j9H2JEJvOhIawrtk4pz4F8iZMi0IRtVZX3WHbpmS0pW3IjBUNMoiLjBTdf7rAqwRBFU122xDa7-PM0s-y4bUT5yI660juAj9MMP2PMSWHatNUUque4HGJ6Qn_JbCvWDtSX4zS1u-lILJ4_Q&sai=AMfl-YTNLUQMqCMHbf2bzznOvrdA4ulOz1mpUpEsS2QxLYBzAH47CXZ6VCg36yn8ElJNTaImf0Uky6uZtoaAufQllY6_iszZ4WzIKP9jJQ0pbxz8AMBykBGOqV_uybOHtDjFdkmmmVExaTCUprHU4eYxvw&sig=Cg0ArKJSzOEpLnLY5fiGEAE&cid=CAQSTwAvHhf_0-4orFCdfLRgc1jhsnaWpwSgekdX084K1ETXsd82u-KZ1Ge_ZxWdjhjIAql0IUF6P6aBzxmfsk3m0VDbu56Tjd2huAHeQroQKYkYAQ&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240220&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=448126200&rst=1708548462197&rpt=312&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9D5D 42 B
64 B 82ms
81ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDTBNocREZZvJrKEE92hh6zguzceh9oJnZLVtvSOG8ZHKTljPWPmjRALYXAiP9pdgAyZ7Q5yDYFgjrD1pG229vR_61uTZTAJFaeOrcfeieTp2aH9oDOSSxNS0uqsaLVphA6yNejHxFMUa3tCd9mKOZyIJLeMkVQfgbuQ&sai=AMfl-YQYGmMFoeGtvvQVkrUQO9PlRNDDsz5n9nTYn8ie4KxI5JJx2V_DTHsiZKd9E6IwXjWS2EP-KjdcjCXqtPNdQr9b7ifxWH9KnHNZNYeQm5MHYq1W7rlkz0YyKUc5Sn94CRX4D7WjoFcmXiSFxIgkiA&sig=Cg0ArKJSzFSslnQBukGPEAE&cid=CAQSTwAvHhf_0-4orFCdfLRgc1jhsnaWpwSgekdX084K1ETXsd82u-KZ1Ge_ZxWdjhjIAql0IUF6P6aBzxmfsk3m0VDbu56Tjd2huAHeQroQKYkYAQ&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240220&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=448126200&rst=1708548462193&rpt=349&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
80ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240220&jk=598704430103455&bg=!LS6lLmHNAAZ3BdUuVwU7ADQBe5WfOCIh6v4A0u1DbblveeYfKnuCP7yM0tgfoyPDurpwmQ8rGKu8rHYn4x5yHBYIGWOjAgAAAL9SAAAAAmgBBwoAVR2o-uhWIcWbfoTzGN5yQVJnSwCPWXngqbhAV_Wn56KqLxMKScnzoR-U8kpvPBckBoupv3GWcT4KZNLI6qQwEcF7-4lXNQEEOn2ztJL4ZQMyLeueIN-ZAwatGrSdSmaYKRdFKfrl5qMbT38IcRBIK7eGn3lhkAgJQcyttFW7FTKtHKsQG0MUSP_0xGEkfsXBL2Smu7XEhXDGpw_vvBYgUqnwg2t4hqFQaAAKaSMaNzibfemdcAWyu1VzfAPWFx4QZ8aZa1hbYNqbc_pWkF9EXWH89a9ZDsDqUbe2pSwmhoXdlVhuRribWh2xj8Ade6QdQOYffcDtDHIHL_0taWXZPnHtlpyv6trPTL0vjDC_5AVV8FTq2f0FF73f8-UBp3RrhjIoYf6dXf-Zg-yHGmSuQ99l93OaZJzioGxX67Lex8JnCgg0HvNk5nhXtZwR1F1vQa2-mNG754z0Seu_W9h1I_7w1zHYSJeBacDzf5vXOvcPxKsJu-yERlhGTAAY97h0buS3DZsVkmER86DEtDmRZtB1XFUjYCEgXlldew-wochF-ntRbfdaJgFst8uouKpsgvN2EtBW14obDlYFv-1gZsn5fx_ldKxn3DJbaMTtJeB2p5_-OUvj5hA006HYnbF9f8KCouV5GW6q6FZcokmxowrBGDBghxk9I9PXTK5VqHUUWLzdKtkuFuy2Ex5YxLr0aflkIw91nFVapAdN3qdW__KlLzUA7NVyV87Vb8KryUEKdX_ojagAkhSSJcqKcJttjRCPOXs7rf3Ov_EQp5Adc97wNvqsISruq6wKETPk2oqf9KGa1XeMPMFyFIEgO1Pv1l9nfZWDQgKlNbqZcRE1BdqGP4WLofNOa2hDKBT1FcP0r4wXR1vCCqraZT7xW53qbLZdisFSgTrc43InSFzax2Jw55P20CjPhrujbEZ9RcPGYLML8s1_fDcsGe7Rmw_LtY-tEFYozxWPWGcWIWBXwD6EeqFn7tPtqww8nY6at-vBYD-XuFaapcHzJIUq65aMe4kFpGsFVlNbIw5cksDFPjtvJbakR3iZCPCsPlcvM5pBuPdWBjnmDjMY3Wv9bOl4WM22bGPQYrcj5QvuNw64ExIQtFWnoBui_7Sn-bhxl89EqcRRB6OCO8Xc_Azj0eg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8F4D 42 B
64 B 83ms
83ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst46UkkV-kBkVbtMyDvnDZt5N171O-avV5V5kdjn8Q4erS-yreMQbfTSfFkJw0has2A4fhaXIn7F8-RkzecqmfWsA-ZL-vUYhRWc94D7KEawNssUIyqeICQtGaCNqE_eboJx1xkPCKpc1JNXMJyyS1HCH-cNRdseScCOA&sai=AMfl-YRbBjJBeL-o9jtozV3lVWjbrfA0oQ8zt7kFKDG4El-Sy3SgouJ4IVqS5S74V_eF94bZvA1K9WmPopdpmJhWDDr6XRsnjUzomsmaD5-JMIgGPJt_jY_opyBrwKOQrciIqRglBDpRx9aCmY7obywGhg&sig=Cg0ArKJSzIIlkE47vjjaEAE&cid=CAQSTwAvHhf_0-4orFCdfLRgc1jhsnaWpwSgekdX084K1ETXsd82u-KZ1Ge_ZxWdjhjIAql0IUF6P6aBzxmfsk3m0VDbu56Tjd2huAHeQroQKYkYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=283,953,1000,1000,1000&tos=283,670,47,0,0&v=20240220&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=448126200&rst=1708548462199&rpt=567&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5FBE 0
17 B 61ms
60ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lsw9n3ci&c=6973195534172&slotId=3486597767086&qqid=CKOL7ICnvYQDFRCgOgUdzmIBAA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2094&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1ll~atrd.1lp~vil.21r&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 20:47:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.comodo.net
URL: https://secure.comodo.net/trustlogo/javascript/trustlogo.js

Domain: secure.comodo.net
URL: https://secure.comodo.net/trustlogo/javascript/cot.js

Domain: smarticon.geotrust.com
URL: https://smarticon.geotrust.com/si.js

Domain: seal.verisign.com
URL: https://seal.verisign.com/getseal?host_name=NDB.COM&size=S&use_flash=YES&use_transparent=YES&lang=en

Domain: d31qbv1cthcecs.cloudfront.net
URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ndb.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 841aa867cc05b50ffcf6315c348151df
.ndb.com/	1970-01-21 04:11:48	Name: __utma Value: 168918974.1669021588.1708548461.1708548461.1708548461.1
.ndb.com/	1969-12-31 23:59:59	Name: __utmc Value: 168918974
.ndb.com/	1970-01-20 22:58:36	Name: __utmz Value: 168918974.1708548461.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.ndb.com/	1970-01-20 18:35:49	Name: __utmt Value: 1
.ndb.com/	1970-01-20 18:35:50	Name: __utmb Value: 168918974.1.10.1708548461
.ndb.com/	1970-01-21 04:11:48	Name: _ga Value: GA1.2.1669021588.1708548461
.ndb.com/	1970-01-20 18:37:14	Name: _gid Value: GA1.2.1394138487.1708548461
.ndb.com/	1970-01-20 18:35:48	Name: _gat Value: 1
.ndb.com/	1970-01-21 04:11:48	Name: _ga_HC0WMXK4EJ Value: GS1.2.1708548460.1.0.1708548460.0.0.0
.ndb.com/	1970-01-21 03:57:24	Name: __gads Value: ID=9a0cf43d0d572c94:T=1708548460:RT=1708548460:S=ALNI_MZDvsHsryOFntpvLFN8tDhL-Y2DpQ
.ndb.com/	1970-01-21 03:57:24	Name: __gpi Value: UID=00000d5eef92d7af:T=1708548460:RT=1708548460:S=ALNI_MY5NtL_Js81HCCDGKUHw2zlZOG15Q
.ndb.com/	1970-01-20 22:55:00	Name: __eoi Value: ID=e5769be0448dfd35:T=1708548461:RT=1708548461:S=AA-AfjZLgV30CZhtYR6rDKkinhJD
.doubleclick.net/	1970-01-21 03:57:24	Name: IDE Value: AHWqTUmzrPaFr1oECtXg0NyBRCn7jRjaQjLGN_rb6JQ0H1qN256sSIKwWRzwXRIWYQ4
.doubleclick.net/	1970-01-20 22:55:00	Name: APC Value: AfxxVi4xzFUw5UnOY8gR7G7DcJqg4w6oMHj2Qxm6KwjbSJWeEvrB0Q
.doubleclick.net/	1970-01-20 22:55:00	Name: receive-cookie-deprecation Value: 1
.googleadservices.com/	1970-01-20 20:45:24	Name: ar_debug Value: 1

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://seal.verisign.com/getseal?host_name=NDB.COM&size=S&use_flash=YES&use_transparent=YES&lang=en Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://smarticon.geotrust.com/si.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://secure.comodo.net/trustlogo/javascript/cot.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://secure.comodo.net/trustlogo/javascript/trustlogo.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ndb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
bid.g.doubleclick.net
csi.gstatic.com
d31qbv1cthcecs.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
ndb.com
pagead2.googlesyndication.com
r5---sn-4g5ednsk.c.2mdn.net
region1.google-analytics.com
s7.addthis.com
seal.verisign.com
secure.comodo.net
smarticon.geotrust.com
ssl.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
d31qbv1cthcecs.cloudfront.net
seal.verisign.com
secure.comodo.net
smarticon.geotrust.com
142.250.186.98
2.16.184.115
2001:4860:4802:32::3
2001:4860:4802:34::36
2a00:1450:4001:6f::a
2a00:1450:4001:803::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
66.102.1.154
67.225.226.38
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
11c2f39d39238d777b705ec5f86d8a9e0f9865d4e43bde781168f14ecc7e8760
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1c48a73205a874a4ec251a9a32780d82bf51ee4d2a833e5b95f951e9b091c448
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2091fc9a751fc74b088ffb15aa475f87ed030dec2a54d6003e90e789e7a0b6ee
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
25524fb7d8757bdcab19831f71d8e2a3d73d2203d712876b89450301a8b9a002
28d96ab8862f846e833cdeee4362a16ac2b091c4e0533295bdab3e0bab5b423c
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4e031094b89c2df677edfd8918405029e24eacb6ed760c5a8c5be0be5a783ea9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ea0a2bf2e4ba86815782535de2bf697c77611dc7bf30a709bc9220aa21c0c00
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6488f2b4fe024410743dabd64b6eb61ea5e59b1fa6adffd667f4499c1fed225a
6d8f2305dd012fc711a0a55c2b8539a017564d884503e016992fe274aaba8095
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
73ebf432b9297f7374cc20d254eabf6ad2ccead492b05471670580dce705a72a
774bc9e31cd2ea70a00dd1fdd92d2ec422bc30e595f6cc6b88e5e4cc82a3cbba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86abb3259617f4512c386d61116fbc8b759cf66d6e9cffe7186929ce187eefd2
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
90ff7d3dbd875b2023601a6da16b73d3c46d2d0d346a41bb0a8a438883e641b1
996c8d5c3eb3bc9e0be17720a369d0997cf50d985ef900fa6ac63cd4775d182a
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a01aed834e69651317a3fe8067cfac7975b269ce97e5e4457cb9d9c6f372c166
a1ea25facd4296b5b02748a1e69b7cb5e18bd422aa24317cfb491f5ca80530f3
a2e0f602756a1944d0e0b5e169f49fcb07039ae7fa834a598e90fb9b51270151
a85cc905198fc18b098bcd68528e6fc182a09048bc13047831638f6be4355232
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b352d6c2b010b883cb0a4b68971be9c4185ee38b667ed01a0ed4ff27bc8f95f3
b445811d083617ab5ce8810190b8483ada068a97df44615127d9c7fcc6b8b8ff
b5792d2aad44edfa3c7d232d705484a25255f594525b6b9e1b1a8b9b0ca1f242
b998563767595c7bccbdbfbd87f2774ebda6aa3636ff5539d84a68bb6642fa42
bd584bebfc505e242f951af9bf2853cd3fda0c6141e27d3313426566fd343a9b
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c63da48fbb051e139025f019a3e77591429ce3b4368af4b1dd075d763b6d181f
c73701f344cc34eaff95c76cb2f880c35b0f90f687ea730f44b9f0a59ca654a8
c8a0bde889915d04a6aab681a717666b915e5faaf0d20c9f646c96f7940d64d3
d191ff4832d0b1b128dd349403314a901b149c2fef7f5a3a81489d05df005c94
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de71d903dfd84a219550753a442d1d29e89008228340ec2088631e80246eb37a
df00c59d341a2a6eaf35103487226f56f0ef344f811aa124f5b53c0743238d4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
edd6ae05b7bb45d4d0ff374cd653d0fb8492a39acfb5d2104cbd02ae577b871e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3918be2ac0fd753c6c28f4080a0417307a7a1c9ccb8a70d3763995817d7bf4
f13b32e612863a4776a59c4767e0d55c2339defea65adb7ce65c1e347749d1f7
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe6989641c7b107b17fac5d4bed19da03c2e53e416f64f3606e037f2682c86a0

ndb.com Open in urlscan Pro 67.225.226.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

125 Requests

92 %HTTPS

80 %IPv6

15 Domains

24 Subdomains

20 IPs

2 Countries

1672 kBTransfer

4755 kBSize

17 Cookies

9 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ndb.com Open in urlscan Pro
67.225.226.38 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

92 %
HTTPS

80 %
IPv6

15
Domains

24
Subdomains

20
IPs

2
Countries

1672 kB
Transfer

4755 kB
Size

17
Cookies

125 HTTP transactions
6 data transactions