www.exedb.com Open in urlscan Pro
78.46.72.84 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://exedb.com/
Effective URL:
https://www.exedb.com/
Submission: On December 05 via manual (December 5th 2022, 2:21:07 pm UTC) from US — Scanned from DE

Summary HTTP 134 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 20 domains to perform 134 HTTP transactions. The main IP is 78.46.72.84, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.exedb.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 19th 2022. Valid for: a year.

This is the only time www.exedb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	78.46.72.84 78.46.72.84	24940 (HETZNER-AS) (HETZNER-AS)
16	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	88.221.168.166 88.221.168.166	16625 (AKAMAI-AS) (AKAMAI-AS)
16	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
5 5	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
134	22

25 78.46.72.84 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.84.72.46.78.clients.your-server.de

exedb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.exedb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.221.168.166 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-166.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.78 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.33.19 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 tpc.googlesyndication.com — Cisco Umbrella Rank: 144	502 KB
29	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	147 KB
25	exedb.com 1 redirects exedb.com www.exedb.com	310 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	173 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 87	2 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467	5 KB
5	pubmatic.com 5 redirects image6.pubmatic.com — Cisco Umbrella Rank: 734	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	190 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38 region1.google-analytics.com — Cisco Umbrella Rank: 2448	20 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 351	1 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1824	550 B
3	addthis.com 3 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2007	2 KB
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 721	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5234 adservice.google.de — Cisco Umbrella Rank: 7808	1 KB
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1148	417 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	119 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 608	98 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 942	694 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
134	20

	Domain	Requested by
24	www.exedb.com	www.exedb.com
21	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	cm.g.doubleclick.net	www.exedb.com googleads.g.doubleclick.net
16	pagead2.googlesyndication.com	www.exedb.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	ssum-sec.casalemedia.com	5 redirects
5	image6.pubmatic.com	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	1 redirects www.exedb.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	pixel.rubiconproject.com	3 redirects
3	rtb.openx.net	googleads.g.doubleclick.net
3	e.dlx.addthis.com	3 redirects
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	odr.mookie1.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.googletagmanager.com	www.exedb.com www.googletagmanager.com
1	id.rlcdn.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.exedb.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	exedb.com	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
134	28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.exedb.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-19` - `2023-02-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.exedb.com/
Frame ID: 0BD4836EC10225B4301D74F4B533B64B
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 8851068EBAFE13CFC6AB763CBA166D96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&adk=1812271804&adf=3025194257&lmt=1670250062&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.exedb.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062329&bpp=5&bdt=295&idt=271&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6908664709052&frm=20&pv=2&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=290
Frame ID: 82FD9525CAE6D9B8351D97992A91DD6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=180&slotname=7596457911&adk=4249632874&adf=2643545132&pi=t.ma~as.7596457911&w=1200&lmt=1670250062&rafmt=11&format=1200x180&url=https%3A%2F%2Fwww.exedb.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062334&bpp=2&bdt=300&idt=291&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=52&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lMx7nydwLY&p=https%3A//www.exedb.com&dtd=299
Frame ID: E873960D32B82C1AA6C461A9A339DBBB
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3480100677&pi=t.aa~a.325680411~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=2&bdt=852&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180&nras=2&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1981&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eL0dJZP4uI&p=https%3A//www.exedb.com&dtd=16
Frame ID: 44A6D63FABB817D53977C4DBA3CC8631
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20
Frame ID: 0258B1316E8CDB123D8F02CD48A8094E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1213588912&adf=4161680572&pi=t.aa~a.1877571844~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280%2C1200x280&nras=4&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=NeEtqVdjEq&p=https%3A//www.exedb.com&dtd=24
Frame ID: EC8490DD1EB28E46F81493DC8643712B
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C9C5A952B239E0A3412A6E19803C6FFC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C8C36AB4564A5E78BF8F63C001A1F909
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C479E5E40396CF42D407033B13119F62
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 6B5D36A5C9D9E6C27FA6BCDCC5A2DC14
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 8968367AF172E503833D9F54978BA31C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 2AE19866BE5BDCBA7361786A7280B590
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8CF719C71EC992415C603A49CA1D31B4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 41264FD9AB81BD651A603406CD6343D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 764DC95A4CB0D034A9AD9216797A0581
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FF0834172D8EADD1EB14CA348BD6D4A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Exedb- Get full files information to control your PCFacebookTwitterLinkedInonly counter so go away

Page URL History Show full URLs

http://exedb.com/ HTTP 301
https://www.exedb.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

134
Requests

87 %
HTTPS

64 %
IPv6

20
Domains

28
Subdomains

22
IPs

5
Countries

1516 kB
Transfer

3195 kB
Size

26
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.exedb.com
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/share?url=https://www.exedb.com
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&source=LinkedIn&url=https://www.exedb.com
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://exedb.com/ HTTP 301
https://www.exedb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FY8HpMnhvudHteqHxB8DVeXaz6D7FEcZamuZDqN62woMOqoCNnA5Iu-uSMXNTCdOEWQyymMGQGDB0ZNVgyUpaSp_dD8QFE0&google_gid=CAESEOBf-xjQog0oCoZnHj6YoG8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FY8HpMnhvudHteqHxB8DVeXaz6D7FEcZamuZDqN62woMOqoCNnA5Iu-uSMXNTCdOEWQyymMGQGDB0ZNVgyUpaSp_dD8QFE0&google_gid=CAESEOBf-xjQog0oCoZnHj6YoG8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDUxNDIxMDQwMDAxMjc0NzQwMTk3Mg%3D%3D&google_push=ASkJ3FY8HpMnhvudHteqHxB8DVeXaz6D7FEcZamuZDqN62woMOqoCNnA5Iu-uSMXNTCdOEWQyymMGQGDB0ZNVgyUpaSp_dD8QFE0

Request Chain 84

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEERmV6vZgZYR7UbPG6j_4oc&google_cver=1&google_push=ASkJ3FbdxT-jrnXme0zvmlDPXiZO5AIqUFNM_kXPJHYL4dgYjbLsWX-Q6OzUWGlPQc3-jyQxV1l6TnVqTr65qKXWdewXMWMzmMzlGw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEERmV6vZgZYR7UbPG6j_4oc&google_cver=1&google_push=ASkJ3FbdxT-jrnXme0zvmlDPXiZO5AIqUFNM_kXPJHYL4dgYjbLsWX-Q6OzUWGlPQc3-jyQxV1l6TnVqTr65qKXWdewXMWMzmMzlGw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FwSGv_kMS1Wwemz7vb0FMA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbdxT-jrnXme0zvmlDPXiZO5AIqUFNM_kXPJHYL4dgYjbLsWX-Q6OzUWGlPQc3-jyQxV1l6TnVqTr65qKXWdewXMWMzmMzlGw

Request Chain 85

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEuqLLy7qMd-fsbl4-wAH1A&google_cver=1&google_push=ASkJ3FbFRtpzhq-xma3oGX9aM5QZRVBb7MrUOWFEakY78E_X1KL5EU_SbIarxrxmH80WuRESMFcN7cyk7yzAF6lCgWGdFRPg0uR9Iw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJIR08tMTktRVNFNQ==&google_push=ASkJ3FbFRtpzhq-xma3oGX9aM5QZRVBb7MrUOWFEakY78E_X1KL5EU_SbIarxrxmH80WuRESMFcN7cyk7yzAF6lCgWGdFRPg0uR9Iw

Request Chain 86

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGfERgJOj4axKe0dCplLKnM&google_cver=1&google_push=ASkJ3FbuMLtg5uQa6bHAzHJWYJfzEvX2m-u9jXObK4sxOIbplGEnLkeybUgXxr5rCwxVEQ7hx0s5ksKQbEVXJuj6WmWrIdjfl0wn0A HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGfERgJOj4axKe0dCplLKnM&google_push=ASkJ3FbuMLtg5uQa6bHAzHJWYJfzEvX2m-u9jXObK4sxOIbplGEnLkeybUgXxr5rCwxVEQ7hx0s5ksKQbEVXJuj6WmWrIdjfl0wn0A&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGfERgJOj4axKe0dCplLKnM&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FbuMLtg5uQa6bHAzHJWYJfzEvX2m-u9jXObK4sxOIbplGEnLkeybUgXxr5rCwxVEQ7hx0s5ksKQbEVXJuj6WmWrIdjfl0wn0A

Request Chain 95

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAz4woIQLN7lb25U-Dz3fXA&google_cver=1&google_push=ASkJ3Fb960I9V7tbK-fNikFH7XpeUuosxQ_LFA4N_vz6S2qUtbLGqZfnXF9XmTHykt75eeQXWEjYitygACA_0mZTaVzLk61JpzIdzIDgHKCtch6vnDwz9o-omQBMfQr7VPXKsPXzGKlTtjmxK-CR7GUs7js HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3Fb960I9V7tbK-fNikFH7XpeUuosxQ_LFA4N_vz6S2qUtbLGqZfnXF9XmTHykt75eeQXWEjYitygACA_0mZTaVzLk61JpzIdzIDgHKCtch6vnDwz9o-omQBMfQr7VPXKsPXzGKlTtjmxK-CR7GUs7js&google_hm=960Dzkwl0WAZTxDdfI1nmQ

Request Chain 98

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIW4Odt2eALb8trsbKxW79g&google_cver=1&google_push=ASkJ3FaSwlGTFXjFTCrMdIxb-MzprZBQqMqwyCXd3nNxld3GyUuDI0qApg2_oCOGtul0LKrO1OOUew8vqA_EOgtXgse5iDvPAE5LrMstUJRu42BxpsM8oZ79qHIguQKJw6it_TA51iGF0nHfbSjqVBNC9Ac HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIW4Odt2eALb8trsbKxW79g&google_cver=1&google_push=ASkJ3FaSwlGTFXjFTCrMdIxb-MzprZBQqMqwyCXd3nNxld3GyUuDI0qApg2_oCOGtul0LKrO1OOUew8vqA_EOgtXgse5iDvPAE5LrMstUJRu42BxpsM8oZ79qHIguQKJw6it_TA51iGF0nHfbSjqVBNC9Ac&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WIFI-FGQTDagP3_MVEs5cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaSwlGTFXjFTCrMdIxb-MzprZBQqMqwyCXd3nNxld3GyUuDI0qApg2_oCOGtul0LKrO1OOUew8vqA_EOgtXgse5iDvPAE5LrMstUJRu42BxpsM8oZ79qHIguQKJw6it_TA51iGF0nHfbSjqVBNC9Ac

Request Chain 99

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGfnWhW2xuyNSNmEFsq3ZwQ&google_cver=1&google_push=ASkJ3FZYVi8PvNb7tlzn_o-an-bt64jW5EQ5lckj_9_FIzkHvEQxUnzOKtnVSP-T-RrHeq4CTr0edr1mXHKweRl9Ngr_-6xYOIxFDqD-tl4oZg4k3Ewz0hyjb0dzXlVWyiA4Ftx5mA4kQAqk3hakWSDgKxQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJISTYtMTctRzhKSQ==&google_push=ASkJ3FZYVi8PvNb7tlzn_o-an-bt64jW5EQ5lckj_9_FIzkHvEQxUnzOKtnVSP-T-RrHeq4CTr0edr1mXHKweRl9Ngr_-6xYOIxFDqD-tl4oZg4k3Ewz0hyjb0dzXlVWyiA4Ftx5mA4kQAqk3hakWSDgKxQ

Request Chain 100

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPSngP2fE6wXEdXJlaLcy40&google_cver=1&google_push=ASkJ3FYWcybeEMEJN93V1bpENXPM7wzcQwKIQWcJnx_Kp40dns4IYrgIhHcROOp1O5IwH66u2z-YyvRlPwXsMLgEhe_PKqNHV1Zxnwm-wafhfJASD0c6ID5YQ9ViVMVbmLw4rNbsI_DJdguK24lr5FfLjrA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPSngP2fE6wXEdXJlaLcy40&google_push=ASkJ3FYWcybeEMEJN93V1bpENXPM7wzcQwKIQWcJnx_Kp40dns4IYrgIhHcROOp1O5IwH66u2z-YyvRlPwXsMLgEhe_PKqNHV1Zxnwm-wafhfJASD0c6ID5YQ9ViVMVbmLw4rNbsI_DJdguK24lr5FfLjrA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPSngP2fE6wXEdXJlaLcy40&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FYWcybeEMEJN93V1bpENXPM7wzcQwKIQWcJnx_Kp40dns4IYrgIhHcROOp1O5IwH66u2z-YyvRlPwXsMLgEhe_PKqNHV1Zxnwm-wafhfJASD0c6ID5YQ9ViVMVbmLw4rNbsI_DJdguK24lr5FfLjrA

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 124

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIDAMLg1BtSDuIbSM6_bG6A&google_cver=1&google_push=ASkJ3Fa7_VoYSZ98no-CiqTlGVUkMthiuClNFMjEmPw3FBm6zHS6V7r4fucD7Io9HGNlstIbMBuYErkrzER3-Vj_siW84zRE2Eab HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3Fa7_VoYSZ98no-CiqTlGVUkMthiuClNFMjEmPw3FBm6zHS6V7r4fucD7Io9HGNlstIbMBuYErkrzER3-Vj_siW84zRE2Eab&google_hm=960Dzkwl0WAZTxDdfI1nmQ

Request Chain 125

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FazNxTPQIxYhkuMezFbnfLuOjvpzIaGnQpFLAGsiHi-hsjEkkNA434EV6KxpENtYUouq-Z7AHsXJWMQlVtirdoIWWatMqGP&google_gid=CAESEPeqVUmomBP5ic-9RyLQouA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDUxNDIxMDQwMDAxMjc0NzQwMTk3Mg%3D%3D&google_push=ASkJ3FazNxTPQIxYhkuMezFbnfLuOjvpzIaGnQpFLAGsiHi-hsjEkkNA434EV6KxpENtYUouq-Z7AHsXJWMQlVtirdoIWWatMqGP

Request Chain 128

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIx8g6197vHiahSnJNUotEA&google_cver=1&google_push=ASkJ3FZmmOnL8y1TbUlUthIv4jJ1YLF1xJvRMZ-2uoSrQxdUwjTozmlcSTRvL7XwC6Oc_umigMOJNSgHkY2r4z5v6WHSscU94iN- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WIFI-FGQTDagP3_MVEs5cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZmmOnL8y1TbUlUthIv4jJ1YLF1xJvRMZ-2uoSrQxdUwjTozmlcSTRvL7XwC6Oc_umigMOJNSgHkY2r4z5v6WHSscU94iN-

Request Chain 129

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA-PEHHKNtLjpGqHUaVs204&google_cver=1&google_push=ASkJ3FbI4VJHVSYIRvHuGD7y9m0aZoxFjo6R6ny06LWBJ3-QiDfs1elA37uyHEKJmt6l-gscLkd7Vdg2jQUchMedopJGH-lDKSU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJIVE8tMS0zUkxB&google_push=ASkJ3FbI4VJHVSYIRvHuGD7y9m0aZoxFjo6R6ny06LWBJ3-QiDfs1elA37uyHEKJmt6l-gscLkd7Vdg2jQUchMedopJGH-lDKSU

Request Chain 130

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDSQHZidLxy5kdGjc8KwnlU&google_cver=1&google_push=ASkJ3FZjkSOIsO5Ux2wSQ2DfQnEuEW6j75hN9jpRD3GF_y7NKNw1u7E8X9r1WvDeOea6YKE_IVGHxaM3K7GNZdR8BR5w2a_3faU HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDSQHZidLxy5kdGjc8KwnlU&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FZjkSOIsO5Ux2wSQ2DfQnEuEW6j75hN9jpRD3GF_y7NKNw1u7E8X9r1WvDeOea6YKE_IVGHxaM3K7GNZdR8BR5w2a_3faU

134 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.exedb.com/
Redirect Chain

http://exedb.com/
https://www.exedb.com/

26 KB
26 KB

124ms
48ms

Document
text/html

78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: dc5d5612833e92ed863eea6cfa0ad883b8e10e6f459ee0ef4fa22cd03a8b5125

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,public
content-encoding: gzip
content-length: 26651
content-type: text/html
date: Mon, 05 Dec 2022 14:21:01 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding

Redirect headers

Cache-Control: public
Content-Length: 145
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Dec 2022 14:21:00 GMT
Location: https://www.exedb.com/
Server: Microsoft-IIS/10.0

GET
H2 200 jquery.min.js Show response
www.exedb.com/javascripts/ 87 KB
30 KB 27ms
27ms Script
application/javascript 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/javascripts/jquery.min.js
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 05:40:40 GMT
server: Microsoft-IIS/10.0
etag: "0fc1e2c6d3d81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 30891

GET
H2 200 global.css
www.exedb.com/css/ 34 KB
34 KB 52ms
51ms Stylesheet
text/css 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/css/global.css
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: aa52eb9758da3df8598dbd4f1474430348b9ab5e00bb3f92e408361e51e5a273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 07:13:26 GMT
server: Microsoft-IIS/10.0
etag: "8b14c3f440ddd81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 34617

GET
H2 200 header.js Show response
www.exedb.com/javascripts/ 1 KB
1 KB 25ms
25ms Script
application/javascript 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/javascripts/header.js
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 22735c99662bf4eb65b6e29db04af4cfc8ac31d8f14d57dd3c8f17cfad1329c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 17:45:20 GMT
server: Microsoft-IIS/10.0
etag: "0b8ce1362d3d81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 1147

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 149ms
98ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f5d261f091009d3e677016dc309e117007536f845dd2cea7987fc3f6735daf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Origin: https://www.exedb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49176
x-xss-protection: 0
server: cafe
etag: 10766988903339266381
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 14:21:02 GMT

GET
H2 200 exeIcon.svg
www.exedb.com/images/ 895 B
986 B 28ms
25ms Image
image/svg+xml 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/images/exeIcon.svg
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 3819c12c3b8c977149633c15d23580e969a14932273a683d90d759165fd04466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Wed, 28 Sep 2022 16:37:46 GMT
server: Microsoft-IIS/10.0
etag: "0696fa358d3d81:0"
content-type: image/svg+xml
cache-control: max-age=2592000,public
accept-ranges: bytes
content-length: 895

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 160ms
109ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64897fc113de26cd49835ea3a96f6579a5ccf2f3cb462712876ec21d2d2fccea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49192
x-xss-protection: 0
server: cafe
etag: 15389727635891509244
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 14:21:02 GMT

GET
H2 200 windows-10.png
www.exedb.com/img/ 4 KB
4 KB 93ms
88ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/img/windows-10.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 37cafc5862e19d18cea36568136f60beed1ac1bcd9310c1b1ea3e6d57cbc81b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Sat, 20 Oct 2018 04:13:01 GMT
server: Microsoft-IIS/10.0
etag: "8741f312b68d41:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 4309

GET
H2 200 free%20up%20space%20on%20hard%20disk.png
www.exedb.com/img/ 6 KB
6 KB 40ms
36ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/img/free%20up%20space%20on%20hard%20disk.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 40cc951045099e9bb483f4051ccf3778cde0f05dc15ee98c5550659c3d503469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Wed, 17 Oct 2018 07:04:22 GMT
server: Microsoft-IIS/10.0
etag: "01f62a1e765d41:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 6248

GET
H2 200 analyze%20disk%20space.png
www.exedb.com/img/ 6 KB
6 KB 42ms
38ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/img/analyze%20disk%20space.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 245ba6959e4932066e1ca8b683e51cf70659b3c566e61e66c2100205ac29ce46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Wed, 17 Oct 2018 07:04:12 GMT
server: Microsoft-IIS/10.0
etag: "03e6c9be765d41:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 6280

GET
H2 200 virus.png
www.exedb.com/img/ 5 KB
5 KB 37ms
33ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/img/virus.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 83f0e68a8996d13ea9a18b35aba5ffae72bdfce735a8ca1dd283888040b7284e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Thu, 18 Oct 2018 06:12:26 GMT
server: Microsoft-IIS/10.0
etag: "4a62f38aa966d41:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 5215

GET
H2 200 windows%2010%20sudden%20freeze.png
www.exedb.com/img/ 5 KB
6 KB 68ms
64ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/img/windows%2010%20sudden%20freeze.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 47fbd449ff636e31e4f08d0a76fec0cf8529317a2165c9e827c687d836aa8e5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Wed, 17 Oct 2018 06:40:05 GMT
server: Microsoft-IIS/10.0
etag: "1b247c3de465d41:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 5570

GET
H2 200 drprotbox-small.png
www.exedb.com/ 14 KB
15 KB 41ms
38ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/drprotbox-small.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 72b387bc00e9f93fab3ec212d92eaa77690dbdcce950afb73b0782aaa44d9afd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Sun, 20 Dec 2015 10:49:34 GMT
server: Microsoft-IIS/10.0
etag: "0b3db1c143bd11:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 14801

GET
H2 200 all-icon-file.png
www.exedb.com/ 1 KB
1 KB 93ms
89ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/all-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: f5ad10c2437cbc3e745656ad6fd5dc7521809b8e9878ee7fb7050aa9794ed7f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 14:02:24 GMT
server: Microsoft-IIS/10.0
etag: "81266b825398d81:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1166

GET
H2 200 all-files.webp
www.exedb.com/ 15 KB
15 KB 68ms
64ms Image
image/webp 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/all-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 6b86b3e45bd3e74912705f47404dde5182854046d1a49b64772a0da89064f193

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 13:47:46 GMT
server: Microsoft-IIS/10.0
etag: "cd1812775198d81:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 15686

GET
H2 200 exe-icon-file.png
www.exedb.com/ 2 KB
2 KB 74ms
71ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/exe-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 6700cc79f4b6c67f0c884c9f4be1c9dba2a75bca40fc1eeabc6bd0ddeb53abe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 14:01:41 GMT
server: Microsoft-IIS/10.0
etag: "d22ad3685398d81:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1599

GET
H2 200 exe-files.webp
www.exedb.com/ 16 KB
16 KB 70ms
67ms Image
image/webp 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/exe-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: e7c7a89f84427a0e2f60a80a06869475e2c8d672c3a362de715404dae00955a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 13:47:48 GMT
server: Microsoft-IIS/10.0
etag: "248043785198d81:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 16688

GET
H2 200 msi-icon-file.png
www.exedb.com/ 2 KB
2 KB 73ms
70ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/msi-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e09eef723d72c7586178e30c635f747e4699f169fecf04e6f634c75a1587867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 14:01:17 GMT
server: Microsoft-IIS/10.0
etag: "122b815a5398d81:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1934

GET
H2 200 msi-files.webp
www.exedb.com/ 18 KB
18 KB 82ms
79ms Image
image/webp 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/msi-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: f81704626fe9caa119a2f0fe791fc288621b0eec01678dc65f024099ce4107e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 13:46:41 GMT
server: Microsoft-IIS/10.0
etag: "7bff8c505198d81:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 18736

GET
H2 200 dll-icon-file.png
www.exedb.com/ 2 KB
2 KB 70ms
67ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/dll-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: a42b6109e927fad968626dcd1d1e4a080dc381c7407d338b0674fb7f61c612de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 14:01:55 GMT
server: Microsoft-IIS/10.0
etag: "e1262b715398d81:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1693

GET
H2 200 dll-files.webp
www.exedb.com/ 21 KB
21 KB 71ms
68ms Image
image/webp 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/dll-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: ded949ad3069c4d3a62a96d417402d678fbadc74e5373ed79389ebce3ffa892c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 13:46:44 GMT
server: Microsoft-IIS/10.0
etag: "8bee23525198d81:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 21040

GET
H2 200 sys-icon-file.png
www.exedb.com/ 2 KB
2 KB 68ms
66ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/sys-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 713eeee08e685504bd17657a7549dd7602325663ad04ffb0d55c7c9373214593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 14:01:07 GMT
server: Microsoft-IIS/10.0
etag: "9f52cd545398d81:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1646

GET
H2 200 system-files.webp
www.exedb.com/ 77 KB
77 KB 45ms
43ms Image
image/webp 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/system-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 31208d5e24fe092caa4a658b20abda62728eb73f87544a26dfe4122cf1503f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 13:36:26 GMT
server: Microsoft-IIS/10.0
etag: "67b0bfe14f98d81:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 78558

GET
H2 200 ocx-icon-file.png
www.exedb.com/ 2 KB
2 KB 67ms
65ms Image
image/png 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/ocx-icon-file.png
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 651d0936925a95457c9af5192281fa7975102b602f679aab06fe0e11ae452d99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 14:04:46 GMT
server: Microsoft-IIS/10.0
etag: "16401dd75398d81:0"
content-type: image/png
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 1536

GET
H2 200 ocx-files.webp
www.exedb.com/ 17 KB
17 KB 68ms
65ms Image
image/webp 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exedb.com/ocx-files.webp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 6bd506d50438df4cecf68bd2289b779b6fd30fdbc2a9f1b20f6a769c107f4082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
last-modified: Fri, 15 Jul 2022 13:34:38 GMT
server: Microsoft-IIS/10.0
etag: "676a89a14f98d81:0"
content-type: image/webp
cache-control: no-cache,max-age=2592000,public
accept-ranges: bytes
content-length: 17372

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 85ms
36ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-37168065-1

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae3d8dd9213a6c27f101c7f59622c12ef5a67a1c78e1eecf6678d2ed93594803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44683
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 05 Dec 2022 14:21:02 GMT

GET
H2 200 cntr.asp Show response
www.exedb.com/ 268 B
384 B 46ms
46ms XHR
text/html 78.46.72.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exedb.com/cntr.asp
Requested by: Host: www.exedb.com
URL: https://www.exedb.com/javascripts/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.84.72.46.78.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 8b26167f743ce8c1a231895b9f511ce4cabe8405d774f7f23abb69dbbbceef29

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.exedb.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:01 GMT
cache-control: private,public
content-encoding: gzip
server: Microsoft-IIS/10.0
content-length: 291
vary: Accept-Encoding
content-type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RMPSQLW73D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37168065-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a93abce76ea2613c57b7525a9fb66f3911fe1b5fcb64f247e4211bc3660491d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 05 Dec 2022 14:21:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37168065-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 13:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3916
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 05 Dec 2022 15:15:46 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
337 B 80ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RMPSQLW73D&gtm=2oebu0&_p=903513398&cid=870067378.1670250062&ul=en-us&sr=1600x1200&_s=1&sid=1670250062&sct=1&seg=0&dl=https%3A%2F%2Fwww.exedb.com%2F&dt=Exedb-%20Get%20full%20files%20information%20to%20control%20your%20PC&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RMPSQLW73D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.exedb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
116 KB 148ms
105ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4a4326209997a077d9078967eb02c86ac6dd7780d0871ae7739c5e49f21526f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119174
x-xss-protection: 0
server: cafe
etag: 7046955651309407837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 14:21:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 8851 10 KB
5 KB 74ms
20ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:58:01 GMT
etag: 10353107486223812946
expires: Sun, 18 Dec 2022 16:58:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 72ms
28ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=903513398&t=pageview&_s=1&dl=https%3A%2F%2Fwww.exedb.com%2F&ul=en-us&de=UTF-8&dt=Exedb-%20Get%20full%20files%20information%20to%20control%20your%20PC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=57360474&gjid=1068123419&cid=870067378.1670250062&tid=UA-37168065-1&_gid=831033399.1670250062&_r=1&gtm=2oubu0&z=1943025976

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exedb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.exedb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 86ms
29ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37168065-1&cid=870067378.1670250062&jid=57360474&gjid=1068123419&_gid=831033399.1670250062&_u=YADAAUAAAAAAACAAI~&z=561910331

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exedb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 14:21:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.exedb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 96ms
46ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-37168065-1&cid=870067378.1670250062&jid=57360474&_u=YADAAUAAAAAAACAAI~&z=1653570040

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 92ms
43ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-37168065-1&cid=870067378.1670250062&jid=57360474&_u=YADAAUAAAAAAACAAI~&z=1653570040

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
694 B 81ms
30ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.exedb.com&callback=_gfp_s_&client=ca-pub-3100504127201331&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49adb270384b888031143988bb3f1728429a91ce35185b3bf42a387451a9db2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 108ms
33ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.exedb.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 80ms
30ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.exedb.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 164ms
163ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.exedb.com%2F&tn=HEADER&cls=bg-primary-300&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 82FD 12 KB
2 KB 195ms
151ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&adk=1812271804&adf=3025194257&lmt=1670250062&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.exedb.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062329&bpp=5&bdt=295&idt=271&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6908664709052&frm=20&pv=2&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=290

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

636a088ea865350ca0e4b213fc43af10120fbdaa591dfb10b581fbbef186f9ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 1558
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:21:02 GMT
expires: Mon, 05 Dec 2022 14:21:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E873 97 KB
33 KB 1062ms
1031ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=180&slotname=7596457911&adk=4249632874&adf=2643545132&pi=t.ma~as.7596457911&w=1200&lmt=1670250062&rafmt=11&format=1200x180&url=https%3A%2F%2Fwww.exedb.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062334&bpp=2&bdt=300&idt=291&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=52&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lMx7nydwLY&p=https%3A//www.exedb.com&dtd=299

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5edd8fb8eba5c0e39b6630f3dfde0c15dc94b6d11b07ad06035fbe4e28cbd20f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33943
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:21:03 GMT
expires: Mon, 05 Dec 2022 14:21:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 75ms
30ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.exedb.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 79ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.exedb.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44A6 100 KB
35 KB 712ms
712ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3480100677&pi=t.aa~a.325680411~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=2&bdt=852&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180&nras=2&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1981&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eL0dJZP4uI&p=https%3A//www.exedb.com&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3db2338a858525aadf59d4a03cee5d43b43e46239bb5de725cd99fff917a65d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35301
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:21:03 GMT
expires: Mon, 05 Dec 2022 14:21:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0258 101 KB
35 KB 1191ms
1190ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2157a1b49028ac0074a724dd12aa2919c8a5d0b08d1871743bf75c4895adcef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35819
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:21:04 GMT
expires: Mon, 05 Dec 2022 14:21:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC84 101 KB
35 KB 821ms
821ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1213588912&adf=4161680572&pi=t.aa~a.1877571844~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280%2C1200x280&nras=4&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=NeEtqVdjEq&p=https%3A//www.exedb.com&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b49c81553df7c52b1c07210923f6f9243cdac95fe7003d577a6d5ab894993f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35820
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:21:03 GMT
expires: Mon, 05 Dec 2022 14:21:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 44A6 8 KB
1 KB 82ms
31ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3480100677&pi=t.aa~a.325680411~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=2&bdt=852&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180&nras=2&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1981&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eL0dJZP4uI&p=https%3A//www.exedb.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 14:16:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 14:21:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 44A6 2 KB
846 B 76ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:56:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 44A6 23 KB
10 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 09:30:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 44A6 3 KB
1 KB 65ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 13:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 13:24:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 44A6 18 KB
7 KB 72ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:56:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44A6 155 KB
48 KB 47ms
32ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 14:21:03 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 44A6 34 KB
14 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 14:56:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 44A6 0
0 107ms
107ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgkCPTv6NY5_6PIzYxtYPtY2IiAWovNCGbenLvcKrEMzuyNqUDhABILrRzBRglfr0gZQHoAGN7OTZAsgBCakCK_61kuP6qD6oAwHIA8sEqgTrAU_QyYBEW0zWIz1fYJdPFbmXYwQwcTkWvKId00btQ1isjlJzjyx0VMmulAoXZmPr1vcU5ywM18EPtMGLN9Gtgeh_0cpvcZ4oTCxolKZ_Vn3K2CeRPEF5bqpnrxA8AaAjqwe8ppcTkT3eSUiHPaZMNmER9aMlGAVW5dLsd-3skHBZZ8ol7HB9x6Yllu-PX-F1-GwA-gf8El8xHisp3dqukCRGL92g-cghWnHWrR5nBbDrVMu59TJccDAbqJs1WxfjBoHpSNsSyUD2b047Y5TSnJ8RdTy4OeeXJEGYiLhK58Gn0qjgGpODRzoSJfTABPLZ1OWaBJIFBAgEGAGSBQQIBRgEoAYugAfbk5umAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIHLBdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTMxMDA1MDQxMjcyMDEzMzEYAA&sigh=d8kr9yGaOms&uach_m=[UACH]&cid=CAQSPADq26N9ExVuroVPQROFaN8tMejuI7aoexMNqURuCMLFzjNNAKIozbRXUawM6MHvlm0_UyRroPRYOrD2GBgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3480100677&pi=t.aa~a.325680411~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=2&bdt=852&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180&nras=2&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1981&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eL0dJZP4uI&p=https%3A//www.exedb.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 14:21:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12449735768652746288/ Frame 44A6 28 KB
28 KB 56ms
27ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12449735768652746288/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

812e09a26d1f18572df456259c068f129f9b783072c25ef3afb3b278f4bc4808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:17:11 GMT
x-content-type-options: nosniff
age: 237832
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28572
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 10:05:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 20:17:11 GMT

GET
DATA 200
OK truncated
/ Frame 44A6 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 44A6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame E873 6 KB
766 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Roboto:400&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=180&slotname=7596457911&adk=4249632874&adf=2643545132&pi=t.ma~as.7596457911&w=1200&lmt=1670250062&rafmt=11&format=1200x180&url=https%3A%2F%2Fwww.exedb.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062334&bpp=2&bdt=300&idt=291&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=52&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lMx7nydwLY&p=https%3A//www.exedb.com&dtd=299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c0a67528790dc75533d8a99f239e6d1e4b9e05dd90c2e18122ea461df69174c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 14:21:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 14:21:03 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E873 35 KB
14 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 19:52:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E873 155 KB
47 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 14:21:03 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11966216597269777964/ Frame E873 4 KB
4 KB 47ms
46ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11966216597269777964/14763004658117789537?w=128&h=128

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c39a21c470ceaa846eb9e330ece268ac5b017e5613c9600a0eb28c06f5a046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 14:44:23 GMT
x-content-type-options: nosniff
age: 257800
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4215
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 11:13:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 14:44:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame E873 23 KB
9 KB 41ms
35ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 09:30:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E873 3 KB
1 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 13:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 13:24:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E873 18 KB
7 KB 46ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:56:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C9C5 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:10:49 GMT
etag: 48472445140208031
expires: Tue, 06 Dec 2022 10:10:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame EC84 8 KB
895 B 75ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1213588912&adf=4161680572&pi=t.aa~a.1877571844~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280%2C1200x280&nras=4&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=NeEtqVdjEq&p=https%3A//www.exedb.com&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 14:18:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 14:21:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EC84 2 KB
765 B 88ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:56:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame EC84 23 KB
9 KB 65ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 09:30:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EC84 3 KB
1 KB 64ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 13:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 13:24:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EC84 18 KB
7 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:56:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EC84 0
0 74ms
29ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKSwGmzyIY0id5v02zOkdFgGmyhlBveb8shMqU8xxsvlyUosHdr7yrTwiuiN7EAii8l5LVExHCSL5HEmyFSaNa2MZBBw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1213588912&adf=4161680572&pi=t.aa~a.1877571844~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280%2C1200x280&nras=4&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=NeEtqVdjEq&p=https%3A//www.exedb.com&dtd=24
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC84 155 KB
47 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 14:21:03 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame EC84 34 KB
14 KB 61ms
20ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 14:56:09 GMT

GET
DATA 200
OK truncated
/ Frame 44A6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcd689e4c4d40c8857dbb34050a1094e1dc9c4aa7f24c2f9c95cb45596d96032

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EC84 0
0 180ms
180ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZCxdTv6NY8X7PO3uxtYPpriOoAvT74SGbebNs5jlC8zzrcuMDhABILrRzBRglfr0gZQHoAHUkoaqAsgBCakCxy3vrC-1sT6oAwHIA8sEqgT1AU_QtXnZ0iNG6XEt2o7huiTeNbKvBuPlKeo8Epb9tKZm-pAkexg6NSIC1sh_P2eetmaNAozxGIAqrBQ7Z1J-dc1WV4-cJWIlFxkma2ZQL9dlipWsCRt_nm6PBV0oaGFs21MjAXyP9NT_nBJXZg6rv22PH5zbMWe_KBHClo9X1FPoFx4Kh-1NjrlmXCLOzMeAYKtWoGmY4I2AngkqrNSn2WjJVyE9s7P3_l7QPIxTqXNpDUmptuEDXIsqWorEOlIKlPgsUuJBkrSiI_a2DuWkngc-coYQaMPUlBqZMGn1gt2wQL8xtcOzMLtTQaWV7ItSgoDgIjl9wATr4aTohAOSBQQIBBgBkgUECAUYBKAGLoAHlO351QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCB3hXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUB9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTAwNTA0MTI3MjAxMzMxGAA&sigh=IdQEQRztoMg&uach_m=[UACH]&cid=CAQSPADq26N9DblxrEuf_5l5tRQXrAzWDuK_jiVb5DvopZC9BWWRveG0A6jKAWtzSbXuFiU2MuTmbIuGisVIVhgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1213588912&adf=4161680572&pi=t.aa~a.1877571844~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280%2C1200x280&nras=4&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=NeEtqVdjEq&p=https%3A//www.exedb.com&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 14:21:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 44A6 28 KB
28 KB 101ms
52ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 319522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 21:35:41 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6118868729565502458/ Frame EC84 18 KB
18 KB 36ms
27ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6118868729565502458/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4e388e91288dbb387e9b8d0a76704e61e0aaa20381092e090eef880ab5be3e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 04:33:00 GMT
x-content-type-options: nosniff
age: 294483
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18306
x-xss-protection: 0
last-modified: Fri, 17 Jul 2020 10:03:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 04:33:00 GMT

GET
DATA 200
OK truncated
/ Frame EC84 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EC84 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E873 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaasGTv6NY-7ULqGavPIPk8qiqAPZxcygbaDfwP6HELCQHxABILrRzBRglfr0gZQHoAGZmK3bA8gBBqgDAcgDywSqBOYBT9A--BGxgSM_eQmG98zeKoNirOPzbDkISfnriIyJ-Fioh55fsJYfJbzAl-l2mVQffDlyaQsRtU8PfFt-gmhthzCjud5Rbjbg6MgHspVL68VnC_WUo66Tyl2xXapuXYolrWAJj_PvY_WixcccQDvRmTT1G49X1qvia0LUI6uXQ_rhVJcFujAKfxEVO2_WZO9t2ksb6pdbK_Q5ANhgjsZGxkEfQKn6d1cZDgwle-jOqD8J2dtNvH_ozyCDIX3ehK682qDL0RXOX9WwM4QkSQlTbLLFi0hpYqsWfH4sL8J1PGDf91fNvTHABKui_pqrAZIFBAgEGAGSBQQIBRgEoAY3gAfP59IkqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-s900ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzEwMDUwNDEyNzIwMTMzMRgA&sigh=SWbGDEzqAKk&uach_m=[UACH]&cid=CAQSGwDq26N9b_H9pshXBSS3gvMplQ7mnc2qU2BKSxgBIBM&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=180&slotname=7596457911&adk=4249632874&adf=2643545132&pi=t.ma~as.7596457911&w=1200&lmt=1670250062&rafmt=11&format=1200x180&url=https%3A%2F%2Fwww.exedb.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062334&bpp=2&bdt=300&idt=291&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=52&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lMx7nydwLY&p=https%3A//www.exedb.com&dtd=299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 14:21:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame C9C5 35 B
463 B 81ms
21ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBg6ETJ8af172s3hzSU9hDM&google_cver=1&google_push=ASkJ3Fbz4ydZvf4d_rHTAlPthvrZH-A1HO0a9ProHvXAsFUL6j2JozlLeeUfZDt6yaz4LeKVbXVs-NlLNYdFoh8VqpCYCnVhwiwb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame C9C5 0
98 B 96ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FZ9j8LbVSXjJKucm4EnsLxrmz30lH6Sf2A0c2qRGCbq4g7FgULpNj76Cl8xicIWHGftd71Ju_mYr9AYqegl_fpy7ssqhgNSNA&google_gid=CAESEBuE1kYjAhPOaJJxGyxsbjI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3480100677&pi=t.aa~a.325680411~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=2&bdt=852&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180&nras=2&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1981&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eL0dJZP4uI&p=https%3A//www.exedb.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C9C5
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FY8HpMn...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FY8HpMn...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDUxNDIxMDQwMDAxMjc0NzQwMTk3Mg%3D%3D&google_push=ASkJ3FY8HpMnhvudHteqHxB8DVeXaz6D7FEcZamuZDqN62woMOqoCNnA5Iu-uSMXNTCdOE...

170 B
188 B

35ms
33ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDUxNDIxMDQwMDAxMjc0NzQwMTk3Mg%3D%3D&google_push=ASkJ3FY8HpMnhvudHteqHxB8DVeXaz6D7FEcZamuZDqN62woMOqoCNnA5Iu-uSMXNTCdOEWQyymMGQGDB0ZNVgyUpaSp_dD8QFE0

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDUxNDIxMDQwMDAxMjc0NzQwMTk3Mg%3D%3D&google_push=ASkJ3FY8HpMnhvudHteqHxB8DVeXaz6D7FEcZamuZDqN62woMOqoCNnA5Iu-uSMXNTCdOEWQyymMGQGDB0ZNVgyUpaSp_dD8QFE0
pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 05 Dec 2022 14:21:04 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame C9C5 43 B
351 B 101ms
30ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIkvlLzedISWPnPR_vy22Kk&google_cver=1&google_push=ASkJ3FanV9YmGM4MUcMIy7d5E35hY372C-l1TCMkGi9xM_bGPQ1zyQFf8qzi_bbI0MBLtrHeDdsT3JMro9Ae_v8xGTRS6FFxLMXD
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3480100677&pi=t.aa~a.325680411~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=2&bdt=852&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180&nras=2&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1981&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eL0dJZP4uI&p=https%3A//www.exedb.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:03 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: rd2s7pp56vsue8jr817rlmq279k5i54f

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C9C5
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FwSGv_kMS1Wwemz7vb0FMA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

38ms
38ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FwSGv_kMS1Wwemz7vb0FMA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbdxT-jrnXme0zvmlDPXiZO5AIqUFNM_kXPJHYL4dgYjbLsWX-Q6OzUWGlPQc3-jyQxV1l6TnVqTr65qKXWdewXMWMzmMzlGw

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FwSGv_kMS1Wwemz7vb0FMA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbdxT-jrnXme0zvmlDPXiZO5AIqUFNM_kXPJHYL4dgYjbLsWX-Q6OzUWGlPQc3-jyQxV1l6TnVqTr65qKXWdewXMWMzmMzlGw
date: Mon, 05 Dec 2022 14:21:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C9C5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEuqLLy7qMd-fsbl4-wAH1A&google_cver=1&google_push=ASkJ3FbFRtpzhq-xma3oGX9aM5QZRVBb7MrUOWFEakY78E_X1KL5EU_SbIarxrxmH80WuRESMFc...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJIR08tMTktRVNFNQ==&google_push=ASkJ3FbFRtpzhq-xma3oGX9aM5QZRVBb7MrUOWFEakY78E_X1KL5EU_SbIarxrxmH80WuRESMFcN7cyk7yzAF6lCgWGdFRPg0uR9Iw

170 B
188 B

54ms
35ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJIR08tMTktRVNFNQ==&google_push=ASkJ3FbFRtpzhq-xma3oGX9aM5QZRVBb7MrUOWFEakY78E_X1KL5EU_SbIarxrxmH80WuRESMFcN7cyk7yzAF6lCgWGdFRPg0uR9Iw

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJIR08tMTktRVNFNQ==&google_push=ASkJ3FbFRtpzhq-xma3oGX9aM5QZRVBb7MrUOWFEakY78E_X1KL5EU_SbIarxrxmH80WuRESMFcN7cyk7yzAF6lCgWGdFRPg0uR9Iw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C9C5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGfERgJOj4axKe0dCplLKnM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGfERgJOj4axKe0dCplLKnM&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGfERgJOj4axKe0dCplLKnM&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FbuMLtg5uQa6bHAzHJWYJfzEvX2m-u9j...

170 B
188 B

34ms
34ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGfERgJOj4axKe0dCplLKnM&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FbuMLtg5uQa6bHAzHJWYJfzEvX2m-u9jXObK4sxOIbplGEnLkeybUgXxr5rCwxVEQ7hx0s5ksKQbEVXJuj6WmWrIdjfl0wn0A

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEG6cqqqxLX1dqSxi2bmzvmVJe8amKYmvhsu1Z7Nxq7mQQhfsXM1BwDYAvOJuF5Wh5wWJLp5t%2BNH60uJRrTbsUe9fwfJX8rxudBJBPndj9zBtG3zP6raIY0%2FVD0R6kPCDBVxW3MfO%2FZe5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGfERgJOj4axKe0dCplLKnM&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FbuMLtg5uQa6bHAzHJWYJfzEvX2m-u9jXObK4sxOIbplGEnLkeybUgXxr5rCwxVEQ7hx0s5ksKQbEVXJuj6WmWrIdjfl0wn0A
cache-control: no-cache
cf-ray: 774d6d13f9f29a05-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C9C5 0
223 B 96ms
31ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LmRltn2g5lANURZzmOuiJ1qmg-ccoPnMONKg9PQ-6OeMjrAud8rIiwwDXQ32X5fJt1xUgE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v24/ Frame E873 32 KB
32 KB 50ms
31ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Roboto:400&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:07:50 GMT
x-content-type-options: nosniff
age: 414793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32860
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:07:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E873 15 KB
16 KB 41ms
23ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Roboto:400&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 326328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 19:42:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C8C3 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:10:49 GMT
etag: 48472445140208031
expires: Tue, 06 Dec 2022 10:10:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C479 143 B
166 B 24ms
20ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=180&slotname=7596457911&adk=4249632874&adf=2643545132&pi=t.ma~as.7596457911&w=1200&lmt=1670250062&rafmt=11&format=1200x180&url=https%3A%2F%2Fwww.exedb.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062334&bpp=2&bdt=300&idt=291&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=52&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lMx7nydwLY&p=https%3A//www.exedb.com&dtd=299
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 13:28:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EC84 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ca9d0859e6c60f967c92429a5c2bed85e98a5d3409ab7e4d7a69e11ab014a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E873 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef056402d809d471fa6202c9ceafe2342845dc0afe84d925efe34a8647220119

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame EC84 28 KB
28 KB 65ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 319522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 21:35:41 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8C3
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAz4woIQLN7lb25U-Dz3fXA&google_cver=1&google_push=ASkJ3Fb960I9V7tbK-fNikFH7XpeUuosxQ_LFA4N_vz6S2qUtbLGqZfnXF...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3Fb960I9V7tbK-fNikFH7XpeUuosxQ_LFA4N_vz6S2qUtbLGqZfnXF9XmTHykt75eeQXWEjYitygACA_0mZTaVzLk61JpzIdzIDgHKCtch6vnDwz9o-omQB...

170 B
188 B

48ms
37ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3Fb960I9V7tbK-fNikFH7XpeUuosxQ_LFA4N_vz6S2qUtbLGqZfnXF9XmTHykt75eeQXWEjYitygACA_0mZTaVzLk61JpzIdzIDgHKCtch6vnDwz9o-omQBMfQr7VPXKsPXzGKlTtjmxK-CR7GUs7js&google_hm=960Dzkwl0WAZTxDdfI1nmQ

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3Fb960I9V7tbK-fNikFH7XpeUuosxQ_LFA4N_vz6S2qUtbLGqZfnXF9XmTHykt75eeQXWEjYitygACA_0mZTaVzLk61JpzIdzIDgHKCtch6vnDwz9o-omQBMfQr7VPXKsPXzGKlTtjmxK-CR7GUs7js&google_hm=960Dzkwl0WAZTxDdfI1nmQ
pragma: no-cache
date: Mon, 05 Dec 2022 14:21:03 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C8C3 43 B
356 B 109ms
29ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEG5qONvaVwIoqxYvCEuCNAs&google_push=ASkJ3FaToWUt_MzA4pFF9RYuXk81FTlQZXiepdqm1W_Zv28gX6p_l7OINNzaAriRWw_3WLsTmCQDXLY-H72cvxDcBuxOUBftVBCujy0d-wLMjOUDj86eJPeQ0ve_4wOo89pt7nXbYf8WGnW818LjxzveuhQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1213588912&adf=4161680572&pi=t.aa~a.1877571844~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280%2C1200x280&nras=4&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=NeEtqVdjEq&p=https%3A//www.exedb.com&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame C8C3 43 B
135 B 35ms
32ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDAQBArQCgZ-0GRRbhuD0Rs&google_cver=1&google_push=ASkJ3FaHp-Jtse0z_d9CtHLPJwT7Er0GIaDXyWXR3W2mfAlHRVwYSE75hcmiObcG59AxOf1fojyPdjMLDJNPK9hcq46OIGdN-iWa6lO7_hleLJhxK_JkECjQ4ML_P8lVhvUVID5TfYsFhvHykT0fAqPpqgE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1213588912&adf=4161680572&pi=t.aa~a.1877571844~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280%2C1200x280&nras=4&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=NeEtqVdjEq&p=https%3A//www.exedb.com&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:03 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: pekgk0aadh8tv19h1khp5ssn7uh466va

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8C3
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WIFI-FGQTDagP3_MVEs5cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

36ms
35ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WIFI-FGQTDagP3_MVEs5cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaSwlGTFXjFTCrMdIxb-MzprZBQqMqwyCXd3nNxld3GyUuDI0qApg2_oCOGtul0LKrO1OOUew8vqA_EOgtXgse5iDvPAE5LrMstUJRu42BxpsM8oZ79qHIguQKJw6it_TA51iGF0nHfbSjqVBNC9Ac

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WIFI-FGQTDagP3_MVEs5cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaSwlGTFXjFTCrMdIxb-MzprZBQqMqwyCXd3nNxld3GyUuDI0qApg2_oCOGtul0LKrO1OOUew8vqA_EOgtXgse5iDvPAE5LrMstUJRu42BxpsM8oZ79qHIguQKJw6it_TA51iGF0nHfbSjqVBNC9Ac
date: Mon, 05 Dec 2022 14:21:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8C3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGfnWhW2xuyNSNmEFsq3ZwQ&google_cver=1&google_push=ASkJ3FZYVi8PvNb7tlzn_o-an-bt64jW5EQ5lckj_9_FIzkHvEQxUnzOKtnVSP-T-RrHeq4CTr0...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJISTYtMTctRzhKSQ==&google_push=ASkJ3FZYVi8PvNb7tlzn_o-an-bt64jW5EQ5lckj_9_FIzkHvEQxUnzOKtnVSP-T-RrHeq4CTr0edr1mXHKweRl9Ngr_-6xYOIxFD...

170 B
188 B

33ms
33ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJISTYtMTctRzhKSQ==&google_push=ASkJ3FZYVi8PvNb7tlzn_o-an-bt64jW5EQ5lckj_9_FIzkHvEQxUnzOKtnVSP-T-RrHeq4CTr0edr1mXHKweRl9Ngr_-6xYOIxFDqD-tl4oZg4k3Ewz0hyjb0dzXlVWyiA4Ftx5mA4kQAqk3hakWSDgKxQ

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJISTYtMTctRzhKSQ==&google_push=ASkJ3FZYVi8PvNb7tlzn_o-an-bt64jW5EQ5lckj_9_FIzkHvEQxUnzOKtnVSP-T-RrHeq4CTr0edr1mXHKweRl9Ngr_-6xYOIxFDqD-tl4oZg4k3Ewz0hyjb0dzXlVWyiA4Ftx5mA4kQAqk3hakWSDgKxQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8C3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPSngP2fE6wXEdXJlaLcy40&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPSngP2fE6wXEdXJlaLcy40&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPSngP2fE6wXEdXJlaLcy40&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FYWcybeEMEJN93V1bpENXPM7wzcQwKIQ...

170 B
188 B

33ms
33ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPSngP2fE6wXEdXJlaLcy40&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FYWcybeEMEJN93V1bpENXPM7wzcQwKIQWcJnx_Kp40dns4IYrgIhHcROOp1O5IwH66u2z-YyvRlPwXsMLgEhe_PKqNHV1Zxnwm-wafhfJASD0c6ID5YQ9ViVMVbmLw4rNbsI_DJdguK24lr5FfLjrA

Requested by

Host: www.exedb.com
URL: https://www.exedb.com/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyhrBO5ABmKyDwInhkNsXfziNovD%2FaaqLadt8hgFl6fkXClU3V1L1f%2B6Top9UIa3JQunDwMvy0I4P1wKpKJTxryI6FwRXccUNsDcHwBvjQ4ObJuJDtTlD29tSoJKGoA5O0QvL36GsAWuKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPSngP2fE6wXEdXJlaLcy40&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FYWcybeEMEJN93V1bpENXPM7wzcQwKIQWcJnx_Kp40dns4IYrgIhHcROOp1O5IwH66u2z-YyvRlPwXsMLgEhe_PKqNHV1Zxnwm-wafhfJASD0c6ID5YQ9ViVMVbmLw4rNbsI_DJdguK24lr5FfLjrA
cache-control: no-cache
cf-ray: 774d6d144a939a05-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame C8C3 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C8C3 0
12 B 78ms
31ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0pqOFb-uk0Cjk27pqTLI__Aq95YxiXf-i33GY125hObXDRhlnHrQAdyYQn3XUUZO9VntGUg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B5D 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 11:41:51 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C479
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

98ms
97ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:21:04 GMT
expires: Mon, 05 Dec 2022 14:21:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:21:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8968 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 11:41:51 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AE1 36 KB
16 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 11:41:51 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0258 7 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 20:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 20:20:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0258 8 KB
895 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 14:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 12:22:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 14:21:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0258 0
0 29ms
29ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGIXkLafC6_JbiMW4G2NELIU0jZH55KC6V7rLnPvQHE3wwAUBzWh5uW9c5OLGkWKgk-rCrTfV2oApPkQarxGhst_6Siw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0258 155 KB
47 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 14:21:04 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 0258 34 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 14:56:09 GMT

GET
H3 200 subresource.wbn
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 0258 0
51 KB 111ms
69ms Other
application/webbundle 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/subresource.wbn

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51809
x-xss-protection: 0
server: cafe
etag: 1964552289100254462
vary: Accept-Encoding
content-type: application/webbundle
access-control-allow-origin: *
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 14:21:04 GMT

GET
H/1.1 200
OK load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0258 2 KB
2 KB 108ms
108ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0258 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsvJnTv6NY4TcPN_1xtYP25W-mAnZxcygbaDfwP6HELCQHxABILrRzBRglfr0gZQHoAGZmK3bA8gBCagDAcgDywSqBOYBT9Ax8YzGl-PyS6TqIGQtBvrIhHyv6orhzC9kqeTRep_wmwc8yIy8s8nTF7b8WY_iY_3N5Mx5w51zlJ5NjK0YH-4SouCmX9jjH_I-GwJLvNRX7P5ELqZs4QMxNNoNCWVtbJnQpD0C1k4LnRKL-kzNmlWSG0MfeVsSVenkyoA4z8jdMdIOh3EduBs5K6hBHDrKIkWSQvyCkygLZme2q2klGv_h160J-6veNSMKNfe5oxjFgkESzd87vxD6lp0S7FO7O2Gk2KJQ9_wU3gP0y5mHasf_ZecoSTHbwvadRFhiii_UZMttFc3ABKui_pqrAZIFBAgEGAGSBQQIBRgEoAYugAfP59IkqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQkJof0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzEwMDUwNDEyNzIwMTMzMRgA&sigh=u3Yff_5AGuw&uach_m=[UACH]&cid=CAQSPADq26N916NVX8lhaf8Is68rHw-XmpZia7g2LxEQUOvFwoLPCW-W2CjWFNzIBrowovORLOczrJyL4bnVrRgBIBM&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 14:21:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 0258 23 KB
23 KB 125ms
125ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

5f3d2f87d82b88f6b82b1c78637b76622c12b2e859193e41d1e81384e506bcd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4766707872507843235/ Frame 0258 13 KB
13 KB 36ms
35ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4766707872507843235/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27bfd1ffa4878116a0a6e054086fd99df8ec86792e78cc67ac5862b6e94b36ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:49:49 GMT
x-content-type-options: nosniff
age: 171075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12948
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:28:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 14:49:49 GMT

GET
DATA 200
OK truncated
/ Frame 0258 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0258 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0258 3 KB
3 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8CF7 1 KB
643 B 23ms
20ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:10:49 GMT
etag: 48472445140208031
expires: Tue, 06 Dec 2022 10:10:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0258 18 KB
18 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

976a048d9f6abc83b31613df6f904082891e354bcd0c39cec631329b55085889

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0258 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc79f00af786a5cf02e37f8b3befbcfc7b13525d326d2799ad751330697dce4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 0258 28 KB
28 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 319523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 21:35:41 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CF7
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIDAMLg1BtSDuIbSM6_bG6A&google_cver=1&google_push=ASkJ3Fa7_VoYSZ98no-CiqTlGVUkMthiuClNFMjEmPw3FBm6zHS6V7r4fu...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3Fa7_VoYSZ98no-CiqTlGVUkMthiuClNFMjEmPw3FBm6zHS6V7r4fucD7Io9HGNlstIbMBuYErkrzER3-Vj_siW84zRE2Eab&google_hm=960Dzkwl0WAZ...

170 B
188 B

34ms
34ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3Fa7_VoYSZ98no-CiqTlGVUkMthiuClNFMjEmPw3FBm6zHS6V7r4fucD7Io9HGNlstIbMBuYErkrzER3-Vj_siW84zRE2Eab&google_hm=960Dzkwl0WAZTxDdfI1nmQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3Fa7_VoYSZ98no-CiqTlGVUkMthiuClNFMjEmPw3FBm6zHS6V7r4fucD7Io9HGNlstIbMBuYErkrzER3-Vj_siW84zRE2Eab&google_hm=960Dzkwl0WAZTxDdfI1nmQ
pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CF7
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FazNxTP...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDUxNDIxMDQwMDAxMjc0NzQwMTk3Mg%3D%3D&google_push=ASkJ3FazNxTPQIxYhkuMezFbnfLuOjvpzIaGnQpFLAGsiHi-hsjEkkNA434EV6KxpENtYU...

170 B
188 B

33ms
33ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDUxNDIxMDQwMDAxMjc0NzQwMTk3Mg%3D%3D&google_push=ASkJ3FazNxTPQIxYhkuMezFbnfLuOjvpzIaGnQpFLAGsiHi-hsjEkkNA434EV6KxpENtYUouq-Z7AHsXJWMQlVtirdoIWWatMqGP

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDUxNDIxMDQwMDAxMjc0NzQwMTk3Mg%3D%3D&google_push=ASkJ3FazNxTPQIxYhkuMezFbnfLuOjvpzIaGnQpFLAGsiHi-hsjEkkNA434EV6KxpENtYUouq-Z7AHsXJWMQlVtirdoIWWatMqGP
pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 05 Dec 2022 14:21:04 GMT

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame 8CF7 43 B
61 B 54ms
30ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIYeny-1sJi_6UWmnD_wzi4&google_push=ASkJ3FaOPPmAqMYE0SSzYYJERx1F_PRnKpw55VRW9lxklWkQD634Aslp6fkpeY21j9mkn4ZU5QGly2IXGFUJrQop9ix-iY6IlGs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 8CF7 43 B
64 B 55ms
32ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEI5pOgwfgdzoD0JwuzpYX7g&google_cver=1&google_push=ASkJ3FZr642GatjGJURhUWcfhQmaXeGdXzwPMXyOKd92Dlj_xpsT_JDjubaq-xyJDIOHFkWDIn9hdEz5Ji_rJgaajTvSXh60G06a
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:03 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: bspak15faslsr1kbmng4n9ae8cdob7vi

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CF7
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WIFI-FGQTDagP3_MVEs5cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

35ms
35ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WIFI-FGQTDagP3_MVEs5cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZmmOnL8y1TbUlUthIv4jJ1YLF1xJvRMZ-2uoSrQxdUwjTozmlcSTRvL7XwC6Oc_umigMOJNSgHkY2r4z5v6WHSscU94iN-

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WIFI-FGQTDagP3_MVEs5cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZmmOnL8y1TbUlUthIv4jJ1YLF1xJvRMZ-2uoSrQxdUwjTozmlcSTRvL7XwC6Oc_umigMOJNSgHkY2r4z5v6WHSscU94iN-
date: Mon, 05 Dec 2022 14:21:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CF7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA-PEHHKNtLjpGqHUaVs204&google_cver=1&google_push=ASkJ3FbI4VJHVSYIRvHuGD7y9m0aZoxFjo6R6ny06LWBJ3-QiDfs1elA37uyHEKJmt6l-gscLkd...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJIVE8tMS0zUkxB&google_push=ASkJ3FbI4VJHVSYIRvHuGD7y9m0aZoxFjo6R6ny06LWBJ3-QiDfs1elA37uyHEKJmt6l-gscLkd7Vdg2jQUchMedopJGH-lDKSU

170 B
188 B

34ms
34ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJIVE8tMS0zUkxB&google_push=ASkJ3FbI4VJHVSYIRvHuGD7y9m0aZoxFjo6R6ny06LWBJ3-QiDfs1elA37uyHEKJmt6l-gscLkd7Vdg2jQUchMedopJGH-lDKSU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBVlJIVE8tMS0zUkxB&google_push=ASkJ3FbI4VJHVSYIRvHuGD7y9m0aZoxFjo6R6ny06LWBJ3-QiDfs1elA37uyHEKJmt6l-gscLkd7Vdg2jQUchMedopJGH-lDKSU
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CF7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDSQHZidLxy5kdGjc8KwnlU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDSQHZidLxy5kdGjc8KwnlU&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FZjkSOIsO5Ux2wSQ2DfQnEuEW6j75hN9...

170 B
188 B

33ms
33ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDSQHZidLxy5kdGjc8KwnlU&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FZjkSOIsO5Ux2wSQ2DfQnEuEW6j75hN9jpRD3GF_y7NKNw1u7E8X9r1WvDeOea6YKE_IVGHxaM3K7GNZdR8BR5w2a_3faU

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJrtKfa3n9X9QSxcbO1FSCrkVFCBLtFncu%2BvjBp0tfRLqezkpPaZx0sLYfLmSUhO44Yl0j9%2F3yfVlotTQj15pVgALE%2BQ3shKZi7c9lhjNHGkYWB%2BZ1YFygAYZhAZLr3K8SYJ%2F02BjTvIHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDSQHZidLxy5kdGjc8KwnlU&google_hm=Y43-T11Z0tbX6CUHcTsI5wAABLsAAAAB&google_nid=index&google_push=ASkJ3FZjkSOIsO5Ux2wSQ2DfQnEuEW6j75hN9jpRD3GF_y7NKNw1u7E8X9r1WvDeOea6YKE_IVGHxaM3K7GNZdR8BR5w2a_3faU
cache-control: no-cache
cf-ray: 774d6d165e7b9a05-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8CF7 0
12 B 32ms
31ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LpdC2ewxyIeEcPljMpio_c-ciBUfRxrkWbPWV-2QHA7uZIc6WkUtAeTpj61FcpzmcSatlA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 116ms
70ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59ac009b803b4a090ae8f199354d9eab571cb2c65251dd2a6a7b522dc1e4cfac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11097
x-xss-protection: 0

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4126 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1418185256&adf=3425492618&pi=t.aa~a.3199875699~rp.4&daaos=1670246784925&w=1200&fwrn=4&fwrnh=100&lmt=1670250062&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670250062885&bpp=1&bdt=851&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff35858a0a15ca65-2235733943d8002a%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg&gpic=UID%3D00000b8dc7c75f1f%3AT%3D1670250062%3ART%3D1670250062%3AS%3DALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ&prev_fmts=0x0%2C1200x180%2C1200x280&nras=3&correlator=6908664709052&frm=20&pv=1&ga_vid=870067378.1670250062&ga_sid=1670250063&ga_hid=903513398&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774649%2C42531705%2C44774653%2C44770881&oid=2&pvsid=3854775335944470&tmod=1254349146&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1pbwIPWGcf&p=https%3A//www.exedb.com&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 11:41:51 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=903513398&t=timing&_s=2&dl=https%3A%2F%2Fwww.exedb.com%2F&ul=en-us&de=UTF-8&dt=Exedb-%20Get%20full%20files%20information%20to%20control%20your%20PC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2560&pdt=24&dns=9&rrt=60&srt=48&tcp=67&dit=263&clt=271&_gst=374&_gbt=519&_cst=371&_cbt=367&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=870067378.1670250062&tid=UA-37168065-1&_gid=831033399.1670250062&gtm=2oubu0&z=1025614000

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41865
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 14:21:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 764D 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:02:57 GMT
expires: Tue, 05 Dec 2023 14:02:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3FF0 783 B
535 B 32ms
32ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4088b427df8fe9802eba66e6b3d53146b84a9089b1ebdaf83e7cde1ec672c930

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xV_c9lf5hIpYnMkN-sN-Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.exedb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-xV_c9lf5hIpYnMkN-sN-Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:21:04 GMT
expires: Mon, 05 Dec 2022 14:21:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 764D 36 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 11:41:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3FF0 0
0 163ms
162ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3854775335944470&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 764D 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Pa7S7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:21:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E873 42 B
64 B 171ms
171ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcIKObs6-YDvRnH74lEoVoxtfc8SK1xBeHK9odMMTicoGp7unBEtJc-a1Pu0nSGayvalcOq-xGSFSS8ESM8HI0qNiWwAIt_tI4FDErZrnYwlAxIzekFLEOKPlZWSHUHdpTptPfpA&sai=AMfl-YSON4WymKgMIgQy72ny0JZCaNI-1g5KRNTcl_VCXhFfO9hzJH3LN2_i_JUA2rv27HxUhGAjflxjUQsB0NU&sig=Cg0ArKJSzC_WZw0XMSmhEAE&cid=CAQSGwDq26N9b_H9pshXBSS3gvMplQ7mnc2qU2BKSxgBIBM&id=lidar2&mcvt=1000&p=0,0,128,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=14&adk=4249632874&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670250062634&rpt=1281&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:21:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 170ms
169ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3854775335944470&bg=!DQ6lDkrNAAbvMpMzzzI7ACkAdvg8Wv2dPpxBzI9MYFn6OAooRhGFDaZlYS9mhfenDx6ggbESCq19MwIAAABKUgAAAAJoAQeZAp20NX6prRuQ2ErDwCIDAnMPv3OanffOqgqQEkK00p-VxzgNjb8hCQON4H7WX4qTSiT-bYYNjplT4JR6AYkK9U2yTAwaY0TdPIrTloite9pJ7JbGvJgahvO3A0AlgmAr0cwrmGDqGS1SRl3MMBBfsMKQuT2hDR77PSpPtM7ldPJIyijn0g_bDPAldRT5j2wVxLL2PdcSa7LiiaKbzGZzw8-aXcds4wtiq65s65htCxrvsxK2neh2i0d0Wd5f0l_6QXwjaEii6yWoTqxMdbArJUlX7_RvxCQLZL9kNxzuyawHXRkxnaqVbdVygKZCzDnaTvIOFeUNXcAFSu4YUyk3US5cMefR-rYpYUv4avjX82BhKme6d152CYBh77E4fuc2vlO_G0Il_Xn8bdrL56dmKVUjRNokWsBLGymnzn-yeDuHDoLtXEe3O9t-4PbOSYpkb3c8IEmleLpEoNFBkX7yFq4bdEQWnXVIONN6z4nuuczSTefiAiP9JPPDZEc44MYAEyf_-seOpXgsgqs7h-jfqo0NCgh_kmFwMHfhiD9zxfRZITQUCTkjroquNnDJkGx67e6cltqApg3FSD5ugBvWi3zcHbJ4Y5N5KK-0MfH5EuI3XY2UAJcG2GxL1qL_j3Dqx9P_F5CY9Iw-TvtHvLMbqLPqvkwuLRIeNvG5Flls6j696n4J8oDHL4cJ7175sfXWqa_VO1I9uCXq3-NPQTkFonTmbDZkQzbvbOv_aTiK-32xgO4w3S9V12IyeuVC8OWqkfjtz37tuH_pInTl4f9CPw9TcRf43GZN4tnkCJfx33qHXQPYxLdHAoundKsmY7H_gSZeX1_1FjttqUFHH_J5hISntvrJ_d__BBcaBZR0KEVY85lOvi4ZF3Btnwi2WpI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exedb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEA54d8JLxU5LsDI1T5xf7_M&google_cver=1&google_push=ASkJ3FZAS2sI27-ck3i0aih_6FcgU8bkIBlHu2O2eQHBOsaxEYWkLwRr-pRwU-enr4w5ZLlquhpk6l3Yz7ryZaCKFqaFjQNqC7prCI9rDGWchDksDUF1bMTg9eHYjC2YXhkwu3WHgzF0Ys63Y75tRgUoeP_9

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.exedb.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDQGCQSTAQ Value: JHLENOPCMKJNLAPMCLJGBHJN
.exedb.com/	1970-01-20 17:33:30	Name: _ga_RMPSQLW73D Value: GS1.1.1670250062.1.0.1670250062.0.0.0
.exedb.com/	1970-01-20 17:33:30	Name: _ga Value: GA1.2.870067378.1670250062
.exedb.com/	1970-01-20 07:58:56	Name: _gid Value: GA1.2.831033399.1670250062
.exedb.com/	1970-01-20 07:57:30	Name: _gat_gtag_UA_37168065_1 Value: 1
.exedb.com/	1970-01-20 17:19:06	Name: __gads Value: ID=ff35858a0a15ca65-2235733943d8002a:T=1670250062:RT=1670250062:S=ALNI_MZrBI91myAk-msUsGfVmRlJAP8Zyg
.exedb.com/	1970-01-20 17:19:06	Name: __gpi Value: UID=00000b8dc7c75f1f:T=1670250062:RT=1670250062:S=ALNI_MbXzj2Oe0qArr7s98L0Vm_Bl0dVcQ
.quantserve.com/	1970-01-20 10:07:06	Name: d Value: EGEBCQHeJ4EA
.quantserve.com/	1970-01-20 17:27:44	Name: mc Value: 638dfe4f-db00d-4aa8d-accf7
.pubmatic.com/	1970-01-20 07:58:56	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 10:07:06	Name: CMPS Value: 1216
.pubmatic.com/	1970-01-20 10:07:06	Name: KADUSERCOOKIE Value: 588148F8-5190-4C36-A03F-7FCC544B3972
.casalemedia.com/	1970-01-20 16:43:06	Name: CMID Value: Y43.T11Z0tbX6CUHcTsI5wAA
.casalemedia.com/	1970-01-20 10:07:06	Name: CMPRO Value: 1211
.e.dlx.addthis.com/	1970-01-20 17:27:44	Name: na_tc Value: Y
.doubleclick.net/	1970-01-20 17:19:06	Name: IDE Value: AHWqTUkufOJlS6X_JVRV4UA10tGacXw2XbaKmDUI1_g37di-_uTYegrCTiCWYR4EX64
.doubleclick.net/	1970-01-20 07:57:33	Name: DSID Value: NO_DATA
.addthis.com/	1970-01-20 17:27:44	Name: na_id Value: 2022120514210400012747401972
.addthis.com/	1970-01-20 17:27:44	Name: na_tc Value: Y
.addthis.com/	1970-01-20 17:27:44	Name: uid Value: 638dfe50e404f590
.addthis.com/	1970-01-20 17:27:44	Name: ouid Value: 638dfe500001fed1bca81a0ea0d466572d62afa1e9fc5153efc9
.dlx.addthis.com/	1970-01-20 08:40:42	Name: na_sr Value: 20221205
.dlx.addthis.com/	1970-01-20 07:57:30	Name: na_srp Value: 3614
.casalemedia.com/	1970-01-20 10:07:06	Name: CMTS Value: 3390
.dlx.addthis.com/	1970-01-20 08:40:42	Name: na_rn Value: 1
.dlx.addthis.com/	1970-01-20 08:40:42	Name: na_sc_e Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FZ9j8LbVSXjJKucm4EnsLxrmz30lH6Sf2A0c2qRGCbq4g7FgULpNj76Cl8xicIWHGftd71Ju_mYr9AYqegl_fpy7ssqhgNSNA&google_gid=CAESEBuE1kYjAhPOaJJxGyxsbjI&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEA54d8JLxU5LsDI1T5xf7_M&google_cver=1&google_push=ASkJ3FZAS2sI27-ck3i0aih_6FcgU8bkIBlHu2O2eQHBOsaxEYWkLwRr-pRwU-enr4w5ZLlquhpk6l3Yz7ryZaCKFqaFjQNqC7prCI9rDGWchDksDUF1bMTg9eHYjC2YXhkwu3WHgzF0Ys63Y75tRgUoeP_9 Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
exedb.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.exedb.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.33.19
172.217.18.98
185.64.190.78
2001:4860:4802:32::36
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9b
34.98.67.61
35.186.253.211
35.244.174.68
69.173.144.138
78.46.72.84
88.221.168.166
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c0a67528790dc75533d8a99f239e6d1e4b9e05dd90c2e18122ea461df69174c
2157a1b49028ac0074a724dd12aa2919c8a5d0b08d1871743bf75c4895adcef4
22735c99662bf4eb65b6e29db04af4cfc8ac31d8f14d57dd3c8f17cfad1329c7
245ba6959e4932066e1ca8b683e51cf70659b3c566e61e66c2100205ac29ce46
27bfd1ffa4878116a0a6e054086fd99df8ec86792e78cc67ac5862b6e94b36ba
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
31208d5e24fe092caa4a658b20abda62728eb73f87544a26dfe4122cf1503f0a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37cafc5862e19d18cea36568136f60beed1ac1bcd9310c1b1ea3e6d57cbc81b0
3819c12c3b8c977149633c15d23580e969a14932273a683d90d759165fd04466
3db2338a858525aadf59d4a03cee5d43b43e46239bb5de725cd99fff917a65d1
4088b427df8fe9802eba66e6b3d53146b84a9089b1ebdaf83e7cde1ec672c930
40cc951045099e9bb483f4051ccf3778cde0f05dc15ee98c5550659c3d503469
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47fbd449ff636e31e4f08d0a76fec0cf8529317a2165c9e827c687d836aa8e5b
49adb270384b888031143988bb3f1728429a91ce35185b3bf42a387451a9db2f
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ca9d0859e6c60f967c92429a5c2bed85e98a5d3409ab7e4d7a69e11ab014a8b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e09eef723d72c7586178e30c635f747e4699f169fecf04e6f634c75a1587867
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59ac009b803b4a090ae8f199354d9eab571cb2c65251dd2a6a7b522dc1e4cfac
5edd8fb8eba5c0e39b6630f3dfde0c15dc94b6d11b07ad06035fbe4e28cbd20f
5f3d2f87d82b88f6b82b1c78637b76622c12b2e859193e41d1e81384e506bcd4
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636a088ea865350ca0e4b213fc43af10120fbdaa591dfb10b581fbbef186f9ae
64897fc113de26cd49835ea3a96f6579a5ccf2f3cb462712876ec21d2d2fccea
651d0936925a95457c9af5192281fa7975102b602f679aab06fe0e11ae452d99
6700cc79f4b6c67f0c884c9f4be1c9dba2a75bca40fc1eeabc6bd0ddeb53abe2
6b86b3e45bd3e74912705f47404dde5182854046d1a49b64772a0da89064f193
6bd506d50438df4cecf68bd2289b779b6fd30fdbc2a9f1b20f6a769c107f4082
713eeee08e685504bd17657a7549dd7602325663ad04ffb0d55c7c9373214593
72b387bc00e9f93fab3ec212d92eaa77690dbdcce950afb73b0782aaa44d9afd
751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7f5d261f091009d3e677016dc309e117007536f845dd2cea7987fc3f6735daf0
812e09a26d1f18572df456259c068f129f9b783072c25ef3afb3b278f4bc4808
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f0e68a8996d13ea9a18b35aba5ffae72bdfce735a8ca1dd283888040b7284e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b26167f743ce8c1a231895b9f511ce4cabe8405d774f7f23abb69dbbbceef29
976a048d9f6abc83b31613df6f904082891e354bcd0c39cec631329b55085889
97c39a21c470ceaa846eb9e330ece268ac5b017e5613c9600a0eb28c06f5a046
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a42b6109e927fad968626dcd1d1e4a080dc381c7407d338b0674fb7f61c612de
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a93abce76ea2613c57b7525a9fb66f3911fe1b5fcb64f247e4211bc3660491d3
aa52eb9758da3df8598dbd4f1474430348b9ab5e00bb3f92e408361e51e5a273
ae3d8dd9213a6c27f101c7f59622c12ef5a67a1c78e1eecf6678d2ed93594803
b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b49c81553df7c52b1c07210923f6f9243cdac95fe7003d577a6d5ab894993f3e
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc5d5612833e92ed863eea6cfa0ad883b8e10e6f459ee0ef4fa22cd03a8b5125
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded949ad3069c4d3a62a96d417402d678fbadc74e5373ed79389ebce3ffa892c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a4326209997a077d9078967eb02c86ac6dd7780d0871ae7739c5e49f21526f
e4e388e91288dbb387e9b8d0a76704e61e0aaa20381092e090eef880ab5be3e7
e7c7a89f84427a0e2f60a80a06869475e2c8d672c3a362de715404dae00955a4
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
ef056402d809d471fa6202c9ceafe2342845dc0afe84d925efe34a8647220119
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ad10c2437cbc3e745656ad6fd5dc7521809b8e9878ee7fb7050aa9794ed7f1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f81704626fe9caa119a2f0fe791fc288621b0eec01678dc65f024099ce4107e5
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fc79f00af786a5cf02e37f8b3befbcfc7b13525d326d2799ad751330697dce4c
fcd689e4c4d40c8857dbb34050a1094e1dc9c4aa7f24c2f9c95cb45596d96032

www.exedb.com Open in urlscan Pro 78.46.72.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

87 %HTTPS

64 %IPv6

20 Domains

28 Subdomains

22 IPs

5 Countries

1516 kBTransfer

3195 kBSize

26 Cookies

3 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.exedb.com Open in urlscan Pro
78.46.72.84 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

87 %
HTTPS

64 %
IPv6

20
Domains

28
Subdomains

22
IPs

5
Countries

1516 kB
Transfer

3195 kB
Size

26
Cookies

134 HTTP transactions
10 data transactions