www.exedb.com Open in urlscan Pro
78.46.72.84  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

• https://googleads.g.doubleclick.net/pagead/adview?ai=Cds0lElEaZZ3yJanH1fAPxeq98ASS7LikbOG2pfPQD4jJ1LORDhABILrRzBRglfrwgYwHoAHiv6HiA8gBCakC0b0OXZi2qD6oAwHIA8sEqgSsAk_QVU8GZH6uk1iZWg6NESrdMZ2o6ELICcnYKvJJcp62eec10YXIt4kdlpSt73_1fI9DR9umusyLFeFxFszw6l8dV5mFiNnCLryvULKvi32hBtshd4yhn58CULOYgw-J7dUBDS-Q0D_gySCy1fWni2GTiOobBAVunOKpSc9_qWj4U2JTPKB3AISe2VkmIObmfrgoAvvEnwEWtXKJy_XruKWNZwtaSQ0LldzxEgwHaoodNq2NnLKGZrKRa5nh2CnWxrnWMtrZhoPx-gzIHWPIIzSw20TyFetoIyCFsxHXhiJGoCzG8CsnHwjzCt9xgls7QrloqIlUAs0KaBa3miKso20jT7xDeNR-KIEYwWyiuAG2slKLUpuuCbd9hLPdnW-8x112qK6mncE_fk2yWMAEhqTyv4cEiAWIisL7PpIFBAgEGAGSBQQIBRgEoAYugAeGwN4dqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQv70W0ggWCIDhgHAQARgfMgLrAjoCgEBIvf3BOpoJRGh0dHBzOi8vZG93bmxvYWQucGNzeXN0ZW1maXguY29tL2RyaXZlcnMvP2JyYW5kPVdpbmRvd3MmbG9nbz13aW5kb3dzgAoByAsBuBPkA9gTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0zMTAwNTA0MTI3MjAxMzMxGAA&sigh=Z_EojDepJNQ&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNoPOF_JD0bdgc7Rjy610194XnNVkHchgB&template_id=484&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221918459412549071043%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221011376098%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217388314300533165505%22}&andc=true

Request Chain 58

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 59

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 87

• https://googleads.g.doubleclick.net/pagead/adview?ai=CheIFElEaZbG4JbrK1fAPqsyeiAXerdiLc9fpkob3EQoQASC60cwUYJX68IGMB6AB7LPywAHIAQKoAwHIA8kEqgSqAk_QBenYZwoUDyBL-HoM-PE38la1g4lX2o9r_VTWC4QLyIZVKd3nSaZV0aFSWZW9DBHPXGW3MyBE7heaan-NhBaznJkQMJzhBnphS6CLSYND8k4XhJ1P8WUCvpamHKo50GTAnXOZ9eoPlGbI-IIGux-ao_G2jcx_NDHPHgvRWwvBRQgTmiEW3TOUzz0EFsdGzbq_SdUikRm5VF5wvI5_dy9lYkIsuqgqEUEaLPANLaSTz_d1ev7wE8TOBFI07W2adpcT8kYRKuSpQF_maMRoS6myDktbbD1_46KT5xM7vzjOZqFl9kZh6csHI6DrvooxXVges7mqs43jWVWWQcpdwWkLcg8S8mkMBebSvzj3g8H2-CX2wXkykbZZAGGfQdz7U-H1SnKxDCqBjgjABJ_WjanHBIgFttnkz0ySBQQIBBgBkgUECAUYBKAGAoAH_MuNvwKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCEvgLSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6mgkgaHR0cHM6Ly9tYWRtdXNjbGVzLmNvbS9zdGVwLWdvYWyACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMzEwMDUwNDEyNzIwMTMzMRgA&sigh=_COffxHS5D8&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNhXDFF8Si8NxlWMa6hJ8B--jPvJW_LBgB&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224464096544543407627%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211645656806587642593%22}&andc=true

Request Chain 89

• https://googleads.g.doubleclick.net/pagead/adview?ai=C51CtElEaZbK4JbrK1fAPqsyeiAXygOigb87RzJ-3EZyIltWXDhABILrRzBRglfrwgYwHoAG_y-aFAsgBAqgDAcgDyQSqBLkCT9Au3R75L2yE5I4BNb5my--4r7llGU-PUmH3u7dadA44q1RSaJVLGugE4n3j049udFOitosLuV7aSHdq5cjbqQbeU54Cc0jCbdWxQ13OZz3mQpIrNSWGqZisDJyQqXSKP-N_Jlg9XLVU5P06N_BsJ5rW06GAVuAxmHOgEDPu8cxjgFfLY6bFb_4hfPyK6xSQ5hRsb-lvh7LvY1l65nFvFu1_7lgwJqwF6EgFvd1e6QFt6dN9l1F_vVxq9LroP-0woQEZGcIGWm8A_psSrcQvg2FQjBDi_H0-ves8e86jMAgmZBRnnEvaNL-b3oUmiRiKsakJoIpPrIfFCGHsNotBkRLg5_ldqUtcvYQyXjdj0WH-nBTCJNnXw6OpyW3wfogoOzekYV50PZ27eOog5jBcqXqPr2VNxHVS4cAEy6eImbwEiAX5pKL1MZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAf_vIGzAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENSHAdIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCY4BaHR0cHM6Ly93d3cuY290b3Nlbi5jb20vaG90LXNhbGUvP3RzcHU9U1AyMjA1MThSRURSLFNQMjIwNjIxM1NMVixTUDIyMDIyNUwxVEssU1AyMjAyMTVENkI1LFNQMjExMjI0VTBWTyxTUDIyMDQwMjE4Q1IsU1AyMjA2MjNRQ0w2LFNQMjIwNjIwV1BITIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0zMTAwNTA0MTI3MjAxMzMxGAA&sigh=ptof71HfVS0&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNhXDFF8Si8NxlWMa6hJ8B--jPvJW_LBgB&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222744242503814621570%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22549037503%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224266339121100686737%22}&andc=true

Request Chain 96

• https://googleads.g.doubleclick.net/pagead/adview?ai=CnA5ZE1EaZafsD__B1fAP0vy56Aia7diLc42ovsfgEQoQASC60cwUYJX68IGMB6AB7LPywAHIAQmoAwHIA8sEqgSoAk_Qan3hqSNflMscTWZK01HR4wbfpwCFA8vR3gZ_mrBD8zYXmgmwR7YexMycF5lMKAFLItyY-pe088gUad7dZoVFnabshVoLEMuUMyXVTyFzfqN0VWhk7ZFLeq5OJvSnhqK176QjBfORy20Qp2tMwu9pgS0Zw4ZHjKiT2Bsn-oHUiDWAmd5EYL3Kf43wmBc56cb2HNksGQ4ftMY3-P1FW25Thod95ce6QoFVTLfF0sPbN6_9vBoEy7Nbi1KTwFxNdGa2zaUx11o60XZaKUw_UXcRBfneadyzVyIDPiQOeAuGxm_V0L8qgi-BR0t2LFc8zDa7i-5t-AkvpY3nc5i-tpfVumOFtMVQ47rRNhW4vrIgQj5hEeEVdkQRV6kfwo1eAEjjYEUXs9uBwAShvKrzyQSIBf7xwdFMkgUECAQYAZIFBAgFGASgBi6AB_zLjb8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQtF3SCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6mgkhaHR0cHM6Ly9tYWRtdXNjbGVzLmNvbS9jbHN0aHMtYWdlgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTMxMDA1MDQxMjcyMDEzMzEYAA&sigh=bp3FC_D-gFg&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNylGN0vO1SeU4gXmgK4yTbgRCSD-VJ8jmnNy6Dz5-Pf6GjKA7CA-eMn__qmKFrokLhdpxCirJiRgB&template_id=5000&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217439317807471663264%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229598266705299616753%22}&andc=true

Request Chain 101

• https://googleads.g.doubleclick.net/pagead/adview?ai=CE4YTE1EaZYzoD9KT1fAPp6aegAaS7LikbOG2pfPQD4jJ1LORDhABILrRzBRglfrwgYwHoAHiv6HiA8gBCakC0b0OXZi2qD6oAwHIA8sEqgSnAk_QQLrqXO-zA0l5JRz06zwpQeGNZortN4qwyCtWb2VlYLDhy87nJRN7kK60P8KguTrZEGWRdUFIOn6dn6XWiBr4zz3YQIeLAkceXgPyorMZDKzbuwHltuE8_F5FP63pFW-yV3XOvbME5XoAjJJ8bXPxiHvKm01W1KRRzrWWVqWFDpH0a3_w1PA6irDTd3TNhjk0w4Vpq0xpsU3bJEx2PkDAwXsoN_LSDhkZixLfGaXoGDftmLeV3wZsVQKkqQDAM40xseu0VdYxn_t8dyKRRVrrTS3LZnX4JXWndkVr-PlYLBSh5N4-8mky8pmmtBDv060mx_Fj8PlJeo-5NoVeZ-f0_HV0p_eZIvN5GrNNMMYi2FhZSw1AZpNGCROKvwryfcWwu5A4YpTABIak8r-HBIgFiIrC-z6SBQQIBBgBkgUECAUYBKAGLoAHhsDeHagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIGxAdIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCURodHRwczovL2Rvd25sb2FkLnBjc3lzdGVtZml4LmNvbS9kcml2ZXJzLz9icmFuZD1XaW5kb3dzJmxvZ289d2luZG93c4AKAcgLAbgT5APYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMzEwMDUwNDEyNzIwMTMzMRgA&sigh=gVkkzEnp5tk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNKkZwP4bZGXxf_Xbg3t83mB5lreRjs4vT39xXTYOUALRRRr9Q9wUcJm2SuaJA5RV2Kf-2Vn3-tBgB&template_id=484&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229403476855303775164%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221011376098%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213050425262707212705%22}&andc=true

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Show response www.exedb.com/en/	63 KB 63 KB	664ms 46ms	Document text/html	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 75dc8a9bb404b4dac12edddabee49e7598a1a55389e2c5fa8eb4260d374164a5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private,public content-encoding gzip content-length 64443 content-type text/html; Charset=utf-8 date Mon, 02 Oct 2023 05:11:45 GMT server Microsoft-IIS/10.0 vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	258 KB 88 KB	82ms 34ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-RMPSQLW73D Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d5ce50dcd9d4f8f08b11a0f5134c8e07c4e8cca42a4401693dcb16d3329956f3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:46 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 89984 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 02 Oct 2023 05:11:46 GMT
GET H2	200	global2.css www.exedb.com/css/	14 KB 14 KB	43ms 42ms	Stylesheet text/css	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/css/global2.css Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash eb4f9b2a53c842f6a29518f592d548944c1f4764d8a37bf880c00d7c035ac957 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT content-encoding gzip last-modified Fri, 15 Sep 2023 14:27:11 GMT server Microsoft-IIS/10.0 etag "f5b82cb7e0e7d91:0" vary Accept-Encoding content-type text/css cache-control max-age=2592000,public accept-ranges bytes content-length 14576
GET H2	200	index-n.css www.exedb.com/	4 KB 4 KB	43ms 43ms	Stylesheet text/css	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/index-n.css Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 051b0c9b6f7695773c661a88e4c3b78c7d0ae0a1deaea1c3e970c5cfab90191f Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT content-encoding gzip last-modified Thu, 13 Jul 2023 06:20:23 GMT server Microsoft-IIS/10.0 etag "bd2a1b1b52b5d91:0" vary Accept-Encoding content-type text/css cache-control max-age=2592000,public accept-ranges bytes content-length 3845
GET H2	200	header.js Show response www.exedb.com/javascripts/	1 KB 1 KB	25ms 24ms	Script application/javascript	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/javascripts/header.js Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 22735c99662bf4eb65b6e29db04af4cfc8ac31d8f14d57dd3c8f17cfad1329c7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT content-encoding gzip last-modified Wed, 28 Sep 2022 17:45:20 GMT server Microsoft-IIS/10.0 etag "0b8ce1362d3d81:0" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000,public accept-ranges bytes content-length 1147
GET H2	200	index.js Show response www.exedb.com/	4 KB 4 KB	33ms 31ms	Script application/javascript	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/index.js Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 4d4fb455e5fc986feaa722bd7c87b7747a31df86431a71e9abedc4bd3a002822 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT content-encoding gzip last-modified Tue, 12 Sep 2023 06:43:08 GMT server Microsoft-IIS/10.0 etag "43d096444e5d91:0" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000,public accept-ranges bytes content-length 3909
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	149 KB 51 KB	133ms 82ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331 Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 193e2d7bce06130f01e9ff2b4e8137e255d7b7f4b8a814d079ed9d031cb8cb43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Origin https://www.exedb.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:46 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51294 x-xss-protection 0 server cafe etag 7268051084660108091 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Mon, 02 Oct 2023 05:11:46 GMT
GET H2	200	exeIcon.svg www.exedb.com/images/	895 B 1009 B	24ms 24ms	Image image/svg+xml	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/images/exeIcon.svg Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 3819c12c3b8c977149633c15d23580e969a14932273a683d90d759165fd04466 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT last-modified Wed, 28 Sep 2022 16:37:46 GMT server Microsoft-IIS/10.0 etag "0696fa358d3d81:0" content-type image/svg+xml cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 895
GET H2	200	exedb.png www.exedb.com/img/	5 KB 5 KB	39ms 39ms	Image image/png	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/img/exedb.png Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 0d45af8e11203f2d5e29340d98635c70020f35a3575de96952cf1187380cacb8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT last-modified Fri, 30 Sep 2022 06:54:14 GMT server Microsoft-IIS/10.0 etag "c14ccb7399d4d81:0" content-type image/png cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 4632
GET H2	200	seen.png www.exedb.com/	469 B 556 B	24ms 24ms	Image image/png	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/seen.png Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 84fd1028d3aff54df0967a2f0bad4ca7442560afb22471394f397fc79ea1a68b Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT last-modified Sat, 11 Mar 2023 15:17:44 GMT server Microsoft-IIS/10.0 etag "384536a12c54d91:0" content-type image/png cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 469
GET H2	200	vote-safe-32.png www.exedb.com/	592 B 671 B	25ms 24ms	Image image/png	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/vote-safe-32.png Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 6594d88954238143ec387448c00efd7c166b4193bc755328092d6285a6916b29 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT last-modified Tue, 21 Jun 2022 06:54:42 GMT server Microsoft-IIS/10.0 etag "edf59cc83b85d81:0" content-type image/png cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 592
GET H2	200	vote-danger-file.png www.exedb.com/	586 B 665 B	25ms 25ms	Image image/png	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/vote-danger-file.png Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash e913a4f0f31847bffaa1019f3cdcb59d563b1df51a53b2ef5fa1ff144bd93f2a Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT last-modified Tue, 21 Jun 2022 06:55:22 GMT server Microsoft-IIS/10.0 etag "bcc1ace03b85d81:0" content-type image/png cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 586
GET H2	200	tip.png www.exedb.com/	1 KB 1 KB	31ms 31ms	Image image/png	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.exedb.com/tip.png Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 4ede7df353bf407622be01c9476c5b4cc1b77ecfde557a4ee81978a288b0a78b Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT last-modified Sun, 12 Mar 2023 05:52:25 GMT server Microsoft-IIS/10.0 etag "8b1433d2a654d91:0" content-type image/png cache-control no-cache,max-age=2592000,public accept-ranges bytes content-length 1067
GET H2	200	jquery.min.js Show response www.exedb.com/javascripts/	87 KB 30 KB	24ms 24ms	Script application/javascript	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/javascripts/jquery.min.js Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT content-encoding gzip last-modified Thu, 29 Sep 2022 05:40:40 GMT server Microsoft-IIS/10.0 etag "0fc1e2c6d3d81:0" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000,public accept-ranges bytes content-length 30891
GET H2	200	lazysizes.min.js Show response www.exedb.com/	8 KB 8 KB	24ms 24ms	Script application/javascript	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/lazysizes.min.js Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash e76fb8d9f216898822b92b5be7fc0b3085b9a3685b14089d64a10935e83a08c5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT content-encoding gzip last-modified Tue, 11 Oct 2022 08:08:06 GMT server Microsoft-IIS/10.0 etag "cd5e3e9848ddd81:0" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000,public accept-ranges bytes content-length 7914
GET H2	200	exedb-ads2.asp Show response www.exedb.com/	3 KB 3 KB	57ms 56ms	XHR text/html	78.46.72.84 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.exedb.com/exedb-ads2.asp Requested by Host: www.exedb.com URL: https://www.exedb.com/javascripts/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.46.72.84 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.84.72.46.78.clients.your-server.de Software Microsoft-IIS/10.0 / Resource Hash 38a9191cfd1c24254de9ab485758334d5231b8266c96b38cea6a9ee582948084 Request headers Accept text/html, */*; q=0.01 Referer https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:45 GMT cache-control private,public content-encoding gzip server Microsoft-IIS/10.0 content-length 3197 vary Accept-Encoding content-type text/html; Charset=utf-8
POST H2	204	collect region1.google-analytics.com/g/	0 253 B	80ms 29ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-RMPSQLW73D&gtm=45je39r0&_p=426775109&cid=1278046509.1696223506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696223506&sct=1&seg=0&dl=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&dt=pospaymentsworker.exe%3A%20What%20is%20it%20and%20How%20to%20Remove%20it%20(Solved)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-RMPSQLW73D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Mon, 02 Oct 2023 05:11:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.exedb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/	380 KB 129 KB	150ms 106ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8ea092b513a5ee2c8b31ceb4dc6e9f9129e90b53ac84a04f6ce55d5fefb0282 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:46 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131787 x-xss-protection 0 server cafe etag 8205188712186991042 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 02 Oct 2023 05:11:46 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame E650	10 KB 5 KB	72ms 21ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3100504127201331 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 45578 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 01 Oct 2023 16:32:08 GMT etag 2603938475786422795 expires Sun, 15 Oct 2023 16:32:08 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	385 B 600 B	80ms 29ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.exedb.com&callback=_gfp_s_&client=ca-pub-3100504127201331 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fc74f02cad630b76823151f587f69009714f98f23919bf5bed49a0b6a73d5b57 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:46 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 248 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 48A3	267 KB 55 KB	512ms 511ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&adk=1812271804&adf=3025194257&lmt=1696216306&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506285&bpp=28&bdt=244&idt=256&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5794676433994&frm=20&pv=2&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=283 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 905e41ec5b08a34e04359a344426d93c07de281a8f75e31f3589e44ebe12360b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 56477 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 05:11:47 GMT expires Mon, 02 Oct 2023 05:11:47 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	56ms 55ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=bg-primary-300&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Mon, 02 Oct 2023 05:11:46 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 4B99	110 KB 38 KB	531ms 530ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1696216306&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506313&bpp=3&bdt=273&idt=263&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6hR3T2ypaA&p=https%3A//www.exedb.com&dtd=266 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 20d9db1d7deaac9d881422b909f4a6f74704fe3d0908b18437bdba55bd6bab43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 38540 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 05:11:47 GMT expires Mon, 02 Oct 2023 05:11:47 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	css fonts.googleapis.com/ Frame 4B99	4 KB 1 KB	80ms 31ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1696216306&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506313&bpp=3&bdt=273&idt=263&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6hR3T2ypaA&p=https%3A//www.exedb.com&dtd=266 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 02 Oct 2023 05:11:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 02 Oct 2023 04:00:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 02 Oct 2023 05:11:47 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 4B99	2 KB 973 B	75ms 24ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1696216306&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506313&bpp=3&bdt=273&idt=263&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6hR3T2ypaA&p=https%3A//www.exedb.com&dtd=266 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 16:48:49 GMT content-encoding br x-content-type-options nosniff age 44578 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 16:48:49 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 4B99	23 KB 9 KB	47ms 25ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1696216306&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506313&bpp=3&bdt=273&idt=263&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6hR3T2ypaA&p=https%3A//www.exedb.com&dtd=266 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:02 GMT content-encoding br x-content-type-options nosniff age 68025 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:02 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 4B99	3 KB 1 KB	46ms 25ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1696216306&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506313&bpp=3&bdt=273&idt=263&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6hR3T2ypaA&p=https%3A//www.exedb.com&dtd=266 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 18:28:58 GMT content-encoding br x-content-type-options nosniff age 38569 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 18:28:58 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 4B99	20 KB 8 KB	73ms 22ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1696216306&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506313&bpp=3&bdt=273&idt=263&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6hR3T2ypaA&p=https%3A//www.exedb.com&dtd=266 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:01 GMT content-encoding br x-content-type-options nosniff age 68026 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8282 x-xss-protection 0 server cafe etag 5314254467506293444 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:01 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4B99	182 KB 58 KB	100ms 35ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1696216306&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506313&bpp=3&bdt=273&idt=263&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6hR3T2ypaA&p=https%3A//www.exedb.com&dtd=266 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:47 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58285 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1695814262870679" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 02 Oct 2023 05:11:47 GMT
GET H2	200	fda82c26911938d9c7ca79f9220f8b0c.js Show response www.gstatic.com/mysidia/ Frame 4B99	36 KB 15 KB	69ms 18ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1696216306&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506313&bpp=3&bdt=273&idt=263&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6hR3T2ypaA&p=https%3A//www.exedb.com&dtd=266 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 25 Sep 2023 20:38:48 GMT content-encoding gzip x-content-type-options nosniff age 549179 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15328 x-xss-protection 0 last-modified Mon, 25 Sep 2023 20:14:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 24 Dec 2023 20:38:48 GMT
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/	154 KB 53 KB	72ms 72ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/reactive_library_fy2021.js?bust=31078215 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 24ab4c962e3ececbe7c95e748bb8830240f815e813d11eb88ef25ac3e4ead21c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:47 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53744 x-xss-protection 0 server cafe etag 11598306598482392503 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 02 Oct 2023 05:11:47 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame F542	111 KB 38 KB	490ms 489ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6c80d7a63284ed7dbf6cb7b4213fad004019c37572a641e60fe32527a90afaba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 38896 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 05:11:47 GMT expires Mon, 02 Oct 2023 05:11:47 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2771	120 KB 40 KB	365ms 365ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=4&bdt=1158&idt=4&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280%2C1016x280&nras=4&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cnHbDw26rh&p=https%3A//www.exedb.com&dtd=22 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ac2f86aacdae73a767dd9ded64192c694980d40dca07cb57e4d2cb09448de5c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 40467 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 05:11:47 GMT expires Mon, 02 Oct 2023 05:11:47 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	async-ads.js Show response www.google.com/adsense/search/	144 KB 53 KB	79ms 30ms	Script text/javascript	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/adsense/search/async-ads.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9dad7e3ad1aee9f18d3ae3c4ffaccf2c7c7ed05eb7db64bc1006d1a2d94a245f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:47 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="ads-afs-ui" etag "2484294559279484791" vary Accept-Encoding report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 accept-ranges bytes link <https://www.adsensecustomsearchads.com>; rel="preconnect" expires Mon, 02 Oct 2023 05:11:47 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	56ms 56ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=44759876%2C44759927%2C31078215&hl=en&pvc=2013358110269955 Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Mon, 02 Oct 2023 05:11:47 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	17901403653090904972 tpc.googlesyndication.com/simgad/ Frame 4B99	9 KB 9 KB	24ms 22ms	Image image/png	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/17901403653090904972?w=600&h=314 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1696216306&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506313&bpp=3&bdt=273&idt=263&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6hR3T2ypaA&p=https%3A//www.exedb.com&dtd=266 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 895873d78a5278495f433c5aafa3802776e62689e507fb72860796d66c045ce3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 07:25:08 GMT x-content-type-options nosniff age 251199 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8907 x-xss-protection 0 last-modified Sun, 08 May 2022 20:27:52 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 28 Sep 2024 07:25:08 GMT
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/1997305006706444999/ Frame 4B99	1 KB 2 KB	22ms 21ms	Image image/png	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1997305006706444999/14763004658117789537?w=100&h=100 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1696216306&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506313&bpp=3&bdt=273&idt=263&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6hR3T2ypaA&p=https%3A//www.exedb.com&dtd=266 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 823f37c5d869a2bf9a637aa9fad051aff17a86fbe3fc85bf50b8e81507ee945e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sat, 30 Sep 2023 16:43:50 GMT x-content-type-options nosniff age 131277 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1380 x-xss-protection 0 last-modified Fri, 24 Jun 2022 13:04:49 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 29 Sep 2024 16:43:50 GMT
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/ Frame F4C9	10 KB 4 KB	20ms 20ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 34958 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 01 Oct 2023 19:29:09 GMT etag 2603938475786422795 expires Sun, 15 Oct 2023 19:29:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/ Frame A721	10 KB 4 KB	20ms 20ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 34958 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 01 Oct 2023 19:29:09 GMT etag 2603938475786422795 expires Sun, 15 Oct 2023 19:29:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 4B99	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 97de5e6199b3d8ae28dcd6fe8e9d9361cc92da0958ddae848ed7a01823ca72d3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4B99	16 KB 16 KB	70ms 21ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 26 Sep 2023 17:26:14 GMT x-content-type-options nosniff age 474333 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 Sep 2024 17:26:14 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4B99	15 KB 15 KB	73ms 26ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Wed, 27 Sep 2023 16:50:19 GMT x-content-type-options nosniff age 390088 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 26 Sep 2024 16:50:19 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame F4C9	23 KB 9 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:02 GMT content-encoding br x-content-type-options nosniff age 68025 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:02 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 96CE	143 B 166 B	21ms 20ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 2884 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 04:23:43 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame F4C9	3 KB 1 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 18:28:58 GMT content-encoding br x-content-type-options nosniff age 38569 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 18:28:58 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame F4C9	20 KB 8 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:01 GMT content-encoding br x-content-type-options nosniff age 68026 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8282 x-xss-protection 0 server cafe etag 5314254467506293444 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:01 GMT
GET H3	200	6167958838746523951 tpc.googlesyndication.com/simgad/ Frame F4C9	14 KB 15 KB	24ms 24ms	Image image/png	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/6167958838746523951?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkHhmGA8rIm3TmPhpS46YEI5K98vw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 22ef10cbeac521537e04ebc266964ee3aed5065736f706704eb58ef351f4f26f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Wed, 27 Sep 2023 21:41:17 GMT x-content-type-options nosniff age 372630 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14838 x-xss-protection 0 last-modified Fri, 10 Feb 2023 16:23:28 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 26 Sep 2024 21:41:17 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F4C9	182 KB 57 KB	30ms 30ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:47 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58285 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1695814262870679" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 02 Oct 2023 05:11:47 GMT
GET H3	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame F4C9	36 KB 14 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 33eefdbd02580f81ccdf0cf481b07e52ed5bc9e5b814aab76dcac4435d2da608 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:14 GMT content-encoding br x-content-type-options nosniff age 68013 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14668 x-xss-protection 0 server cafe etag 2376861509777232683 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:14 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame A721	23 KB 9 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:02 GMT content-encoding br x-content-type-options nosniff age 68025 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:02 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4135	143 B 166 B	24ms 20ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 2884 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 04:23:43 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame A721	3 KB 1 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 18:28:58 GMT content-encoding br x-content-type-options nosniff age 38569 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 18:28:58 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame A721	20 KB 8 KB	25ms 21ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:01 GMT content-encoding br x-content-type-options nosniff age 68026 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8282 x-xss-protection 0 server cafe etag 5314254467506293444 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:01 GMT
GET H3	200	5923113522964267170 tpc.googlesyndication.com/daca_images/simgad/ Frame A721	45 KB 46 KB	32ms 28ms	Image image/png	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/5923113522964267170 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b3e2df5a5a594b310917f964dd9e560809ac770069ce214304e9384f39b4d7aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 20:10:20 GMT x-content-type-options nosniff age 205287 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46572 x-xss-protection 0 last-modified Wed, 29 Jun 2022 10:35:19 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 28 Sep 2024 20:10:20 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame A721	182 KB 57 KB	33ms 29ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:47 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58285 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1695814262870679" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 02 Oct 2023 05:11:47 GMT
GET H3	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame A721	36 KB 14 KB	28ms 24ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 33eefdbd02580f81ccdf0cf481b07e52ed5bc9e5b814aab76dcac4435d2da608 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:14 GMT content-encoding br x-content-type-options nosniff age 68013 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14668 x-xss-protection 0 server cafe etag 2376861509777232683 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:14 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	372 B 308 B	30ms 29ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.exedb.com&client=partner-pub-3100504127201331&product=SAS&callback=__sasCookie Requested by Host: www.google.com URL: https://www.google.com/adsense/search/async-ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 236aa61de4fcaff28c51c0dfa89917baab844d5cd5d197ffd4f210db05cfc741 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:47 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 239 x-xss-protection 0
GET H2	200	ads Show response afs.googlesyndication.com/afs/ Frame 4E34	19 KB 4 KB	179ms 101ms	Document text/html	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://afs.googlesyndication.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-a70e351b4876bbac7&fexp=21404%2C17300002%2C17301293%2C17301321%2C17301323%2C17301381%2C17301248&client=pub-3100504127201331&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=7151696223507500&num=0&output=afd_ads&domain_name=www.exedb.com&v=3&bsl=10&pac=2&u_his=2&u_tz=120&dt=1696223507501&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=568520416&uio=-&cont=autors-container-0&jsid=csa&jsv=568520416&rurl=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&adbw=master-1%3A942 Requested by Host: www.google.com URL: https://www.google.com/adsense/search/async-ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software gws / Resource Hash 3e2337bedf3424ee0898cd51a0c6ee7ac6d382966658c762cdefe7006cbda6d5 Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-e_KJWe5EXya-nsGAtdHu6Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=3600 content-disposition inline content-encoding br content-length 3124 content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-e_KJWe5EXya-nsGAtdHu6Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other content-type text/html; charset=UTF-8 cross-origin-opener-policy same-origin-allow-popups; report-to="gws" date Mon, 02 Oct 2023 05:11:47 GMT expires Mon, 02 Oct 2023 05:11:47 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." report-to {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} server gws x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 4B99 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=Cds0lElEaZZ3yJanH1fAPxeq98ASS7LikbOG2pfPQD4jJ1LORDhABILrRzBRglfrwgYwHoAHiv6HiA8gBCakC0b0OXZi2qD6oAwHIA8sEqgSsAk_QVU8GZH6uk1iZWg6NESrdMZ2o6ELICcn... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221918459412549071043%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%2...	0 0	111ms 58ms	Fetch text/css	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221918459412549071043%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221011376098%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217388314300533165505%22}&andc=true Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:47 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"1918459412549071043","debug_reporting":true,"destination":"https://pcsystemfix.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1011376098"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"17388314300533165505"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 02 Oct 2023 05:11:47 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 02 Oct 2023 05:11:47 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1918459412549071043","debug_reporting":true,"destination":"https://pcsystemfix.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1011376098"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"17388314300533165505"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 96CE Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	28ms 28ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 05:11:47 GMT expires Mon, 02 Oct 2023 05:11:47 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 05:11:47 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4135 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	33ms 33ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 05:11:47 GMT expires Mon, 02 Oct 2023 05:11:47 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 05:11:47 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Show response pagead2.googlesyndication.com/bg/ Frame 4B63	37 KB 14 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3607483655&adf=3871732917&pi=t.aa~a.1236210272~rp.2&w=952&fwrn=4&fwrnh=100&lmt=1696216306&rafmt=1&to=qs&pwprc=2515029671&format=952x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223506313&bpp=3&bdt=273&idt=263&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6hR3T2ypaA&p=https%3A//www.exedb.com&dtd=266 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b59738e7e138acf9ac4f1483f2daa23fda9dc055420d6f6a174c2a34749b105f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 10:18:06 GMT content-encoding br x-content-type-options nosniff age 240821 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14639 x-xss-protection 0 last-modified Mon, 25 Sep 2023 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 28 Sep 2024 10:18:06 GMT
GET H2	200	css fonts.googleapis.com/ Frame 2771	14 KB 1 KB	31ms 29ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=4&bdt=1158&idt=4&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280%2C1016x280&nras=4&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cnHbDw26rh&p=https%3A//www.exedb.com&dtd=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 02 Oct 2023 05:11:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 02 Oct 2023 03:58:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 02 Oct 2023 05:11:47 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 2771	2 KB 892 B	22ms 21ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=4&bdt=1158&idt=4&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280%2C1016x280&nras=4&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cnHbDw26rh&p=https%3A//www.exedb.com&dtd=22 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 16:48:49 GMT content-encoding br x-content-type-options nosniff age 44578 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 16:48:49 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 2771	23 KB 9 KB	58ms 56ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=4&bdt=1158&idt=4&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280%2C1016x280&nras=4&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cnHbDw26rh&p=https%3A//www.exedb.com&dtd=22 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:02 GMT content-encoding br x-content-type-options nosniff age 68025 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:02 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 2771	3 KB 1 KB	59ms 58ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=4&bdt=1158&idt=4&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280%2C1016x280&nras=4&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cnHbDw26rh&p=https%3A//www.exedb.com&dtd=22 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 18:28:58 GMT content-encoding br x-content-type-options nosniff age 38569 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 18:28:58 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 2771	20 KB 8 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=4&bdt=1158&idt=4&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280%2C1016x280&nras=4&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cnHbDw26rh&p=https%3A//www.exedb.com&dtd=22 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:01 GMT content-encoding br x-content-type-options nosniff age 68026 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8282 x-xss-protection 0 server cafe etag 5314254467506293444 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:01 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 2771	0 0	60ms 59ms	Image text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-Nkj5IvjURofkH2RheIVUqnKP23lTmV7pjIlwCRc7lJqxz7xHRiH4kCiwlYxqJDJxrLao Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=4&bdt=1158&idt=4&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280%2C1016x280&nras=4&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cnHbDw26rh&p=https%3A//www.exedb.com&dtd=22 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2771	182 KB 57 KB	57ms 56ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=4&bdt=1158&idt=4&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280%2C1016x280&nras=4&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cnHbDw26rh&p=https%3A//www.exedb.com&dtd=22 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:47 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58285 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1695814262870679" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 02 Oct 2023 05:11:47 GMT
GET H2	200	fda82c26911938d9c7ca79f9220f8b0c.js Show response www.gstatic.com/mysidia/ Frame 2771	36 KB 15 KB	46ms 45ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=4&bdt=1158&idt=4&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280%2C1016x280&nras=4&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cnHbDw26rh&p=https%3A//www.exedb.com&dtd=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 25 Sep 2023 20:38:48 GMT content-encoding gzip x-content-type-options nosniff age 549179 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15328 x-xss-protection 0 last-modified Mon, 25 Sep 2023 20:14:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 24 Dec 2023 20:38:48 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	147ms 54ms	Preflight text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221918459412549071043%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221011376098%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217388314300533165505%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 02 Oct 2023 05:11:47 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	4688729890752295713 tpc.googlesyndication.com/simgad/ Frame 2771	33 KB 33 KB	39ms 19ms	Image image/png	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4688729890752295713?w=600&h=314 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=4&bdt=1158&idt=4&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280%2C1016x280&nras=4&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cnHbDw26rh&p=https%3A//www.exedb.com&dtd=22 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 562891d1e716637e073d045cdc07d9fd9f387456abb287cbaec5ed168f7f3942 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 26 Sep 2023 21:02:44 GMT x-content-type-options nosniff age 461343 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34128 x-xss-protection 0 last-modified Tue, 11 Jul 2023 22:27:23 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 25 Sep 2024 21:02:44 GMT
GET DATA	200 OK	truncated / Frame 2771	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 2771	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame F4C9	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4d54b27efd189c2a15e62a31c94cbff5def626d528b38c0c24f60d26f5774b19 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame A721	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9abb92daa630293b5e19b9ed17f55c34c373dda42fede56b051efca109927120 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/png
GET H2	200	search.svg afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 4E34	391 B 387 B	87ms 24ms	Image image/svg+xml	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 Requested by Host: afs.googlesyndication.com URL: https://afs.googlesyndication.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-a70e351b4876bbac7&fexp=21404%2C17300002%2C17301293%2C17301321%2C17301323%2C17301381%2C17301248&client=pub-3100504127201331&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=7151696223507500&num=0&output=afd_ads&domain_name=www.exedb.com&v=3&bsl=10&pac=2&u_his=2&u_tz=120&dt=1696223507501&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=568520416&uio=-&cont=autors-container-0&jsid=csa&jsv=568520416&rurl=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&adbw=master-1%3A942 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff563f41765da081fe9fd40e8bb33a623df033b10050a8ae8c1b46e15107d8f1 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://afs.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers content-encoding gzip x-content-type-options nosniff date Mon, 02 Oct 2023 02:47:21 GMT age 8666 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 273 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="afs-native-asset-managers" vary Accept-Encoding report-to {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-type image/svg+xml cache-control public, max-age=82800 accept-ranges bytes expires Tue, 03 Oct 2023 01:47:21 GMT
GET H2	200	chevron.svg afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 4E34	200 B 700 B	85ms 22ms	Image image/svg+xml	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%239aa0a6 Requested by Host: afs.googlesyndication.com URL: https://afs.googlesyndication.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-a70e351b4876bbac7&fexp=21404%2C17300002%2C17301293%2C17301321%2C17301323%2C17301381%2C17301248&client=pub-3100504127201331&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=7151696223507500&num=0&output=afd_ads&domain_name=www.exedb.com&v=3&bsl=10&pac=2&u_his=2&u_tz=120&dt=1696223507501&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=568520416&uio=-&cont=autors-container-0&jsid=csa&jsv=568520416&rurl=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&adbw=master-1%3A942 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5b4cc8b4df06881ba671ef97dfbac6804e5c6ad9db05254103495b3a00e9e250 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://afs.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers content-encoding gzip x-content-type-options nosniff date Sun, 01 Oct 2023 21:48:12 GMT age 26615 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 174 x-xss-protection 0 last-modified Tue, 27 Jun 2023 17:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="afs-native-asset-managers" vary Accept-Encoding report-to {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-type image/svg+xml cache-control public, max-age=82800 accept-ranges bytes expires Mon, 02 Oct 2023 20:48:12 GMT
GET H2	200	ads.js Show response afs.googlesyndication.com/adsense/search/ Frame 4E34	144 KB 53 KB	32ms 31ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://afs.googlesyndication.com/adsense/search/ads.js?pac=2 Requested by Host: afs.googlesyndication.com URL: https://afs.googlesyndication.com/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-a70e351b4876bbac7&fexp=21404%2C17300002%2C17301293%2C17301321%2C17301323%2C17301381%2C17301248&client=pub-3100504127201331&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=7151696223507500&num=0&output=afd_ads&domain_name=www.exedb.com&v=3&bsl=10&pac=2&u_his=2&u_tz=120&dt=1696223507501&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&cl=568520416&uio=-&cont=autors-container-0&jsid=csa&jsv=568520416&rurl=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&adbw=master-1%3A942 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash a789bb76a6cd0499d81200fc4e0c77f4939999c38d81345b1748fda6e74b7a4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://afs.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:47 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="ads-afs-ui" etag "8934746245089600275" vary Accept-Encoding report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 accept-ranges bytes link <https://www.adsensecustomsearchads.com>; rel="preconnect" expires Mon, 02 Oct 2023 05:11:47 GMT
GET H3	200	css fonts.googleapis.com/ Frame F542	4 KB 655 B	31ms 30ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 02 Oct 2023 05:11:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 02 Oct 2023 04:00:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 02 Oct 2023 05:11:47 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame F542	2 KB 892 B	24ms 23ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 16:48:49 GMT content-encoding br x-content-type-options nosniff age 44578 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 16:48:49 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame F542	23 KB 9 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:02 GMT content-encoding br x-content-type-options nosniff age 68025 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9135 x-xss-protection 0 server cafe etag 9583221549990841032 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:02 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame F542	3 KB 1 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 18:28:58 GMT content-encoding br x-content-type-options nosniff age 38569 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 18:28:58 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame F542	20 KB 8 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 10:18:01 GMT content-encoding br x-content-type-options nosniff age 68026 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8282 x-xss-protection 0 server cafe etag 5314254467506293444 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 15 Oct 2023 10:18:01 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame F542	0 0	30ms 28ms	Image text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0qTDUwYD967GbKB8Ixhw8uPZdGkA9zvk3zmlsPij2sg-V01y9pyVdpuAGaOGkOIp02EXq Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F542	182 KB 57 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:47 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58285 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1695814262870679" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 02 Oct 2023 05:11:47 GMT
GET H3	200	fda82c26911938d9c7ca79f9220f8b0c.js Show response www.gstatic.com/mysidia/ Frame F542	36 KB 15 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 25 Sep 2023 20:38:48 GMT content-encoding gzip x-content-type-options nosniff age 549179 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15328 x-xss-protection 0 last-modified Mon, 25 Sep 2023 20:14:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 24 Dec 2023 20:38:48 GMT
GET H3	200	tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Show response pagead2.googlesyndication.com/bg/ Frame 14AD	37 KB 14 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b59738e7e138acf9ac4f1483f2daa23fda9dc055420d6f6a174c2a34749b105f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 10:18:06 GMT content-encoding br x-content-type-options nosniff age 240821 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14639 x-xss-protection 0 last-modified Mon, 25 Sep 2023 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 28 Sep 2024 10:18:06 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame F4C9 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CheIFElEaZbG4JbrK1fAPqsyeiAXerdiLc9fpkob3EQoQASC60cwUYJX68IGMB6AB7LPywAHIAQKoAwHIA8kEqgSqAk_QBenYZwoUDyBL-HoM-PE38la1g4lX2o9r_VTWC4QLyIZVKd3nSaZ... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224464096544543407627%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22...	0 0	56ms 56ms	Fetch text/css	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224464096544543407627%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211645656806587642593%22}&andc=true Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:48 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"4464096544543407627","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"11645656806587642593"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 02 Oct 2023 05:11:48 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 02 Oct 2023 05:11:47 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4464096544543407627","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"11645656806587642593"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Show response pagead2.googlesyndication.com/bg/ Frame 45F3	37 KB 14 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b59738e7e138acf9ac4f1483f2daa23fda9dc055420d6f6a174c2a34749b105f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 10:18:06 GMT content-encoding br x-content-type-options nosniff age 240821 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14639 x-xss-protection 0 last-modified Mon, 25 Sep 2023 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 28 Sep 2024 10:18:06 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame A721 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=C51CtElEaZbK4JbrK1fAPqsyeiAXygOigb87RzJ-3EZyIltWXDhABILrRzBRglfrwgYwHoAG_y-aFAsgBAqgDAcgDyQSqBLkCT9Au3R75L2yE5I4BNb5my--4r7llGU-PUmH3u7dadA44q1R... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222744242503814621570%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%2...	0 0	58ms 57ms	Fetch text/css	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222744242503814621570%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22549037503%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224266339121100686737%22}&andc=true Requested by Host: www.exedb.com URL: https://www.exedb.com/en/pospaymentsworker---1128137-deztpb6nzl1qys6.shtml Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:48 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"2744242503814621570","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["549037503"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"4266339121100686737"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 02 Oct 2023 05:11:48 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 02 Oct 2023 05:11:47 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2744242503814621570","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["549037503"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"4266339121100686737"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	17901403653090904972 tpc.googlesyndication.com/simgad/ Frame F542	9 KB 9 KB	29ms 28ms	Image image/png	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/17901403653090904972?w=600&h=314 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 895873d78a5278495f433c5aafa3802776e62689e507fb72860796d66c045ce3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 07:25:08 GMT x-content-type-options nosniff age 251199 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8907 x-xss-protection 0 last-modified Sun, 08 May 2022 20:27:52 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 28 Sep 2024 07:25:08 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/1997305006706444999/ Frame F542	1 KB 1 KB	29ms 28ms	Image image/png	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1997305006706444999/14763004658117789537?w=100&h=100 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 823f37c5d869a2bf9a637aa9fad051aff17a86fbe3fc85bf50b8e81507ee945e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sat, 30 Sep 2023 16:43:50 GMT x-content-type-options nosniff age 131277 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1380 x-xss-protection 0 last-modified Fri, 24 Jun 2022 13:04:49 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 29 Sep 2024 16:43:50 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	55ms 54ms	Preflight text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224464096544543407627%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211645656806587642593%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 02 Oct 2023 05:11:47 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H3	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	56ms 56ms	Preflight text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222744242503814621570%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22549037503%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224266339121100686737%22}&andc=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 02 Oct 2023 05:11:48 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 2771	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 773f78a347b5a09d10bd856561074d8e14e8554df80b5b3f7b605d41153b2eeb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/png
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 2771	33 KB 33 KB	21ms 20ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 26 Sep 2023 09:09:18 GMT x-content-type-options nosniff age 504150 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 Sep 2024 09:09:18 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 2771 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CnA5ZE1EaZafsD__B1fAP0vy56Aia7diLc42ovsfgEQoQASC60cwUYJX68IGMB6AB7LPywAHIAQmoAwHIA8sEqgSoAk_Qan3hqSNflMscTWZK01HR4wbfpwCFA8vR3gZ_mrBD8zYXmgmwR7Y... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217439317807471663264%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%2...	0 0	56ms 56ms	Fetch text/css	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217439317807471663264%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229598266705299616753%22}&andc=true Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:48 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"17439317807471663264","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"9598266705299616753"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 02 Oct 2023 05:11:48 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 02 Oct 2023 05:11:48 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17439317807471663264","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"9598266705299616753"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Show response pagead2.googlesyndication.com/bg/ Frame 173E	37 KB 14 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1200x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=4&bdt=1158&idt=4&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280%2C1016x280&nras=4&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=cnHbDw26rh&p=https%3A//www.exedb.com&dtd=22 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b59738e7e138acf9ac4f1483f2daa23fda9dc055420d6f6a174c2a34749b105f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 10:18:06 GMT content-encoding br x-content-type-options nosniff age 240822 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14639 x-xss-protection 0 last-modified Mon, 25 Sep 2023 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 28 Sep 2024 10:18:06 GMT
GET DATA	200 OK	truncated / Frame F542	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5c66792f13af3b2582e40c51ef842330903037f369103d1874dc68859d1d4af3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Type image/png
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame F542	16 KB 16 KB	21ms 21ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Tue, 26 Sep 2023 17:26:14 GMT x-content-type-options nosniff age 474334 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 Sep 2024 17:26:14 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame F542	15 KB 15 KB	23ms 23ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Wed, 27 Sep 2023 16:50:19 GMT x-content-type-options nosniff age 390089 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 26 Sep 2024 16:50:19 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame F542 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CE4YTE1EaZYzoD9KT1fAPp6aegAaS7LikbOG2pfPQD4jJ1LORDhABILrRzBRglfrwgYwHoAHiv6HiA8gBCakC0b0OXZi2qD6oAwHIA8sEqgSnAk_QQLrqXO-zA0l5JRz06zwpQeGNZortN4q... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229403476855303775164%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%2...	0 0	57ms 57ms	Fetch text/css	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229403476855303775164%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221011376098%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213050425262707212705%22}&andc=true Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:48 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"9403476855303775164","debug_reporting":true,"destination":"https://pcsystemfix.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1011376098"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"13050425262707212705"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 02 Oct 2023 05:11:48 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 02 Oct 2023 05:11:48 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9403476855303775164","debug_reporting":true,"destination":"https://pcsystemfix.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1011376098"],"4":["10-02"],"6":["true"]},"priority":"500","source_event_id":"13050425262707212705"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	74ms 73ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 75a2a360ab55381653f245d322f080e01577a7a7b309f812c01e534114d7c9e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:48 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12344 x-xss-protection 0
OPTIONS H3	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	55ms 55ms	Preflight text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217439317807471663264%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229598266705299616753%22}&andc=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 02 Oct 2023 05:11:48 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Show response pagead2.googlesyndication.com/bg/ Frame DCD8	37 KB 14 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3100504127201331&output=html&h=280&adk=1619790871&adf=3202855383&pi=t.aa~a.2155628691~rp.4&w=1016&fwrn=4&fwrnh=100&lmt=1696216307&rafmt=1&to=qs&pwprc=2515029671&format=1016x280&url=https%3A%2F%2Fwww.exedb.com%2Fen%2Fpospaymentsworker---1128137-deztpb6nzl1qys6.shtml&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696223507198&bpp=2&bdt=1158&idt=-M&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db28f41807b9fd710-22287d8c24df009a%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaDImoqOx_B6MkGB7igZZTRUIR6FA&gpic=UID%3D00000c8a38f27ddb%3AT%3D1696223506%3ART%3D1696223506%3AS%3DALNI_MaAhgdrSYpakko_nT1KMAq4njiqGg&prev_fmts=0x0%2C952x280&nras=3&correlator=5794676433994&frm=20&pv=1&ga_vid=1278046509.1696223506&ga_sid=1696223507&ga_hid=426775109&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=292&ady=1817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078215&oid=2&pvsid=2013358110269955&tmod=753959671&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=x62aPGXSPh&p=https%3A//www.exedb.com&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b59738e7e138acf9ac4f1483f2daa23fda9dc055420d6f6a174c2a34749b105f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Fri, 29 Sep 2023 10:18:06 GMT content-encoding br x-content-type-options nosniff age 240822 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14639 x-xss-protection 0 last-modified Mon, 25 Sep 2023 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 28 Sep 2024 10:18:06 GMT
OPTIONS H3	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	56ms 55ms	Preflight text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229403476855303775164%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221011376098%22],%224%22:[%2210-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213050425262707212705%22}&andc=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 02 Oct 2023 05:11:48 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3100504127201331&plah=www.exedb.com&bust=31078215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:48 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 02 Oct 2023 05:11:48 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3727	13 KB 5 KB	22ms 21ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 61426 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 01 Oct 2023 12:08:02 GMT expires Mon, 30 Sep 2024 12:08:02 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 42EC	829 B 558 B	31ms 30ms	Document text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6dc7dd81997a9aaef71e59eb5f4be2393c3b2e5e6b2cd0b74dc9147d3119f51e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-tmu76irtPIcSdCA_YuZ27A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.exedb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-tmu76irtPIcSdCA_YuZ27A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 05:11:48 GMT expires Mon, 02 Oct 2023 05:11:48 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response pagead2.googlesyndication.com/bg/ Frame 3727	37 KB 14 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Sun, 01 Oct 2023 12:07:56 GMT content-encoding br x-content-type-options nosniff age 61432 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14550 x-xss-protection 0 last-modified Mon, 25 Sep 2023 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 30 Sep 2024 12:07:56 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 42EC	0 0	55ms 54ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=2013358110269955&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 3727	0 11 B	21ms 21ms	Image text/plain	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?PHT4bA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Mon, 02 Oct 2023 05:11:48 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 4B99	42 B 64 B	58ms 57ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8Fx46hn3zA45yR5mhGuQGNkzXO3e_FxcFY1_K8D_9t4cEiBKcZlLPjlQP2zRG4Na-WvCc9jX7McspG4BnTiRxtlJPKvDd2lnt7d3_3MbK_lWD1thSHoWY6xMRzS4Fo-Nsw6LavrAEtQns&sai=AMfl-YQRuCmrra35HqmnbOqtri2ePHp7hBwXW-m9Ph74NM4IfoB1hAIcX3lwUZFPsbCtwzmre6xOzzBHwIXc&sig=Cg0ArKJSzONBpR3DxheeEAE&cid=CAQSGwDICaaNoPOF_JD0bdgc7Rjy610194XnNVkHchgB&id=lidar2&mcvt=1000&p=0,0,280,952&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3607483655&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696223506581&rpt=979&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Mon, 02 Oct 2023 05:11:48 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame F4C9	42 B 64 B	58ms 57ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjOf2nVWeuQyo84hLW1yICgG1VqwWGVX7yF-BJ-aLv5JB0Vfsp3wsyDEhoPXIfc04eR7OJTnAkJ2ZkMprZjYnNPIqBTzbBzcw-uSoChUVZ0SU8Ope6P3mwvcFmW2v-mZGuBD6hgUNUiQAf&sai=AMfl-YRqv0pHgtdXo3S4zKk-Tn2G-BW_JuD7FlYXEt1Qy9v8Gq2o6UQDbHUIcJ10by_RMDM6qxkoMgSQBe0K&sig=Cg0ArKJSzGgos_qc73v-EAE&cid=CAQSGwDICaaNhXDFF8Si8NxlWMa6hJ8B--jPvJW_LBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696223507368&rpt=237&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Mon, 02 Oct 2023 05:11:48 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame A721	42 B 64 B	57ms 57ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuhgdyRmQq908p_6gmyp4NaDSK_S_v0ZMV6ClOpE49vUcyKyhgCni4-45vsi6-DxrD0HZPa28XUtPEpNtrIhIc1bYeOhlpCmOQO-BMx3QGUrBcWppjQbQ7eSrrM6MnOmPTEQQ5v4_cGl89&sai=AMfl-YTK19l__6LuhVXpxBRUPSBc9x9-M1RqjVxT2bmndNfIXM-abFrCcoO5StrHrrnT4g_XVGl9sxIuvZz_&sig=Cg0ArKJSzP_a_2ngM27CEAE&cid=CAQSGwDICaaNhXDFF8Si8NxlWMa6hJ8B--jPvJW_LBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696223507371&rpt=265&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers pragma no-cache date Mon, 02 Oct 2023 05:11:48 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	58ms 58ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=2013358110269955&bg=!w8ClwI_NAAYEJRtnJCU7ADQBe5WfOKl_Z0soxDhLAMByeVkfjOKuw9dB77S-TnYAQ4k-cTfSvEw4SYIfu2y8xYkqHArxAgAAAEJSAAAABmgBB5kCrMFhq4ZDVmfznZzYcvV4CCCeQkkAMYAQyEOK3CEYSi9-sSb4Y7O8FgqV_bjsl9DQLQnA-P47h2kOHQ6XP4k62Gz8WSBb_tTdcxA04M6vuyaBe8wmc4zqc4MQ0JWG4kS88GH5vakNgXcArNJ1A68I7IaxbCV02S7KT58E81U4DH7xa8I7I9vqbE0wtT93JMsE_6HcRwNoeYpNsgofDTXN-CYRq805ifds2lFHck_HHGseGMb6RMcXJkr1n-m_Fz-HJFHLRtzL0UG1CIF3RmhDzIsMha_-kvE-3OcpH8ByLAfsymFHIaaiJIsy8NA2B9YPiDpJRc_yGC3ZilOr7am1yGjWmfIoSMOdwfQ911m3Rz2cQ0TKzEYmKNytVaxmjjAtjUbihdsChqXv0DAzIXlxYkWd61jC4lSActieN1qFAC5NHOhzFqwFb6N6p8vUK8m5YHginBc0nlxITXLan4fEshrXiOEJyedC-dp8ze1EPuJRDKK77jC6Uwmeswdbopc71VZn-dyp_hMHtLVCFfWBx8rgCgKnRFu0xuGaLiR6DgUH3iJsd0O1RdgRvgpyns9-hNMs0Dg4RSVSy0BoTmIWumy1lcHCjk7sIfIo4BeSuqGrIRDM47odtHE5CGS0W2zgno-5KRHQGqaA3VFST194y_CnpqENQN1HwzSZ55nTDD2k53ygPiYCB9Agu24fjKMgzx-sdlukNaSPnmBkbX-AFW7UnE4YA80U-fMRWxOJ6a_k22ZXgjc_IPV6pv_T3peIboX3PhgPOmdKRvBz2rAisGS0DhPQ_RbA60pHjHivvvbZbtspoIFAYvcZ4ScT-TICxl3ykZPY67AOAhyYij3Hp5jAKaMpngPKkU3Y9xfGGt8CnXLT8jSyPgN5UqM96226Hng1mzlfFzG0GwOJXw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers
GET H3	204	gen_204 www.google.com/afs/	0 22 B	42ms 41ms	Image text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/afs/gen_204?client=pub-3100504127201331&output=uds_ads_only&zx=6dwpznpzqkt3&aqid=E1EaZZD7J4Xb1gaSxIqwCA&psid=5134551505&pbt=bs&adbx=329&adby=1148.65625&adbh=348&adbw=942&adbah=58%2C58%2C58%2C58%2C58&adbn=master-1&eawp=partner-pub-3100504127201331&errv=568520416&csala=260%7C23%7C368%7C209%7C49&lle=0&ifv=1&usr=0&hpt=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-HExTmPMORNe0tqInbZ5flA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-HExTmPMORNe0tqInbZ5flA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other date Mon, 02 Oct 2023 05:11:49 GMT server gws cross-origin-opener-policy same-origin-allow-popups; report-to="gws" x-frame-options SAMEORIGIN report-to {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." content-type text/html; charset=UTF-8 permissions-policy unload=() origin-trial Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0= alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 www.google.com/afs/	0 21 B	40ms 40ms	Image text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/afs/gen_204?client=pub-3100504127201331&output=uds_ads_only&zx=l95zxq8g8ei2&aqid=E1EaZZD7J4Xb1gaSxIqwCA&psid=5134551505&pbt=bv&adbx=329&adby=1148.65625&adbh=348&adbw=942&adbah=58%2C58%2C58%2C58%2C58&adbn=master-1&eawp=partner-pub-3100504127201331&errv=568520416&csala=260%7C23%7C368%7C209%7C49&lle=0&ifv=1&usr=0&hpt=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-zZcfPlb5yPSj_SizpjxBwA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.exedb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-zZcfPlb5yPSj_SizpjxBwA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other date Mon, 02 Oct 2023 05:11:50 GMT server gws cross-origin-opener-policy same-origin-allow-popups; report-to="gws" x-frame-options SAMEORIGIN report-to {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-type text/html; charset=UTF-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." permissions-policy unload=() origin-trial Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0= alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0