now-never.com Open in urlscan Pro
2606:4700:3030::6815:18c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://now-never.com/id/d_d/14401444
Submission: On May 21 via manual (May 21st 2023, 2:18:46 pm UTC) — Scanned from DE

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 14 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3030::6815:18c, located in United States and belongs to CLOUDFLARENET, US. The main domain is now-never.com. The Cisco Umbrella rank of the primary domain is 517703.
TLS certificate: Issued by E1 on May 1st 2023. Valid for: 3 months.

This is the only time now-never.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3030::6815:18c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
9	2606:4700:20:... 2606:4700:20::681a:e1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	159.69.45.25 159.69.45.25	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
61	16

13 2606:4700:3030::6815:18c (United States)

ASN13335 (CLOUDFLARENET, US)

now-never.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:e1f (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.45.25 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.25.45.69.159.clients.your-server.de

friend20.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	302 KB
13	now-never.com now-never.com — Cisco Umbrella Rank: 517703	62 KB
9	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 17328	118 KB
3	gstatic.com www.gstatic.com	15 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	56 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 320 fonts.googleapis.com — Cisco Umbrella Rank: 35	87 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9037	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	53 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	605 B
1	mycleverpush.com friend20.mycleverpush.com	27 KB
0	addthis.com Failed s7.addthis.com Failed
61	14

	Domain	Requested by
13	now-never.com	now-never.com
9	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	static.cleverpush.com	now-never.com static.cleverpush.com friend20.mycleverpush.com
8	pagead2.googlesyndication.com	now-never.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	now-never.com www.google-analytics.com
2	cdnjs.cloudflare.com	now-never.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	friend20.mycleverpush.com	static.cleverpush.com
1	ajax.googleapis.com	now-never.com
0	s7.addthis.com Failed	ajax.googleapis.com
61	17

This site contains no links.

Subject Issuer	Validity	Valid
now-never.com E1	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
cleverpush.com E1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-14` - `2024-06-13`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://now-never.com/id/d_d/14401444
Frame ID: C3D2CEA09A89D17512875EE68AC59056
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html
Frame ID: 665E51FE94371168C6AE80069C573BB9
Requests: 1 HTTP requests in this frame

Frame: https://friend20.mycleverpush.com/iframe?origin=https%3A%2F%2Fnow-never.com
Frame ID: AF916408C6D676978A34C09FCCE7CC90
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4706131106960362&output=html&adk=1812271804&adf=3025194257&lmt=1684678722&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnow-never.com%2Fid%2Fd_d%2F14401444&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684678722162&bpp=5&bdt=143&idt=190&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6899152094744&frm=20&pv=2&ga_vid=356922392.1684678722&ga_sid=1684678722&ga_hid=1704551685&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074198%2C44788442%2C44790154&oid=2&pvsid=2824889908180868&tmod=1891588193&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=216
Frame ID: 3A860CE3B2CA4EC123C2191EB4601C02
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1
Frame ID: 73D920B1E5E897958853F89AF94942F8
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 700581CAA03A84BE157287D69C7F13CB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B6C4237D7C20F1F70A7BC29AA92A07A
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 3484BD2899565C8BB51DB37975FF73A5
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Frame ID: 327B33924130CAE42EBADE1DEA72ECE5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Yanna Yovela Azura - Tantangan 10 Teman Terbaik 2023

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+(?:([\d.])+/)?pure(?:-min)?\.css

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

98 %
HTTPS

93 %
IPv6

14
Domains

17
Subdomains

16
IPs

2
Countries

749 kB
Transfer

2048 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 14401444 Show response
now-never.com/id/d_d/ 42 KB
9 KB 118ms
74ms Document
text/html 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now-never.com/id/d_d/14401444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f882b189a363f0d44e25798660dc425e924907879cf2498c03afbe0aaa8eb439

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7cad733c2f5e9b71-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 May 2023 14:18:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTate4CoHNn%2Bz0ggp96sWNLDZdEWixwzv8S6lDUnU%2B9MIw05m18eov8E3TrgzbiSnu0Fo%2BgQTXJtww1JOG3YZ6ZXaXfPqOWscaIsRyQHScw7nX1swuLXmPAstiftSZuCMe8%2FwHg%2FJJ9ubZD7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache-status: EXPIRED

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 106ms
66ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4706131106960362

Requested by

Host: now-never.com
URL: https://now-never.com/id/d_d/14401444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d897bffa88b080b49e4fe321386c3a505476d63959fa79dd09a520b8ccc56a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://now-never.com/
Origin: https://now-never.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47517
x-xss-protection: 0
server: cafe
etag: 7948575041976540968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 14:18:42 GMT

GET
H2 200 pure-min.css
cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/ 16 KB
4 KB 45ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/pure-min.css

Requested by

Host: now-never.com
URL: https://now-never.com/id/d_d/14401444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

434cc2ad4b3621f5d6631d2e30a25f1bddc2bc5ea8548236d70698b00578ffc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 406113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3356
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-4041"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFxNLqC%2BgzH8xiv77v7M6krhWe21ORx71GTrE%2B72cCH08Fo%2F7EGC2UbJkJake9qaIwB7fsgnNqwGCzs1FN3%2FqaA9O5pbmYjvyHIW%2FqkeE6k%2B5LBDn2PpTo9uSlZaijZFsXzs1MYWt3B%2Bb1x7MCGv799r"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cad733cd8d8364a-FRA
expires: Fri, 10 May 2024 14:18:42 GMT

GET
H2 200 grids-responsive-min.css
cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/ 8 KB
1 KB 46ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/grids-responsive-min.css

Requested by

Host: now-never.com
URL: https://now-never.com/id/d_d/14401444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a9e74bf710eef13b81f56375fc7e24c8b91050fa9ba66a75e9a3f35aece8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9450054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 742
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-1f60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpikDpiRQaj%2FW2hkvZBjOql0eJ7jnPTOSv%2B%2FOd9H%2FKLGq22E5%2FguvOo9RbsB5MZC2OWJcQFeFn5fZCcVZuSNrnZh94Qbyv1zSPOjKpitk0ryww6h%2Fnd0MWUlhbtjqq3a%2B%2BR7WnSWVRXifJfqWNJ2zKba"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cad733cd8da364a-FRA
expires: Fri, 10 May 2024 14:18:42 GMT

GET
H2 200 style.css
now-never.com/css/ 9 KB
3 KB 17ms
15ms Stylesheet
text/css 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now-never.com/css/style.css?v=a2
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b076846e9974fb52d6ec8d0237eed926c252081f148f8463908ae9b7d26ceaf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/id/d_d/14401444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1489006
cf-polished: origSize=9183
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 May 2023 08:41:49 GMT
server: cloudflare
etag: W/"64536fcd-23df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkdmSPSonRoIhX8XPhTKNqbETgMzGAig%2B6BOIqrMRYJ3t0XFkOiyzof4KWVy1j7B68hbkcLgOP19vuK8oWB%2Bc%2FEed0gmcQf%2FvUUyORdsbMvCvYKv7QBx9%2FglisIRt%2FyrtipZDvjOPStysm8O"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7cad733cafe09b71-FRA
expires: Fri, 03 May 2024 08:41:53 GMT

GET
H3 200 apple-icon-60x60.png
now-never.com/images/icons/f45/ 3 KB
3 KB 16ms
15ms Image
image/png 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now-never.com/images/icons/f45/apple-icon-60x60.png?v=1
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e419189b1525576852867d4224183fd1f10554d2aa18bd6bbf18b61b4842e814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/id/d_d/14401444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1709599
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2880
last-modified: Mon, 24 Oct 2022 19:43:00 GMT
server: cloudflare
etag: "6356eac4-b40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpBP8Shs2d6QY6H7BJZr9oBfVZSRJUGPvGMagFIJNXxQvecNyLjDQPw5NxzKtCIcJMvK4uyrC0qF5WlteJnGPAWbBT8dGk3hGEF49bkZ6BYe682fcFtruaFOBBiLJ002k1uTZu8LYKsZOVDR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cad733d0ca21e57-FRA
expires: Wed, 25 Oct 2023 06:37:12 GMT

GET
H3 200 whatsapp.svg
now-never.com/images/common/ 1 KB
1 KB 28ms
27ms Image
image/svg+xml 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now-never.com/images/common/whatsapp.svg
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bdd6e1e3c0781a16c2a3ab99bdc98a84c86162344281307a3e1969c59f2f4ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/id/d_d/14401444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 07:44:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1707417
etag: W/"61177478-4d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FG%2BBp%2FHeOFI5knYMFo7yIP0BA8xyi5yszn2mJOX5FBSUI%2BTLWYlnPvsp8azeFX9uzpN34B6C4viFVwTyjLeKsutEF9W3neC1e8i8dElN8XjzqaEIMa9t16J1y7%2Fn%2FPzDu%2FfixXBYoOGBMDj6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7cad733d0ca61e57-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 11 Nov 2023 15:13:56 GMT

GET
H3 200 messenger.png
now-never.com/images/common/ 586 B
1 KB 28ms
27ms Image
image/png 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now-never.com/images/common/messenger.png
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71a24a7a83671e8d63de0d04d14626c807825e3731a28bb774214fda1b07b0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/id/d_d/14401444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31374128
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 586
last-modified: Sat, 14 Aug 2021 07:44:56 GMT
server: cloudflare
etag: "61177478-24a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrQe8xWXalFx%2Bfj7ECpBp%2B7BK3eCspujlwIZvS%2BLgeUmXUhCPOh0Zz0Tx%2FXFLsLfEzjPEhyenxnpcv%2Fp1xkFtd93dZ9l8wvU%2FPpOl0FrT8Gzz0%2B8fpWjQwH0JSq280GRaDOst2Sx6Nb%2BuomT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cad733d0ca81e57-FRA
expires: Tue, 23 May 2023 11:15:56 GMT

GET
H3 200 instagram.png
now-never.com/images/common/social_icons/ 2 KB
2 KB 28ms
27ms Image
image/png 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now-never.com/images/common/social_icons/instagram.png
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0cebed6fdeaa0222ee4d01301b9a9878075be2196dbd7124b132f29c9124116

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/id/d_d/14401444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28705001
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1692
last-modified: Thu, 23 Sep 2021 11:34:26 GMT
server: cloudflare
etag: "614c6642-69c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9vhWAOZcQI6SSClYD702S1N6fhhMOFIjwG4F3rvwuN%2ByU52QbKjQRpervtVjutZKMLLIt3A1fkXi9KzDPF%2Bmtkf2WqeDUe5MRbS3fmlH%2BfyKX3USsBbOUKCL3vB5LLQJLZHtZMmK3KCDHTj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cad733d0caa1e57-FRA
expires: Thu, 08 Jun 2023 07:19:57 GMT

GET
H3 200 share.svg
now-never.com/images/common/ 1016 B
970 B 29ms
28ms Image
image/svg+xml 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now-never.com/images/common/share.svg
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb9eb7b189fa9e541c916c6bc8b19328797e41c15e4461ca7642d74f48e2a7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/id/d_d/14401444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 07:44:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 28705001
etag: W/"61177478-3f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D67mAumvYGUolcSYI%2FPjdcJsFAnfEwa2IPvtAj4cDqkxTAD1Y1v6rEumJAGNR39Xh143tKTey7%2Fw9l6JywjbUqeAJVBfsBJNIZerWZIjXfxwV9cuhxu2XNPVRotLQxBSYI%2B6JuizYxeDSj3%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7cad733d0cab1e57-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 31 May 2023 05:06:01 GMT

GET
H3 200 ms-icon-310x310.png
now-never.com/images/icons/f45/ 22 KB
22 KB 29ms
28ms Image
image/png 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now-never.com/images/icons/f45/ms-icon-310x310.png
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db270323accfe15b5895ec9f1cd6b0b235dfcfa27450810af210f52f301eb6d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/id/d_d/14401444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2870184
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22152
last-modified: Mon, 24 Oct 2022 19:42:59 GMT
server: cloudflare
etag: "6356eac3-5688"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Br10lRfZaMK1VzAmdnbHSe6VcyaNf8pvQVcOsVM1a0FoN35Vc9JtFuZCRgIdhlKqPdNP%2BHpo9ANagyB6MnC5xgfamXin3Z%2F118qPHdv0O9WqUls6txwygtPC9T7AQu6hJaTJrVkqjhj4tIAL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cad733d0cac1e57-FRA
expires: Wed, 17 Apr 2024 09:02:01 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
86 KB 67ms
15ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: now-never.com
URL: https://now-never.com/id/d_d/14401444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:01:50 GMT
x-content-type-options: nosniff
age: 83812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86927
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 15:01:50 GMT

GET
H3 200 combined.js Show response
now-never.com/js/ 19 KB
7 KB 18ms
17ms Script
application/javascript 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now-never.com/js/combined.js?v=23
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd853bca6e9c3c05da3497a2c95d2d1e94c1ebe809cf9cf00dfc55be5d9fa182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/id/d_d/14401444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1113
cf-polished: origSize=19256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 28 Nov 2021 18:44:22 GMT
server: cloudflare
etag: W/"61a3ce06-4b38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKcJGswkWTfI5D29Tupbi0n7E7JK5keziaBKR297vRc%2FmVjoEiKfM4m0CEzsicX%2BSLa29YlaChaBQFEa7EiBa5Q%2FO1hjC%2F8I19SV9SyPuLxNNGI2mF1Y%2BBGOvo4TSa9eXJuKaxI1gBFHG%2Fec"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7cad733d0c9f1e57-FRA

GET
H3 200 script.js Show response
now-never.com/js/ 21 KB
6 KB 17ms
16ms Script
application/javascript 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now-never.com/js/script.js?c=19
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c4ebed9f92aa280e14293d21c7d9572f9d34370ab733a9d71f14fd532632a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/id/d_d/14401444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 04 May 2023 08:41:49 GMT
server: cloudflare
age: 5625
etag: W/"64536fcd-526d"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxCJYoOkTCDMV3PiqiYqJxZgn4YatZEuqKxT6Okf9f4iR2BoscDr%2BRUxMoPyTdMN4wpris8x48kK4aAAjL5yI17FfJkk5dai9Zmse51YBS7BlPITIqQgsxp%2FCMrmYv3dz%2BgpDh6jsfTf9ZCF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7cad733d0ca11e57-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 SferLijT3vP2ue776.js Show response
static.cleverpush.com/channel/loader/ 207 KB
53 KB 62ms
23ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b82346bc0bfded17a86c5b0c70a269c2db73d9b0faaac9b2e9bffe2c1fd5a0b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NPZGM7A6V6WSQAM4
age: 7617
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ganN6p3DibLE5njR5x3dMuM4nHCem7vUr2tVw673A1V8mIKgw88tZPQlpCuPRM2iIE6gj+m9oYU=
last-modified: Sat, 20 May 2023 00:06:20 GMT
server: cloudflare
etag: W/"ca1f8e9040e977dd34be5490c420c186"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPnXFyK5oX3Ub7knPvLoD8CYcePRxYy%2B9wqnhkIRTxS8RwrRzBN6N8zUq6h0M4dOHhzSwIKQ0G66%2FVG0BPytSa8%2F1Y97LOCByTOI9bQtYgVNROemBq75h7%2BbS1wUoZlnmDH8%2FLaMQghewCn1a%2FUQ6zYcKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 7cad733d4c8118d7-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 53ms
27ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: now-never.com
URL: https://now-never.com/id/d_d/14401444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 May 2023 12:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6183
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sun, 21 May 2023 14:35:39 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 355 KB
120 KB 95ms
78ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4706131106960362&plah=now-never.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4706131106960362

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6b29fc904565d0e71927a5493cedcdb9892145b009e58c6fa65d2049e7e9385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122659
x-xss-protection: 0
server: cafe
etag: 11496975108263977578
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 14:18:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/ Frame 665E 10 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4706131106960362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://now-never.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 15:37:11 GMT
etag: 15057649708203361565
expires: Sat, 03 Jun 2023 15:37:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 21ms
20ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1704551685&t=pageview&_s=1&dl=https%3A%2F%2Fnow-never.com%2Fid%2Fd_d%2F14401444&ul=en-us&de=UTF-8&dt=Yanna%20Yovela%20Azura%20-%20Tantangan%2010%20Teman%20Terbaik%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1633286905&gjid=668763462&cid=356922392.1684678722&tid=UA-208803971-1&_gid=1914511332.1684678722&_r=1&_slc=1&z=594203066

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://now-never.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 14:18:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://now-never.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 click.mp3
now-never.com/sounds/rwc1/ 2 KB
2 KB 19ms
19ms Media
text/html 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now-never.com/sounds/rwc1/click.mp3
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a225c01a5df9cb63035fd93b82fde11adeb456ead1ce01185dbe2b28cc35eb71

Request headers

Referer: https://now-never.com/id/d_d/14401444
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
cf-cache-status: HIT
last-modified: Sun, 21 May 2023 14:01:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 528
x-cache-status: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNzo7M69g%2BDbRfToUh%2FsuyGj773jZvUiiRN9YM9GMjBu0YxKHjCSiGGVQD24ALmeItsAi2pKA63c1MgJNbHROhzaAyFKhjdUxDcMhSon2FeixocBnBAUlm02uNT5p7XL8ZQkWohnoAqw3FMt"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 7cad733dcd8f1e57-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 right.mp3
now-never.com/sounds/rwc1/ 1 KB
2 KB 25ms
25ms Media
text/html 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now-never.com/sounds/rwc1/right.mp3
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 600102fec35f4ec0fec6d99c81a1e4bb05d465ecf576a54ed56c3e45bda91fdb

Request headers

Referer: https://now-never.com/id/d_d/14401444
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
cf-cache-status: HIT
last-modified: Sun, 21 May 2023 11:51:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6412
x-cache-status: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQXZcR81kFW0TnOTaUNe5IF4DEeMtmLmyNzoOPqdTsvf%2BdKmN4k6uz1fsPbiwK%2BrYZtycuJA9nUTx%2BYzGhpRLcn3vNYzpkDXQt5K1l7XHu6QlZMPf0xgM9SwlJvVcQsQb9B6LP0HcHg1WivB"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 7cad733dcd901e57-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wrong.mp3
now-never.com/sounds/rwc1/ 2 KB
2 KB 21ms
20ms Media
text/html 2606:4700:3030::6815:18c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now-never.com/sounds/rwc1/wrong.mp3
Requested by: Host: now-never.com
URL: https://now-never.com/id/d_d/14401444
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:18c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3707dba46cded986426102cd058d2eb8f63f158cac1041674c1720412676f3ba

Request headers

Referer: https://now-never.com/id/d_d/14401444
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
cf-cache-status: HIT
last-modified: Sun, 21 May 2023 13:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4
x-cache-status: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgsb8uHA4YKjxiA8T%2FsY6gXewilIoDjY2TvhCCxIyXArxeCn3PdI%2FxthkVfNla1KOjRrqp%2Fyr2tLLZF3EcuT5PDZ5oUbLjywhbtvKWOFQbEetswxjPoj9HgHHTRHAQyabtC2rhppencLduos"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 7cad733dcd921e57-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET addthis_widget.js
s7.addthis.com/js/300/ 0
0

GET
H2 200 5.89dfd86a78af84e465de.js Show response
static.cleverpush.com/sdk/chunk/ 34 KB
9 KB 20ms
18ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.89dfd86a78af84e465de.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f11e526430b072c6eac93772fb48ded77d2219ac8a25b6494151a677b8809552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: E2G635GZNS883996
age: 17564
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JGFzYovzR+l2eKk+Y8h6sgOy8R+j4i5dDHa4dZL3jJAnOPpF5KrNvRv8I8wX8rfCLOABCWBdFPo=
last-modified: Sat, 20 May 2023 09:25:48 GMT
server: cloudflare
etag: W/"768bc4fdc1160ef3c91eac2a25bcbc00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4o0WmpQbDd46qmjQNQvo9EtS1kPeI4VZNlo5g%2ByZqeZWC38jdG%2FZL6x5yZPLkIfwfuXGCB%2ButSqIY5tRQuor1jmCnvHeIVB870CBdOHk%2BCJSr%2FM%2FeH1Htrfp4UArxs4I01pXe58OL73pHPPeWLf5N1Ocw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7cad733e2dd218d7-FRA

GET
H2 200 251.ff5b3c0c290e9961835b.js Show response
static.cleverpush.com/sdk/chunk/ 5 KB
3 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: E2G0CYPPYYRW6MDJ
age: 17564
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: FhOt1VITDHyi5UpFcB/8HrqnHVUjDQJdSfjUWY9150F73ToPZ+iuXfxno5fOW3wVELTIzaqDmBo=
last-modified: Sat, 20 May 2023 09:25:48 GMT
server: cloudflare
etag: W/"e89cddaa8c63cff3a495570a91d5e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6qEyDbKw0idGDOb8x0JDBmvJw5BhY0TqxmIRsXVgM6mULwZqLTrg3vIa6GSWMlh5FG%2FWO6Kks25NkivOhTT9YSP8qcj6jmWi11bxV4gzhs6sNcsy7DxejnjmfXwfrfsaKZkAkALaIStPzxc%2FWBs9x%2F%2Ftg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7cad733e2dd318d7-FRA

GET
H2 200 115.1dfb03af147ab39880a9.js Show response
static.cleverpush.com/sdk/chunk/ 14 KB
4 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/115.1dfb03af147ab39880a9.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c4f623f3f92218fe79ab8706c288096af16027116ec962d93a9193329143e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: E2G9K3Q2WB70A9YD
age: 17564
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cUF0yfAwPwBhWuK3q+UYKhxd79b8J0k6gRQ0anhvJf2r+Zy+d1vqp0IVirUeW2XMH7daDK2WPHA=
last-modified: Sat, 20 May 2023 09:25:48 GMT
server: cloudflare
etag: W/"43d44b027d3792b00a3100c74ba89183"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQ%2BuKvF9ZXD97%2Feu8jKnsKp5tNBXxTzPgdKywHWk%2FcPO6zE0yYMjm9Aw%2Bp6bChS%2F52fT7zo66%2FFe%2Bpq1go39QRW%2FOXsMjX6DTqH6MYGn3xE%2FqgEKapk8hYf%2FXsmRW6rQlAqGbgA%2BhH9TJWB%2BEZYwQrY3Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7cad733e2dd618d7-FRA

GET
H2 200 iframe Show response
friend20.mycleverpush.com/ Frame AF91 71 KB
27 KB 46ms
8ms Document
text/html 159.69.45.25
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friend20.mycleverpush.com/iframe?origin=https%3A%2F%2Fnow-never.com

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.45.25 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.25.45.69.159.clients.your-server.de

Software

Resource Hash

f07b2f9940f2c92a1d3f479511e328bc128c4b9c803a6a74b4a99ba7bbf6b564

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://now-never.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 21 May 2023 14:18:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-1
x-cache-status: HIT
x-robots-tag: noindex

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 75ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=now-never.com&callback=_gfp_s_&client=ca-pub-4706131106960362

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4706131106960362&plah=now-never.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583f43495924198cf7bdc63936b6272d66af355bb65d7163bf666da11ab3cf6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 55ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=now-never.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 46ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=now-never.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A86 167 KB
47 KB 1219ms
1218ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4706131106960362&output=html&adk=1812271804&adf=3025194257&lmt=1684678722&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnow-never.com%2Fid%2Fd_d%2F14401444&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684678722162&bpp=5&bdt=143&idt=190&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6899152094744&frm=20&pv=2&ga_vid=356922392.1684678722&ga_sid=1684678722&ga_hid=1704551685&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074198%2C44788442%2C44790154&oid=2&pvsid=2824889908180868&tmod=1891588193&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77eefc22d31f54c97c4c110b37e50baac48ce22383e492fb08bb7ea042ff53cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://now-never.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47741
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 14:18:43 GMT
expires: Sun, 21 May 2023 14:18:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5.89dfd86a78af84e465de.js Show response
static.cleverpush.com/sdk/chunk/ Frame AF91 34 KB
10 KB 17ms
17ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.89dfd86a78af84e465de.js
Requested by: Host: friend20.mycleverpush.com
URL: https://friend20.mycleverpush.com/iframe?origin=https%3A%2F%2Fnow-never.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f11e526430b072c6eac93772fb48ded77d2219ac8a25b6494151a677b8809552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://friend20.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: E2G635GZNS883996
age: 17564
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JGFzYovzR+l2eKk+Y8h6sgOy8R+j4i5dDHa4dZL3jJAnOPpF5KrNvRv8I8wX8rfCLOABCWBdFPo=
last-modified: Sat, 20 May 2023 09:25:48 GMT
server: cloudflare
etag: W/"768bc4fdc1160ef3c91eac2a25bcbc00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pz7otRqljzoFubn%2B5uGvB33WmOOOmWdGsFk8lucGzdqGMncBQ54pPtL3TfjZNl35SQMlPGrMDZ%2BxwWJNMTFC%2FahxeKAae6qqQov2L4EqVe1RqofQCAKIMwWOFZMmI6gwDfwbyl80BBVktXJBobYguN0WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7cad733f09713679-FRA

GET
H3 200 251.ff5b3c0c290e9961835b.js Show response
static.cleverpush.com/sdk/chunk/ Frame AF91 5 KB
3 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by: Host: friend20.mycleverpush.com
URL: https://friend20.mycleverpush.com/iframe?origin=https%3A%2F%2Fnow-never.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://friend20.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: E2G0CYPPYYRW6MDJ
age: 17564
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: FhOt1VITDHyi5UpFcB/8HrqnHVUjDQJdSfjUWY9150F73ToPZ+iuXfxno5fOW3wVELTIzaqDmBo=
last-modified: Sat, 20 May 2023 09:25:48 GMT
server: cloudflare
etag: W/"e89cddaa8c63cff3a495570a91d5e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcSGzCw7MftXorauicsLe8yqE0VsTliyyrhuB1NA3PzXLTSOgYp%2BuroAqw28J2%2Bhwze52m%2BbB4GZAoYRq%2BJRQTZ%2BDLBGb9A5G2zB%2Bru41c2Oq4tYuyeui%2FRuHFVF7QnQ8UHrTAKyasXvZEvGZY%2FpuJSUAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7cad733f09773679-FRA

GET
H3 200 818.d14fa91e68327303b09f.js Show response
static.cleverpush.com/sdk/chunk/ Frame AF91 7 KB
3 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/818.d14fa91e68327303b09f.js
Requested by: Host: friend20.mycleverpush.com
URL: https://friend20.mycleverpush.com/iframe?origin=https%3A%2F%2Fnow-never.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c68a7f7fef86917a386e37dceb47e6df66e3a33218035c64b02d4443c20d07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://friend20.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: P0H44T61DQK59T7D
age: 17563
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: jWqyYBs5U577HEtWfiDWCRkPRXZNIb7MER/+qC3+60MTsqBt9A4fkEDlCXl6cKjkq/RlubUXm0s=
last-modified: Sat, 20 May 2023 09:25:49 GMT
server: cloudflare
etag: W/"8fe57e5118d81b50c3d9d49a9c617931"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tvYlOShN%2FNNwiVzOyq0mFZJfAIHcV3JKLZtd2BfiujI%2BuOzYQcbtmOWTZyE%2Br6to5NqD0HpZkwKRN98GFJ81VLAQle6S0YUnZ14NcSKEv2tPhkW%2FwB36wanxjNAdLK6N%2BFGoFfXPqs6AESFvrCSDf6D0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7cad733f097b3679-FRA

GET
H3 200 103.b10f0d46d101c9c5c7e2.js Show response
static.cleverpush.com/sdk/chunk/ 96 KB
22 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/103.b10f0d46d101c9c5c7e2.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540457c838884f5699956bc3204f130c416959c862818719a002ed204cdc0d07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: E2G6ZQ1V726CNM6W
age: 17564
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: WKm1dPWsy9G28zhC9Ao5Hh3axzukFP87itIG6fWf/xHZGaG8DiU/44PQRn3EQhn1ndEXNdkR1/I=
last-modified: Sat, 20 May 2023 09:25:47 GMT
server: cloudflare
etag: W/"63e4acb5b8f0b10288e3e202c59b0bc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O50uTe1HuV4E%2FZqVI0gvIA2ikslf8Dt1pyThCXoCIKB1ElJtpjf%2BflM1R%2F3XTOO2h7oi3vdOjibg%2F2aTJ4T2LodIYR%2F9fAttSLndcl65oAGkmH8SEmExzWDO%2BxvFCJ%2Fbn2cHtrE2ZuVKG5qtz6r1T20tVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7cad733f49d23679-FRA

GET
H3 200 720.62d756e61f9150a7de9e.js Show response
static.cleverpush.com/sdk/chunk/ 48 KB
11 KB 16ms
16ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.62d756e61f9150a7de9e.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/SferLijT3vP2ue776.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c9e8104b73945c0a5cecd37a121ce1a073a353414a17c2d42e7f72675ba322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 902SXNEY492JTTAH
age: 27727
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XtSaLVOIOLmBqZM8uWEYcDib2x0OM6Q52yov7nJDwxxfuzV1o8YmcifYD/MS3Jqw/q6egtb1+So=
last-modified: Thu, 18 May 2023 18:36:00 GMT
server: cloudflare
etag: W/"dd988beca80b23c489a3254e38f1157c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xILkX3z2MUVm28hdbTXpgX1TG%2B9MD9opKsM834287%2BLmaGuxAI7UDS9N%2Bfk19%2BRZQAO61mXW9Hb5r19fCwYxo97QW1xUpAFZEnTFBSINiRx%2FUyEDN7XEG0IGPGowyrALqKVy%2FH45o%2FxfbxsJ2hd2KFW4Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7cad733f49d33679-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 57ms
56ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb52d0c820e68ad582b5e7eeb31598dd916fb5e3924d53c1987c2366498703d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10984
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 152 KB
51 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd69a33debbf82496c00e5ddb024f9351559a36dd178e053818d18f49a9d222a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52651
x-xss-protection: 0
server: cafe
etag: 2893236495998001637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 May 2023 14:18:43 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 72ms
34ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 May 2023 14:18:43 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=now-never.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=now-never.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/ Frame 73D9 10 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://now-never.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 18:42:43 GMT
etag: 15057649708203361565
expires: Sat, 03 Jun 2023 18:42:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 73D9 4 KB
1 KB 43ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 14:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 May 2023 14:07:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 May 2023 14:18:43 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 73D9 205 B
649 B 35ms
8ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 13:15:47 GMT
x-content-type-options: nosniff
age: 3776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 20 May 2024 13:15:47 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 73D9 604 B
694 B 36ms
9ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 12:15:30 GMT
x-content-type-options: nosniff
age: 7393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 20 May 2024 12:15:30 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 73D9 13 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb8889029e112e6178e400c7b7b4b900ca01e12f08089e994a055236b4b74d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 19:31:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5756
x-xss-protection: 0
server: cafe
etag: 6942144704403180717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 19:31:46 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 73D9 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 17:35:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: cafe
etag: 10419244916965318868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 17:35:55 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7005 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://now-never.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 13:30:12 GMT
expires: Mon, 20 May 2024 13:30:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4B6C 783 B
1 KB 41ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ecc9e2c2daf1abbde9db8ad8c9b142d99c3ed0c03876a75efd41cc7c99b9d965

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8FZW2OwGHe0DU8fAG0uXiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://now-never.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-8FZW2OwGHe0DU8fAG0uXiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 14:18:43 GMT
expires: Sun, 21 May 2023 14:18:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 3484 6 KB
779 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 14:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 May 2023 12:54:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 May 2023 14:18:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 3484 2 KB
765 B 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:38:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 3484 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:38:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 3484 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 13:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 13:26:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 3484 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jun 2023 10:38:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3484 170 KB
53 KB 56ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 14:18:43 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 3484 32 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 20:46:22 GMT

GET
H3 200 gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7005 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 13:25:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 May 2024 13:25:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4B6C 0
0 41ms
41ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=2824889908180868&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js Show response
pagead2.googlesyndication.com/bg/ Frame 327B 37 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js

Requested by

Host: now-never.com
URL: https://now-never.com/id/d_d/14401444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 13:25:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 May 2024 13:25:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7005 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?j5M-Rg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:18:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=2824889908180868&bg=!Pj2lPWnNAAZ8_aWmXP07ADkAdvg8WiT4JIg2geEipxzrUmKyWUqdjRDyMNovKFYjPE8YRLqwyA3-lD6azRCUOHOulz8OioiO7ZECAAAAqVIAAAACaAEHCgDWmt04v8C1dSWwZfe_3uYfunCKieU05Vqvu-eXxk_FGvTOgbpja5Pemkok-8jjFs9QUUUQcBOoBRuleu2RJGXFCM7PaWnIcFliaNPeUEtJ07IZSNfdkR9Z_nI2LmRMVkiHuibMPw0ITm30y9ReL0KpTEMaPe9sBhAmFAPTI4XaeOq9TB1_OEgA7ipA3wZ6sz7lRGHJI5iR1llirJVGI5ftx4nZeASqRGCo8NZjMi1AqJ2YRHMM6VKIc_YfLeHZ7AzrsRuQYMrbdESH2orxvdVTvdO3zyNogZkCnnEFjTa5LBhQAJ8w83RZfCsONYu8kKqKT8rO-3Jm7ZUa8hgRbApM25wldGWSgyIH-Wqcn0FO8ho6Xd8TsHHfKyE_N_pTcGZReIITkJFnoE6s7ufq4hYOEA1qzx_TvAF2uk_bN-OjARp-b4K8WcJ0dCG2VO2ZDhlDSkKWNHBORYXhrB2YQ-C1GL7Re6WKNxQRggn0KhiKEDgg0g-zqR3JIGf-9nuRK2icC52RN9y_bkPLSKXtbFSiYod2WzQqXnaFtfq2ID6AuYC2qe0fu0MbBdpd86UhkXxlFcXpl__QA3N5Ok9AJfTqbSV4fTyqdNEMZfTOCX2ZWRIYPdk7TMUhtq61F15IRDoMLO7uPjcUxq8Dg2xJWiqPmMzYQerpQiMs3vlyfF6lYsT708dg0qjGhm1xRH3UJMgPBECvpA1Bplb-SMLW30-j5c3D3rCppqiZBK8OlCWBaPaYawhCE5U4MdGiJMW_J23DvHZ0qwxLFlIPnFIEE7jt0zBsRAK9Qb2BC7bsOvHB6qSRrJzU7nkXhySp43xVzMmnzRrYkh5qX35c3xwu3U1oyCcsOhaosj9pYki1OBRiJbbCv4PaoknRg9WXN6wSOOnDDeHTiwwooWZXZonh0Ux0a2eIbZv-6n_6DS6-ohV07T7jkhYcw8Z3DUNUBz7xMn_ME88GqH3HrwzHPBs8K7MwFU5kXEc3TDHEXpbEofvEzmShe3V-_8yM3gxRNMl5G3qizGTg4v1eTWodH5i6TffnJf_Smxj3-svJvyCk3L2r4Uz0VEwzAsUR0y9CqBFR_p4w85bNcQ8BmkObEY0B9CwJBdaRiA4usW6gpWzosanBSf93j3GJz34425sH7_HlQHzOZfElJ8Amj_G8eJNTV1PCUE8pCNtzWkw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now-never.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
now-never.com/	1970-01-20 11:58:05	Name: XSRF-TOKEN Value: eyJpdiI6IjV4d25QZU1ycVFDcjZuXC9SVEZUcU5nPT0iLCJ2YWx1ZSI6Ilkzam12SWNZRk96akdLcWNBYk45WU1USXdXemkrd08rSnJGTEVXcEFNcDVXWTdYWTVaVm1NYjNUMlIxSmpYcFciLCJtYWMiOiJiNjFmYTY2MzJmMjdmN2ZlYWNkZGVhM2UwNjUwYjkxNWY2NDhhOTBiOTllNzJiY2MzZTM1MmVlOGNlNzdmM2UxIn0%3D
now-never.com/	1970-01-20 11:58:05	Name: laravel_session Value: eyJpdiI6IjluMHFmT28wSHhua3pWZnE1VGk1UEE9PSIsInZhbHVlIjoiNHJcL090TzRtcEJWV1BHNHdZa0lYYXkzbTlSdzNyOW5MK21nQWUrSmFTWmdcL2JZZDBieFFGdG8rN1E2dmdWc1wvRkJscnRMcmlmQ0hLRFBQajdac2NMVXNqVEptVGJsOUNCTGFQaENCZVdWMHFNOGFKQzc0Q3RBODg1VW0reFlqUzAiLCJtYWMiOiI0ZGRlMTdkZDM0ZmU0YjE0ZTQ1Y2RiMTc2NjUwZGZiNmI3NDUxMzZhYzlhMjg1Y2UzNzkyYmVhZTI0ODgzNGIyIn0%3D
.now-never.com/	1970-01-20 21:33:58	Name: _ga Value: GA1.2.356922392.1684678722
.now-never.com/	1970-01-20 11:59:25	Name: _gid Value: GA1.2.1914511332.1684678722
.now-never.com/	1970-01-20 11:57:58	Name: _gat Value: 1
now-never.com/	1970-01-20 16:17:10	Name: language Value: id
now-never.com/	1970-01-20 16:17:10	Name: visitedd_d Value: 1
.now-never.com/	1970-01-20 21:19:34	Name: __gads Value: ID=701c3c4384a378b4-22b31506e2dd003a:T=1684678722:RT=1684678722:S=ALNI_MbTS_RzLiWX1BKqQGwflatFG4HGZA
.now-never.com/	1970-01-20 21:19:34	Name: __gpi Value: UID=00000c18cf3a1e92:T=1684678722:RT=1684678722:S=ALNI_MbVsXrHq81qOhd435egWvY3ItCCeQ
.doubleclick.net/	1970-01-20 11:57:59	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-5854f190a71438e5 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
friend20.mycleverpush.com
googleads.g.doubleclick.net
now-never.com
pagead2.googlesyndication.com
partner.googleadservices.com
s7.addthis.com
static.cleverpush.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
s7.addthis.com
159.69.45.25
2606:4700:20::681a:e1f
2606:4700:3030::6815:18c
2606:4700::6811:190e
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:831::2002
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
29c4f623f3f92218fe79ab8706c288096af16027116ec962d93a9193329143e0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3707dba46cded986426102cd058d2eb8f63f158cac1041674c1720412676f3ba
434cc2ad4b3621f5d6631d2e30a25f1bddc2bc5ea8548236d70698b00578ffc4
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
540457c838884f5699956bc3204f130c416959c862818719a002ed204cdc0d07
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
583f43495924198cf7bdc63936b6272d66af355bb65d7163bf666da11ab3cf6e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
600102fec35f4ec0fec6d99c81a1e4bb05d465ecf576a54ed56c3e45bda91fdb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a9e74bf710eef13b81f56375fc7e24c8b91050fa9ba66a75e9a3f35aece8f5
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
77eefc22d31f54c97c4c110b37e50baac48ce22383e492fb08bb7ea042ff53cd
7bdd6e1e3c0781a16c2a3ab99bdc98a84c86162344281307a3e1969c59f2f4ae
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
80c68a7f7fef86917a386e37dceb47e6df66e3a33218035c64b02d4443c20d07
89c9e8104b73945c0a5cecd37a121ce1a073a353414a17c2d42e7f72675ba322
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a225c01a5df9cb63035fd93b82fde11adeb456ead1ce01185dbe2b28cc35eb71
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b076846e9974fb52d6ec8d0237eed926c252081f148f8463908ae9b7d26ceaf7
b82346bc0bfded17a86c5b0c70a269c2db73d9b0faaac9b2e9bffe2c1fd5a0b0
bb9eb7b189fa9e541c916c6bc8b19328797e41c15e4461ca7642d74f48e2a7b9
c0cebed6fdeaa0222ee4d01301b9a9878075be2196dbd7124b132f29c9124116
c0d897bffa88b080b49e4fe321386c3a505476d63959fa79dd09a520b8ccc56a
cd853bca6e9c3c05da3497a2c95d2d1e94c1ebe809cf9cf00dfc55be5d9fa182
cdb52d0c820e68ad582b5e7eeb31598dd916fb5e3924d53c1987c2366498703d
cdb8889029e112e6178e400c7b7b4b900ca01e12f08089e994a055236b4b74d6
d71a24a7a83671e8d63de0d04d14626c807825e3731a28bb774214fda1b07b0f
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
db270323accfe15b5895ec9f1cd6b0b235dfcfa27450810af210f52f301eb6d5
dd69a33debbf82496c00e5ddb024f9351559a36dd178e053818d18f49a9d222a
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e419189b1525576852867d4224183fd1f10554d2aa18bd6bbf18b61b4842e814
e4c4ebed9f92aa280e14293d21c7d9572f9d34370ab733a9d71f14fd532632a5
e6b29fc904565d0e71927a5493cedcdb9892145b009e58c6fa65d2049e7e9385
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecc9e2c2daf1abbde9db8ad8c9b142d99c3ed0c03876a75efd41cc7c99b9d965
f07b2f9940f2c92a1d3f479511e328bc128c4b9c803a6a74b4a99ba7bbf6b564
f11e526430b072c6eac93772fb48ded77d2219ac8a25b6494151a677b8809552
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f882b189a363f0d44e25798660dc425e924907879cf2498c03afbe0aaa8eb439
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

now-never.com Open in urlscan Pro 2606:4700:3030::6815:18c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

98 %HTTPS

93 %IPv6

14 Domains

17 Subdomains

16 IPs

2 Countries

749 kBTransfer

2048 kBSize

10 Cookies

0 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

now-never.com Open in urlscan Pro
2606:4700:3030::6815:18c Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

98 %
HTTPS

93 %
IPv6

14
Domains

17
Subdomains

16
IPs

2
Countries

749 kB
Transfer

2048 kB
Size

10
Cookies

61 HTTP transactions
0 data transactions