www.sendgb.com Open in urlscan Pro
2606:4700:20::681a:4bd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sendgb.com/4til0cYzN5d?utm_medium=OsN4IP8x5yAK1Mf
Effective URL:
https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf
Submission: On July 09 via api (July 9th 2022, 12:23:27 pm UTC) from BE — Scanned from DE

Summary HTTP 155 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 27 domains to perform 155 HTTP transactions. The main IP is 2606:4700:20::681a:4bd, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sendgb.com. The Cisco Umbrella rank of the primary domain is 302381.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2022. Valid for: a year.

This is the only time www.sendgb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 39	2606:4700:20:... 2606:4700:20::681a:4bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
5	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::ac43:a9f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
12	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:418	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.227.219.58 13.227.219.58	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
8	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:a600:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2 6	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	54.148.100.42 54.148.100.42	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.64.217.203 54.64.217.203	16509 (AMAZON-02) (AMAZON-02)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
155	32

39 2606:4700:20::681a:4bd (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

sendgb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sendgb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:418 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.muicss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.227.219.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-58.ams54.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:a600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.100.42 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-100-42.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.64.217.203 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-217-203.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	sendgb.com 2 redirects sendgb.com — Cisco Umbrella Rank: 275592 www.sendgb.com — Cisco Umbrella Rank: 302381	602 KB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	323 KB
22	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2229 t.paypal.com — Cisco Umbrella Rank: 3103 c.paypal.com — Cisco Umbrella Rank: 5726 b.stats.paypal.com — Cisco Umbrella Rank: 5095 dub.stats.paypal.com — Cisco Umbrella Rank: 20429 c6.paypal.com — Cisco Umbrella Rank: 6513	414 KB
21	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	80 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	2 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	80 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 1748 q.stripe.com — Cisco Umbrella Rank: 12728 m.stripe.com — Cisco Umbrella Rank: 1533	79 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	4 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	3 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 629	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7751 www.google.de — Cisco Umbrella Rank: 5448	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1872	1 KB
2	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 3185	87 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	915 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1589	415 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1107	794 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	85 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1852	18 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126 partner.googleadservices.com — Cisco Umbrella Rank: 867	16 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1936	33 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741	83 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 964	86 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 630	74 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 907	356 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	53 KB
1	muicss.com cdn.muicss.com — Cisco Umbrella Rank: 74857	14 KB
155	27

	Domain	Requested by
38	www.sendgb.com	1 redirects www.sendgb.com
13	pagead2.googlesyndication.com	www.sendgb.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	www.paypal.com	www.sendgb.com www.paypal.com www.paypalobjects.com
10	cm.g.doubleclick.net	www.sendgb.com googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.google.com	2 redirects www.sendgb.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	c.paypal.com	www.paypal.com c.paypal.com
5	fonts.googleapis.com	www.sendgb.com googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	js.stripe.com	www.sendgb.com js.stripe.com
2	e.dlx.addthis.com	2 redirects
2	cc.adingo.jp	googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	q.stripe.com	www.sendgb.com
2	www.google-analytics.com	www.googletagmanager.com www.sendgb.com
2	t.paypal.com	www.sendgb.com
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	maxcdn.bootstrapcdn.com	www.sendgb.com maxcdn.bootstrapcdn.com
2	use.fontawesome.com	www.sendgb.com use.fontawesome.com
2	code.jquery.com	www.sendgb.com
1	c6.paypal.com	www.sendgb.com
1	fonts.gstatic.com	fonts.googleapis.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	m.stripe.com	m.stripe.network
1	www.google.de	www.sendgb.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.sendgb.com
1	cdn.muicss.com	www.sendgb.com
1	sendgb.com	1 redirects
155	42

This site contains links to these domains. Also see Links.

Domain
blog.sendgb.com
www.linkedin.com
www.youtube.com
www.facebook.com
twitter.com
www.instagram.com
www.testspeed.it
www.whatismybrowser.com
api.whatsapp.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf
Frame ID: 0529797987A70B260CBB8189444E76DC
Requests: 72 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.322&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfamJyZnFrcmRqcnJqZHJpaXNlamxqZnJkY2NscHpmIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=f8981340e5b00&storageID=uid_3df53ca27c_mti6mjm6mje&sessionID=uid_849528c941_mti6mjm6mje&buttonSessionID=uid_4fb10619e5_mti6mjm6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 6A98B54A525F56C61EF96ED229E8E542
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 074780C112483887E94C84BC636A28B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/zrt_lookup.html
Frame ID: D7F4F0279ED6407C91C875A0789A9771
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 2F1DAF549F482090D1A5381788297274
Requests: 3 HTTP requests in this frame

Frame: https://www.sendgb.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1657368000
Frame ID: 10EC21C60CD94E0F9564E78ACF3A7083
Requests: 3 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 01270A07903430FF2DAAD31D9E6FD143
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&adk=1559050123&adf=2739833515&lmt=1657369402&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657369402195&bpp=3&bdt=698&idt=115&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8403428176104&frm=20&pv=2&ga_vid=788227081.1657369402&ga_sid=1657369402&ga_hid=1378065278&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531606&oid=2&pvsid=2986032673561292&tmod=816489772&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=133
Frame ID: BF2A2F558962A6F61D5A467A97B7151D
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4D070111FEFD774E428649E761E7CAD8
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1657369402&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657369402198&bpp=2&bdt=701&idt=151&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8403428176104&frm=20&pv=1&ga_vid=788227081.1657369402&ga_sid=1657369402&ga_hid=1378065278&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531606&oid=2&pvsid=2986032673561292&tmod=816489772&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TYjhGnPkmV&p=https%3A//www.sendgb.com&dtd=155
Frame ID: F73C557566305825590ECA873D278C4F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0ACC36113D560088B21AE4BAE8E3A9A9
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 76E18516CC30A25EB15CA0E1AF66A1E4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0EFE7DAD3A0EEF9078D806C5113F55F7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D41B41D199780F407E20833020D0B238
Requests: 9 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: D61E1835C6DF29E2769F7A34B6C3262B
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_849528c941_mti6mjm6mje&s=SMART_PAYMENT_BUTTONS
Frame ID: 760454CA13940C5D1FE5BB9E248B01D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 71A110F2BB73FE9A2376F8FF8763DFCE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A9A94BD0AE1A7221F666A41C48D590FE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Frame ID: E4F9D5786E7E7CBE040BF61CB71CB330
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 975F850D68FF7E32B7A2C784CCD1B8BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A889EA0C99147CB4AD9123A0D5ADC8EB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Große dateien verschicken - versenden & Kostenlose | SendGB

Page URL History Show full URLs

https://sendgb.com/4til0cYzN5d?utm_medium=OsN4IP8x5yAK1Mf HTTP 301
https://www.sendgb.com/4til0cYzN5d?utm_medium=OsN4IP8x5yAK1Mf HTTP 302
https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

155
Requests

94 %
HTTPS

54 %
IPv6

27
Domains

42
Subdomains

32
IPs

6
Countries

2066 kB
Transfer

6101 kB
Size

42
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.sendgb.com/de/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sendgb

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZppqsY4e0yOSk9JF1KCSkA

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sendgb

Search URL Search Domain Scan URL

URL: https://twitter.com/sendgb

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sendgb/

Search URL Search Domain Scan URL

URL: https://www.testspeed.it/

Search URL Search Domain Scan URL

URL: https://www.whatismybrowser.com/guides/how-to-enable-cookies/auto
Title: Cookie-Einstellungen

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle/?mini=true&url=https://www.sendgb.com/de/&source=

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Mit%20SendGB.com%20k%C3%B6nnen%20Sie%20Dateien%20bis%20zu%205%20GB%20kostenlos%20ohne%20Anmelde-%20oder%20Best%C3%A4tigungscode%20%C3%BCbertragen.%20Sie%20k%C3%B6nnen%20Ihre%20Dateien%20bis%20zu%2090%20Tage%20aufbewahren.%20Kein%20Download-Limit.%20Schnelle,%20einfache%20und%20kostenlose%20Datei%C3%BCbertragung.%20#SendGB&url=https://www.sendgb.com/de/&related=

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Mit%20SendGB.com%20k%C3%B6nnen%20Sie%20Dateien%20bis%20zu%205%20GB%20kostenlos%20ohne%20Anmelde-%20oder%20Best%C3%A4tigungscode%20%C3%BCbertragen.%20Sie%20k%C3%B6nnen%20Ihre%20Dateien%20bis%20zu%2090%20Tage%20aufbewahren.%20Kein%20Download-Limit.%20Schnelle,%20einfache%20und%20kostenlose%20Datei%C3%BCbertragung.%20#SendGB

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sendgb.com/4til0cYzN5d?utm_medium=OsN4IP8x5yAK1Mf HTTP 301
https://www.sendgb.com/4til0cYzN5d?utm_medium=OsN4IP8x5yAK1Mf HTTP 302
https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELMwNaNi3BYdvNl7wBXEFP8&google_cver=1&google_push=ARnp8GCtjA3rWnt_YWVDvPVttWnfPKQ-wKVMWqDJEVf-bDZ5xoJm5R6ftKe8t3-lnaqzgajbp4ln6E6ZOYeVXXJd9wkos6H6BQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELMwNaNi3BYdvNl7wBXEFP8&google_cver=1&google_push=ARnp8GCtjA3rWnt_YWVDvPVttWnfPKQ-wKVMWqDJEVf-bDZ5xoJm5R6ftKe8t3-lnaqzgajbp4ln6E6ZOYeVXXJd9wkos6H6BQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=buRJa7AMSoGEgBILrf_WPw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCtjA3rWnt_YWVDvPVttWnfPKQ-wKVMWqDJEVf-bDZ5xoJm5R6ftKe8t3-lnaqzgajbp4ln6E6ZOYeVXXJd9wkos6H6BQ

Request Chain 107

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB0PdDjfL3JYrti6B71FB9U&google_cver=1&google_push=ARnp8GBVk0opOLwmP1Z1QfMlK7VNT9Q-qBDCvk0xRrGHxGVO-by1xg6B9AQ3lojq4eNUM2-xVp0HZqZC47f8SATKdc8A41UwUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVEVVk3WFEtVC1ISU1Z&google_push=ARnp8GBVk0opOLwmP1Z1QfMlK7VNT9Q-qBDCvk0xRrGHxGVO-by1xg6B9AQ3lojq4eNUM2-xVp0HZqZC47f8SATKdc8A41UwUw

Request Chain 108

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGG7eqBwAKLikcK8agCUyjY&google_cver=1&google_push=ARnp8GBtL45yWHk2zqwBZcpap35yw7Mpx8QBoaHpPr3DvftKw0SIuSH5IUFtSIv91sQRuql1KgYd-twnEHw-cXhi_Q73vspGlQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGG7eqBwAKLikcK8agCUyjY&google_push=ARnp8GBtL45yWHk2zqwBZcpap35yw7Mpx8QBoaHpPr3DvftKw0SIuSH5IUFtSIv91sQRuql1KgYd-twnEHw-cXhi_Q73vspGlQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGG7eqBwAKLikcK8agCUyjY&google_hm=YslzO6p8edK9ztl6B7CKfAAABIAAAAIB&google_nid=index&google_push=ARnp8GBtL45yWHk2zqwBZcpap35yw7Mpx8QBoaHpPr3DvftKw0SIuSH5IUFtSIv91sQRuql1KgYd-twnEHw-cXhi_Q73vspGlQ

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 115

https://b.stats.paypal.com/v2/counter.cgi?p=uid_849528c941_mti6mjm6mje&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_849528c941_mti6mjm6mje&s=SMART_PAYMENT_BUTTONS

Request Chain 130

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEADhm_sUO5W6H_8mPOG329Q&google_cver=1&google_push=ARnp8GDETvvOFTPHdKUAExcIMU-7uxXZx8tNd3w-q0Tpcbqbz5bnaOyS54X21gjyB2OJsZqEaPfD6YE_zD66Qv3RHLh1tAjXzXM HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GDETvvOFTPHdKUAExcIMU-7uxXZx8tNd3w-q0Tpcbqbz5bnaOyS54X21gjyB2OJsZqEaPfD6YE_zD66Qv3RHLh1tAjXzXM&google_hm=Du2FdfiKMtWj53nYXVjzEQ

Request Chain 131

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAHDMpSnsza-Da6H1DGXxrgHsAyD-QlDFd3XYtKjUtxOUWfEk9b8PxEh0msO0Vam3YhC32Um57WTIvG8A4z3rAsPno62o4&google_gid=CAESEGpJtGZCCa1Mj0gU1fKriBA&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAHDMpSnsza-Da6H1DGXxrgHsAyD-QlDFd3XYtKjUtxOUWfEk9b8PxEh0msO0Vam3YhC32Um57WTIvG8A4z3rAsPno62o4&google_gid=CAESEGpJtGZCCa1Mj0gU1fKriBA&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDkxMjIzMjQwMDAxNTA3Nzc2NDE4MQ%3D%3D&google_push=ARnp8GAHDMpSnsza-Da6H1DGXxrgHsAyD-QlDFd3XYtKjUtxOUWfEk9b8PxEh0msO0Vam3YhC32Um57WTIvG8A4z3rAsPno62o4

Request Chain 133

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFXBMNmVInSMjXtkhZIS7o0&google_cver=1&google_push=ARnp8GCdhOa8iHjltLeclabSrSQRqNFPvV078mkphpW1OWckr8FxBK91hb5HZw6pk77zD_zzg2yS8Qx93aM4hQdK6J3O30HC_CE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qVQ81jb6SHyueLL1xxzEDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCdhOa8iHjltLeclabSrSQRqNFPvV078mkphpW1OWckr8FxBK91hb5HZw6pk77zD_zzg2yS8Qx93aM4hQdK6J3O30HC_CE

Request Chain 134

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELXF1rEvQj24v2QTnxUFWXs&google_cver=1&google_push=ARnp8GBlDgEKWPT5d7UVVzr-BkyUCH3li-spj31Ev8vlp-Vtr1oRUAArdnTrRGLiib9f-1I-WSMKBuPDlAZHMhuR6nWzEzTwVb4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVEVVk4M1ctMUYtMkRTUA==&google_push=ARnp8GBlDgEKWPT5d7UVVzr-BkyUCH3li-spj31Ev8vlp-Vtr1oRUAArdnTrRGLiib9f-1I-WSMKBuPDlAZHMhuR6nWzEzTwVb4

Request Chain 135

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPWgMjyPXSVqZ2fQFsb3_gk&google_cver=1&google_push=ARnp8GDM1wvhYbMZ0sAILCxi57xvs8cVha3MtpvQHWEyOQVVaEev0Vla1DP_OHJ39h7wLG-E7p61Tk6JzXN8ph8NRn7nz3NAcnU HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPWgMjyPXSVqZ2fQFsb3_gk&google_hm=YslzO6p8edK9ztl6B7CKfAAABIAAAAIB&google_nid=index&google_push=ARnp8GDM1wvhYbMZ0sAILCxi57xvs8cVha3MtpvQHWEyOQVVaEev0Vla1DP_OHJ39h7wLG-E7p61Tk6JzXN8ph8NRn7nz3NAcnU

Request Chain 139

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

155 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.sendgb.com/upload/
Redirect Chain

https://sendgb.com/4til0cYzN5d?utm_medium=OsN4IP8x5yAK1Mf
https://www.sendgb.com/4til0cYzN5d?utm_medium=OsN4IP8x5yAK1Mf
https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

94 KB
20 KB

169ms
169ms

Document
text/html

2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc2ec0ea535d97760f7701b038db791199915c68c4c69d56f01d5b7161753de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 728107c6598483a3-MXP
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 09 Jul 2022 12:23:21 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwuvXswp8TFQQVaA%2BMw%2FnX9dMbny8S7FP15QnLCiF%2BpdRK8KnJf%2F%2FjGqvgcILvT4yn1nn%2FS9xKJRfggDgMHgTmqcEAN9fQODi5PULt25zObMxBPMJV5br24DnkYxiis6FfAHijUDXVHrVDas"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 728107c5d8ee83a3-MXP
Connection: keep-alive
Content-Type: text/html
Date: Sat, 09 Jul 2022 12:23:21 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Location: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BotwtKDkI%2FBg0hBQhYYe%2FLKbGTe89DHfHpS7QVWgSFmzo0oDikqbfMyya1FNs0gPGXgZJ0JDYW0trRs7k%2F%2Br2eI7BlSWr9dpM3CY9Sdf%2BAIcCGeHGU1w7wyE6tUgEL77XXMIRFl2KvPQ6q1"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

GET
H2 200 jquery-ui.min.css
code.jquery.com/ui/1.11.2/themes/smoothness/ 29 KB
7 KB 55ms
33ms Stylesheet
text/css 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.min.css
Requested by: Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4bf30ddd888c25e3ee55a8d75d4af44331af5c9bf70a2fcec7c820f9b076130e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:21 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-7545"
vary: Accept-Encoding
x-hw: 1657369401.dop150.fr8.t,1657369401.cds103.fr8.hn,1657369401.cds098.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 7323

GET
H/1.1 200
OK bootstrap.min.css
www.sendgb.com/src/mdb/css/ 139 KB
21 KB 43ms
35ms Stylesheet
text/css 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/mdb/css/bootstrap.min.css?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25dd44ce52f5899b4214d668df8830cf43e1ab84e985adbcd38a8ec21139b23f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3072
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTa2mILOZHP%2FJe%2F0s%2BjiGCTSR4emYuyJHCSsYYpUyW0MWZ65E%2BrMKiZ59GVNUrA%2FtL3bzdUpfdIgSVequQ5%2B8pdEL7OvLD8O7XE%2Bz5cavnh9hM1sqZx3ixMPFglCxy8McuEixzshabaVlwi8"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:45:27 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcf47-22af2"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=31536000
CF-RAY: 728107c77b7d83a3-MXP

GET
H/1.1 200
OK mdb.min.css
www.sendgb.com/src/mdb/css/ 535 KB
60 KB 70ms
35ms Stylesheet
text/css 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/mdb/css/mdb.min.css?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94d927ba55402e39e5dcd5f7ae35e8003b3fdd8ea2d810c1d15ae7a7c71c02af

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2427
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRFMm8C5Gf5gGhahNONte%2BzNUAv81gqSJSUA3MyMJnjNCaZ3G3M0%2F7YXYxStz0%2BfQkpCbz9pZoJIXdk52B8Mw8bXodfQRLNhpEaYhqnv2cjWuun0H6oOjp2htQ%2BryECno1V4%2F5tQOqNXii%2Bl"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-85a31"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=31536000
CF-RAY: 728107c7aca5bab5-MXP

GET
H/1.1 200
OK sendgb.min.css
www.sendgb.com/src/css/ 84 KB
17 KB 68ms
32ms Stylesheet
text/css 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/css/sendgb.min.css?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

931743dece3a4a05e697f2998e9b5ec43ec5af765f481d3346e10af44ef1869e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5793
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2crBt0oyvrgO6yaiIiLkgwZ9Xsg4tipuk0%2FOfxPDBRDEuA1zDuCvMIICqqM8cUn%2F5Ao7UCmOPPnOfCDEtvXzn9nh5T%2FKE5bhIon00F%2BhyzjnWUi1zkEhpCObvhjO5KDL1JcfoFohmQpEuNj"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Mon, 14 Feb 2022 12:26:45 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"620a4a85-15171"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=31536000
CF-RAY: 728107c7acfbbac9-MXP

GET
H/1.1 200
OK animate.css
www.sendgb.com/src/css/ 46 KB
5 KB 64ms
28ms Stylesheet
text/css 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/css/animate.css?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4166306d4d4b781e96d0551dea10baa4aad7becf605abb1ceba2e4ccac3ab9ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3921
Cf-Polished: origSize=59683
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-e923"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRKjQlPnfw2CFh%2FuNpiFXbkhY8sZJl4Z3%2Bm8uegr0%2Bp6gAjdFqJc5CkLZ%2Fi7p356JKn687htxqIQ2ZFXDuVgp7eKHEp2r2fBLFdG%2FaOFe5Figq5DE%2F52oXkzcSYz5F4aMhe4QpK6GoC6esdq"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=31536000
CF-RAY: 728107c7a8395a1f-MXP
Cf-Bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 8 KB
876 B 150ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,400italic&subset=latin,latin-ext&display=swap

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8bdd7ea8be8313fbdcb25cb0bf1f9e8a751c9a94722bffa5be319ce24a5c86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 12:23:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 12:23:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 12:23:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
992 B 149ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Varela+Round&display=swap

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

caa761f345bab156984d7a0a5c51062cbc19dbecf61dc28a7972756bda9dc914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 11:28:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 12:23:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 12:23:21 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
13 KB 164ms
28ms Stylesheet
text/css 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer: https://www.sendgb.com/
Origin: https://www.sendgb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:21 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18866071
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: E3JRK645NG0B0THH
x-amz-id-2: mQ5Dbq5zpwvYqZr2bTc9D1CRA4bxX7ohabWml/F/Azy5DNCmCjEXX9f2qnD7n9AesvREm51xhrw=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bi5yaRzT0rmbPuRo0rD0upzD%2FcSiDQTeq%2BcfnD5ATT0k3Dwm1sZRGefIoSico0c2tlT3Aai52VyZeMwr6Ah%2FIMswiubOMOOOp47w%2BQd0wHQ%2FivoHl62%2Bjy0TqKNeOLZWeZycMIWOgoTEj9YUBNf7ZZCZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 728107c84a6f59bf-MXP

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 154ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 10428947
cdn-cachedat: 2021-03-10 20:26:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e55ae71d8339ddb30e4376a027623d28
cf-ray: 728107c83ec201f0-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 75ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2c051726cd5924188b232e3c6a4b514a0e0c48f668c5752f3aebcc3b4d33ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56402
x-xss-protection: 0
server: cafe
etag: 3392090041648922934
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 12:23:21 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 333 KB
103 KB 295ms
9ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ec7cc14837eb13860245f8eeaa3848c6b63f5cec7e83e6be2ecc8906cfa21b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-NhGXujN2m7SaAFdxSE9v8CdeFbF93tF+Cvp6oe7GhpgifXrk' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NhGXujN2m7SaAFdxSE9v8CdeFbF93tF+Cvp6oe7GhpgifXrk' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NhGXujN2m7SaAFdxSE9v8CdeFbF93tF+Cvp6oe7GhpgifXrk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NhGXujN2m7SaAFdxSE9v8CdeFbF93tF+Cvp6oe7GhpgifXrk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 9025
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: f5870469a340a
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 104495
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4041-HHN
traceparent: 00-0000000000000000000f5870469a340a-fedc4e632af911ed-01
x-timer: S1657369402.789528,VS0,VE2
x-frame-options: SAMEORIGIN
date: Sat, 09 Jul 2022 12:23:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"1982f-iTmpDsh6gGq4CaHrtdM5QWTzj2A"
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK sendgb_logo.png
www.sendgb.com/img/ 6 KB
6 KB 32ms
31ms Image
image/png 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sendgb.com/img/sendgb_logo.png

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f8252f61b26e0acddfe4ff023f9870b64380eb8f2965802ee7b849cb33dafd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 112
Cf-Polished: origSize=8440
Connection: keep-alive
Content-Length: 5697
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5f1dcfa0-20f8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uneGH%2BVuRQkgEsC3vr%2FHAcErVM3W57tqW3PIcOor8GFuCbl6qhkCy28s16BVvgq%2FQ5x1FBe4nTbi6eHj6vnqQ%2F8myb5yK%2Fq8fF0wP9L86v%2BTZCAlcMgRLBWMivtOpjfBO84eRuILG8pl%2BwKN"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 728107c9cd9959a7-MXP
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK sendgb-extra-w.png
www.sendgb.com/img/ 4 KB
5 KB 34ms
32ms Image
image/png 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sendgb.com/img/sendgb-extra-w.png

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ac1fa8c871caac481a3d555f524d1fddf1fae74f1c860f06354ee324489962e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2427
Cf-Polished: origSize=6604
Connection: keep-alive
Content-Length: 4569
Last-Modified: Sat, 09 Jan 2021 14:54:17 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5ff9c399-19cc"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKwYFxqdNPwcRixRU%2FpNdVpSJ0xSFKJxnvDl4%2FZTCY%2FBuvpQf9A4NBNVXx4vF1fq5rt6vxSKJoZGwZwDr9cQmnL48KC8KRi52Cf6s4PL8i1kmnR2rajk4jDb8wLzpuwGRhOwQ7jE0WLa2AUJ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 728107c9e8b7bab5-MXP
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK bmc-new-btn-logo.svg
www.sendgb.com/img/ 3 KB
2 KB 30ms
30ms Image
image/svg+xml 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sendgb.com/img/bmc-new-btn-logo.svg

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d5d6a84e422162b752937ac706144ac9804bd0f25615198271cb787dea5299f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2620
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A99Sx%2Fuwy0z9ajybNjF4RV6ybOXSW9uedoJ1Q6090PKQ%2FbpXfSSqFmE%2FfHkDphUdZZHUhME1N09yHt9I3jsMQ5IFxGcVXjT0QbEmc0BYKE3NIsOG%2BFBNLnEFnw2%2Fv3xdqc1bNG2DC%2Bpp9toD"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-c23"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
CF-RAY: 728107ca3e3759a7-MXP

GET
H/1.1 200
OK linkedin.png
www.sendgb.com/img/ 689 B
2 KB 29ms
29ms Image
image/png 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sendgb.com/img/linkedin.png

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d4fcc55da9bb4d888c4427b41b6878c20a5cbe244e8f8c9fb0743a9b2ce03a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2620
Cf-Polished: origSize=762
Connection: keep-alive
Content-Length: 689
Last-Modified: Tue, 12 Jan 2021 14:22:17 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5ffdb099-2fa"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxCDu80r8zj4PDIzEPIczGsv0qdpjlQtP8FH60RpEyJnzOhcJR1fjcqtvqt7m2rvBAPserD5WsW8vNag21G6zbTndn52geFZ4y0g816b15PRvPsg06ffdDfGUZYl%2BvEN6or3XplDhTIVhKY5"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 728107ca3fd583a3-MXP
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK twitter.png
www.sendgb.com/img/ 895 B
2 KB 26ms
25ms Image
image/png 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sendgb.com/img/twitter.png

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b91ba687f4714983a4ef374a515d8892f167f329e3d49d38ad587300a2b95986

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2427
Cf-Polished: origSize=968
Connection: keep-alive
Content-Length: 895
Last-Modified: Tue, 12 Jan 2021 14:22:17 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5ffdb099-3c8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaBnwOyEC4CTtwn52kht6EmxqyXnFqY4VM4sMRzO%2FtuEdpcum6F6tT%2Bg86U7ckmOqW%2Fwi9zACh98BWy6p0VY7DhB1trK8o3fqvLsptlWuMpfB%2Bg947utWvjZitIqV%2B9aOBEc1F370HIDI0Sn"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 728107ca4a40bac9-MXP
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK whatsapp.png
www.sendgb.com/img/ 1 KB
2 KB 26ms
26ms Image
image/png 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sendgb.com/img/whatsapp.png

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe44acaad81496bc89732f68b5ee7b1bb5a3dd5564dcc26672a6a1bddce0da95

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5243
Cf-Polished: origSize=1531
Connection: keep-alive
Content-Length: 1458
Last-Modified: Tue, 12 Jan 2021 14:56:29 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5ffdb89d-5fb"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kH69Xvs3q1C3ELmRzbHadIID4ii5Q8OtWrZszeFPhDCwFmtWFhBoiTKfEX8CvCZ8NWbpNbD4G6H3s3X0SYarQC%2BgQYCsHSc%2FDFgCkEMH2crVTTr6CUbVbDYTjc%2B6cDbgDwjh%2FvVrm2gOpDSz"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 728107ca5cbd5a1f-MXP
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK jquery-3.4.0.min.js Show response
www.sendgb.com/src/js/ 86 KB
31 KB 31ms
31ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/jquery-3.4.0.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4022
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ralb03877v2e49f1hEoHsssHNEbXP6yPmbadXEuBy9lP%2FPXtg6zWBFHKTCRabkKYgdvlrAamI8o1KpZrtj30KXKabjJKULBDCYOvmy3dDa3PlbgKwDr%2F%2FJHGFwY53nfoQsBFWHoYZgtUm4oZ"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-15857"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c87e08bab5-MXP

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.0/ 247 KB
66 KB 11ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.0/jquery-ui.min.js
Requested by: Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 78613a6e5bab939b078feae691fb0661e2b2671dcce1b1be66517203b2a7b3b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:21 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-3ddc9"
vary: Accept-Encoding
x-hw: 1657369401.dop150.fr8.t,1657369401.cds103.fr8.hn,1657369401.cds154.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67684

GET
H/1.1 200
OK jquery.rating.js Show response
www.sendgb.com/src/js/ 8 KB
2 KB 30ms
30ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/jquery.rating.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b05ea7cff0bc256a1117fd2b67a1ff4ba90aec2363956df191c576a696e09e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4022
Cf-Polished: origSize=11034
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-2b1a"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FkgmTQ03fKY%2FHbDKjwrQ2TWCDKnhsdGPLIbOTVYEbEdtmQCu88XCI6ll37LBmqllWrxk9spPkt1PtYReiJDWSBJsHo4VGAhiyU4tvHMMjvwrEHDwfenk7ty2oZeEfX7MCcYz9Bvgb5dHp46"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c8dec7bab5-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK engine.js Show response
www.sendgb.com/src/plugins/ion-sound/ 1 KB
2 KB 27ms
27ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/plugins/ion-sound/engine.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

811bef5a48939b61f1df697cd53a84cf19f13365931fecc80b0ff27d9fd1d9ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5621
Cf-Polished: origSize=2646
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-a56"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7Rcr%2FNbL%2FmXTyJeDrhZL3NOCRZrobt%2BoFF1i6JPXgmUruaBXHPkgkAsrWz9RTwd9FL%2BqFGLspBYrUx%2BIWKv8SoT59LIQQlFkDH5GAwR0%2FQviIY%2Bct%2B7vz3chMpSKTczJsdT9qycKMqFITab"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c90f3cbab5-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK ion.sound.js Show response
www.sendgb.com/src/plugins/ion-sound/ 15 KB
4 KB 30ms
30ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/plugins/ion-sound/ion.sound.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa523b47c24d5499c0b3b89501c9aa0fc188889686decb326b99c6c3901e1743

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3489
Cf-Polished: origSize=28586
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-6faa"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj%2BCTRs1fRqEJQDoIrMx1mmz5HnCSfgCAhkr4UMu5n0szVT6rSF5rSyd%2BCS63Cvp4S64NPP3BqGAnnhf9SvkPQl4lFX9w6SG4vaeYnQsfqEKK4GMQfZkDjX1d9ibboqbr6J9nNLByriN3UVl"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c93f8bbab5-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK demo.js Show response
www.sendgb.com/src/plugins/ion-sound/ 1 KB
1 KB 30ms
29ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/plugins/ion-sound/demo.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bf8ccb23da9bebd5d893144a21f5cb7e4621aaeca10ece05c0e08b2b1161170

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3489
Cf-Polished: origSize=2025
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-7e9"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNH4fpQHj2g%2BaGCnk1HInNGTP8EXiLJEl%2FlnTxtbY1SZ1uUclBhUr0zF9XrfptJ0xIMEfscY%2BfOMuK9xnZ%2Fq5B73owCrAaSYufDRy3%2FJXXaEg0WFrJ3gW53NltFF3pDCZYHXqhXlg3atiQ8n"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c9588cbac9-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK popper.min.js Show response
www.sendgb.com/src/mdb/js/ 20 KB
8 KB 28ms
28ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/mdb/js/popper.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58cb6a78afc204b7165e947c965cbce6296ee0e587fbab3e12c0d2b6378e9004

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3352
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtlwuR77owI0E0dpOBbI9yol4L0PWQgaMyh6FV7AoUkDhly6OmuZf7zNhQ6dIQQktqwL109SqmgtJbjwI4IAHaR9h8mKwp%2FqO6H19fp47Jj2th6uBp7ACFUx5tlEXOXSc3vHOpo902Yl9Ff6"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:45:27 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcf47-5039"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c9780abab5-MXP

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
www.sendgb.com/src/mdb/js/ 69 KB
21 KB 32ms
28ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/mdb/js/bootstrap.bundle.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2621
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5J2ajssyUjSCa3yzNraLK6yUJHT35WTn46P4z1pvRPQJlVhcUYJrCbR6ZtrDmatuHF2ccwQgwmuCnpvqCtx%2Bcp5bTeGI%2BQA1ZeIuKU6%2FgXMf9J%2BlLrlb34OmzlECQ1mJOzS%2FB7dOMzMpsv3Q"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-11536"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c98b3f5a1f-MXP

GET
H/1.1 200
OK mdb.min.js Show response
www.sendgb.com/src/mdb/js/ 408 KB
123 KB 37ms
33ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/mdb/js/mdb.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b7342dac6d3a1943e4e7f4136574ae766097ecadfea71d5d679ca7910800af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2623
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUGImL6%2FZw1JlRkeJQdE7Bdidc0fvbJpMfyqcDvpgz%2BC97enFNSvukroYe0FiE1Y8z3kwYW9all%2BoWeniFWeB6%2B8i15KMmPqdCpUY3vJHMG2fo3gxRqb8n50sDaKXCZnClR%2F%2F548WKjfk26Q"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-66126"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c98eb183a3-MXP

GET
H/1.1 200
OK multiple-emails.js Show response
www.sendgb.com/src/js/ 5 KB
3 KB 39ms
35ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/multiple-emails.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b5aaa671b04605b64f1cf1e82a0341e988f816b094e3d2e5250549da94a723

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3634
Cf-Polished: origSize=12737
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 13 Dec 2020 19:11:58 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5fd6677e-31c1"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIMtNvnltn2E0Ybf78huCQ3%2F7lRZJqb61X9nOAZSdKuqwgINVVZfAIYH9flMdg9%2FgLPYiIrsqDlC1VTkPYzD15xjubnYEmzaGVa7JJd2NQdqOo%2BCfsPeV0g9m7cuQG9JToyl1%2F5UVK87ou94"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c98d1b59a7-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK perfect-scrollbar.min.js Show response
www.sendgb.com/src/js/ 19 KB
7 KB 34ms
27ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/perfect-scrollbar.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5a0b541af8b1879049dc4662e53c76916d46f26b570101a8eff8af1c1fb902

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3489
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkL7Wz5mr3FA22C%2F8qiwd9UCA5JH1ubQm4ca117sKisLwPVpDbZEGoVaeKbO0JIbEyhMPImJMyTgDRob%2BIUxfXnTrjv8fgyt4OEeZx8omV7I9OqDEvDccjm7ZkFzqIfGXAiOFy9esJkrrMeb"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-4c0d"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c988e0bac9-MXP

GET
H2 200 mui-combined.min.js Show response
cdn.muicss.com/mui-0.9.38/extra/ 62 KB
14 KB 207ms
144ms Script
application/javascript 2606:4700:20::681a:418
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.muicss.com/mui-0.9.38/extra/mui-combined.min.js?v=6.1.5
Requested by: Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:418 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a255f7339be3cdca2906640eb20969717cc88e2acd8d7d0dbf2dac7a8069fdc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 3
content-disposition: inline; filename=mui-combined.min.js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Jul 2022 09:54:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88j9um9f%2FVdt1cyzpDdDsykVgawFiAhqqbcmXX9%2F7v1%2BTKnwBLb%2F2T5W4i%2B2I8ylApoywMyRSqCBRC4O5%2FsHdHJGY6RYgAC7s3LsX%2BLtmfi7Zv%2FhIKP42hOLW1XlXQBm8ePiAvLuEfbNwWt%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 728107c9e881ba89-MXP

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.sendgb.com/src/js/ 25 KB
9 KB 60ms
30ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/jquery.validate.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0886d8101f7306cbc2dbfe95d574c6bf2e37f8a15b4a820974e43e4934a2f8be

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5621
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzXB5%2B5YlvCm5KpLJ3Js9TUOz51FH3CEU7iZBEq4n2edjM9UqVgLT5KQ5Ie04FCZ5B5vyz8xytW3UkgPxiShq5ya5sgfQpkXOwdkc6q7meMuG88n1PHnemPtpW0yXR6CU0g%2FEmtLWgjCp2r%2B"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:45:27 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcf47-62d9"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c9b929bac9-MXP

GET
H/1.1 200
OK lang-js.php Show response
www.sendgb.com/src/js/ 7 KB
4 KB 102ms
100ms Script
application/x-javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/lang-js.php?v=1657369401453

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

345dda44c8a173eb352ba5f42f599d09c62338050825b9d271774d23a88fc8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wck0YC5%2B7urjCC%2BF7fCpJbS3eRtJA%2Bq5zjVA%2FOb1IdLH6zRj90KushH%2F4kshduGE7d5jrG7slqdMo5SnSsc6kBXQzz3oTscZC0sp%2B4vTh9P40VEKoJmHvUPDYOXQlcl5LPX4prwdVbJoUKal"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Pragma: no-cache
Last-Modified: Sat, 09 Jul 2022 12:23:21 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate
CF-RAY: 728107c9ba87839c-MXP
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK form-control-js.js Show response
www.sendgb.com/src/js/ 4 KB
2 KB 31ms
31ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/form-control-js.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ad353c3ee40763bf8e0bc502a4a8853a2f039c4939805877fa0300d368bf5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2623
Cf-Polished: origSize=5554
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 12 Aug 2020 10:04:51 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f33bec3-15b2"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VETvaDGnao2qkiB%2FskIABvoauof0zIWQ0DLs1v9Zas8LQYPz4B%2BjFLl2COHQ5ODTRzfsdna6VK9RX0XY9GvxN2C7e7xwLrIxYHi%2BgGZ3a8tuSyuifEKHc5AU%2Bq6WeayGqpJWnucdpSoyJ0RM"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c9df3483a3-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK jquery.knob.min.js Show response
www.sendgb.com/src/js/ 11 KB
4 KB 33ms
33ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/jquery.knob.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3921
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNxBz3LWFqKUT5YVOd2XSG5w0Tiz2JZM9uZ9ey5s5MLSiUQty6ONPrsmCgvydc1egTe%2BlN0g6%2FubE25dGMKXdykIUYUznNFgLWR7xH4ZVv7azKuM7a4P%2FpJ0zA7g1mhx7zPqFEBWd%2BmqjNhf"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:45:27 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcf47-2a34"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c9ebf45a1f-MXP

GET
H/1.1 200
OK md5.min.js Show response
www.sendgb.com/src/js/ 4 KB
2 KB 31ms
31ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/md5.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3352
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A%2FNBSRg9Dbtqtcp9P5sGshVOgXaXSnXOOpwf59XFr7ERmpsjANjsZeRgsMVsbhKv4ZFF1F1ivUiC1nVZuKaSlhpnhAwOQDe8RoMitjVhqvdNC0VEPa6wG%2FR4M%2FuFx7PbWbfWdL8ufnQ3Ybm"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:45:27 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcf47-eb6"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c9e979bac9-MXP

GET
H/1.1 200
OK jquery.fine-uploader.min.js Show response
www.sendgb.com/src/js/ 214 KB
53 KB 33ms
33ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/jquery.fine-uploader.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a85c68b65334deca20d94a75e37634861baf2604937f5d7234266c698801acfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2617
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxRvnKjIKQi2QjTNRNP9fqNioTE9ZvWFZaTMJsVrT7zMdbGlOoeUnJxOsYDmpav7Iv7O1%2BBBQmCEPa8y7k1ulAq6vgpiFyudNcVUq7YHJsV46ypXzwH0HPPciR9KweicI8yHhwrehN6GA%2B1o"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-35649"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107c9fde659a7-MXP

GET
H/1.1 200
OK dnd.min.js Show response
www.sendgb.com/src/js/ 28 KB
8 KB 29ms
29ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/dnd.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0616bad6c2fcac05ee501c969bcde956164175cbe0b03c7d7695511aad88652c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2622
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wmb7HQeO9vj2eGnzJpOLU30jSk9%2FsiulvpOh2AX8%2F6p8uXpJ051UV00LNvZHfV9WZe3RWrzdgn3JPmQQ2CxQ0iwvas21bCwB6vxm6xaT8tQrG0aGJkbIDV%2BHwh%2FhxFF7gS0I8OOcf2lsHQW"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-6eb8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107ca0f7783a3-MXP

GET
H/1.1 200
OK sendgb-c.min.js Show response
www.sendgb.com/src/js/ 30 KB
9 KB 56ms
56ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/sendgb-c.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9b58de5aa4861b6860edfc1f38702e3603ab83ca3cd97bfa2b3be9bff5838e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2427
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGfLihhUcKDVYpnc1w%2BxV2XtTVeFGVJlP2fGYWNP8ATG%2FUyt1gAReq6dAIw2YOeRJIbwwOF6f%2BCx26RdKb%2FMyqpkkctJ88rexXln66FNim6jagmFZv2iCZLEU8O6nbFR0Ol0n9LLd9ng5Hso"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Wed, 23 Mar 2022 09:15:07 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"623ae51b-77e8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107ca1917bab5-MXP

GET
H/1.1 200
OK browser-alert.min.js Show response
www.sendgb.com/src/js/ 770 B
1 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/browser-alert.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106836ab0f8b9d70b6cc2f07a7203a7eac7e46bb22a96c8a4446559b141a52fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2427
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXQY8D9PjiFbwwvmCufRDpr1BVt7mFkMIz6HAw91NI1BlD0oFudHWaC%2FkTDUJqyzgPC525yhRyNDPJtQku%2FSvuLoENtqOyov0mBqapZwt%2BtmIutC2Zy%2FiK6Wxb5ND9YlE0cy0XL2fJohdBqd"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-302"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107ca19e2bac9-MXP

GET
H/1.1 200
OK background2.min.js Show response
www.sendgb.com/src/js/ 1 KB
2 KB 33ms
33ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/js/background2.min.js?v=6.1.5

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f5ec4cbe07f5cc35b55e8adee84ecdb253a39aaedc1e6fe077e32381f93356

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3920
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSNtoBIymG6BNcAtccXdLloGujrhcnuQeMbXnurJKzhwc9rbKYSlupkj%2BfjZooTTo63CEPDu3OPE0Zq5VrtwyNpWOKqN5hrrpm%2BUcvA6lxWPIezR1Q%2BqJlKdq6pNMGCZ3QOW9i3z3FsV3%2B1q"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5f1dcfa0-4b8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
CF-RAY: 728107ca1c5a5a1f-MXP

GET
H2 200 / Show response
js.stripe.com/v3/ 316 KB
75 KB 58ms
17ms Script
text/javascript 13.227.219.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-58.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

96e194b10e24dc030925d3a7ac2922b19e391d83e8cf8fd5615de8ae6418f8b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 23
x-cache: Hit from cloudfront
date: Sat, 09 Jul 2022 12:23:11 GMT
via: 1.1 2e0227ef3f0af98f7b4e1f8452f59f84.cloudfront.net (CloudFront)
last-modified: Fri, 08 Jul 2022 18:12:24 GMT
server: Cloudfront
etag: W/"f49971a10666cb56ba10c384d89cbc5e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS54-C1
timing-allow-origin: *
x-amz-cf-id: pzkglxzf3cNVve_npJk80aCf4xtz80H45_y7sGTGGdPik9RRYt3VRg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
53 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PX7DLT2

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43cf7ecac2784d1439e854b88a12c3e6b2439c0481b670dc3065822ce48a1a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54232
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Jul 2022 12:23:21 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
5 KB 9ms
8ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.sendgb.com&t=xo&v=5.0.322&source=payments_sdk&client_id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

29078882474d79afa53fce5c6571524bef414b65ffe6565466601bc1354dc8f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Ur+akbtPhh56mdYpguqSTF6620EVvyKXAfJ45N/cMUz4ZKFn' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Ur+akbtPhh56mdYpguqSTF6620EVvyKXAfJ45N/cMUz4ZKFn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 59475
x-cache: HIT
paypal-debug-id: f904475edf4dd
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4740
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4041-HHN
traceparent: 00-0000000000000000000f904475edf4dd-8cdc479ffad5cc21-01
x-timer: S1657369402.837701,VS0,VE2
x-frame-options: SAMEORIGIN
date: Sat, 09 Jul 2022 12:23:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=3600
etag: W/"3529-eog23CflxIF61JLbY+Zixun1gwc"
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 34ms
19ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.sendgb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617, 617
age: 6663799
cdn-cachedat: 2021-04-23 07:11:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: cd9cc4821f197513ad73b53ddb1f6982
accept-ranges: bytes
cf-ray: 728107c9af910221-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 73 KB
73 KB 29ms
29ms Font
font/woff2 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Referer: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin: https://www.sendgb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:21 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28053474
cf-ray: 728107c98d1859bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74256
x-amz-id-2: 0H5L78GbErcCPX1i1ezYa+q77K7vhicj1fFx4egwiqcb1DIgxB04gaa0ElzuhIN4TqyV7Jn//Uo=
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
server: cloudflare
etag: "418dad87601f9c8abd0e5798c0dc1feb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzpHts17rZuMq9xBy7TnTngpXe9zrm7D0nZxI394HZ9LRoNOB%2FVQcKpc418TFgEgYpnkr3IEbzwoo5300lGOg16MaYw2mxmMjpfklKRjOHl1pXJLLOxIyCsDrVWOXHIcAeQDLv4iHiiSUrPtCjY9Zag8"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: ZBKHGG1D7P5QBVKT
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H/1.1 200
OK Roboto-Regular.woff2
www.sendgb.com/src/mdb/font/roboto/ 48 KB
49 KB 42ms
29ms Font
font/woff2 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/mdb/font/roboto/Roboto-Regular.woff2

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/src/mdb/css/mdb.min.css?v=6.1.5

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.sendgb.com/src/mdb/css/mdb.min.css?v=6.1.5
Origin: https://www.sendgb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Strict-Transport-Security: max-age=0; includeSubDomains; preload
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2557
Connection: keep-alive
Content-Length: 49236
Last-Modified: Sun, 26 Jul 2020 18:45:27 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5f1dcf47-c054"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FL3TTyy6mF3PnBudeg7tqrp26oVAVZ%2F8onB1tlQVR4bfTRR4%2BohxjARIzD9gZG7FHllspKIWzGSK%2Bkb1mgziANQ1qiDKYKvzdawNJifPi48e4zNRissoHkYzBt%2F62bncFneJM6eFPCkxLOmp"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 728107c9a861bab5-MXP

GET
H/1.1 200
OK Roboto-Bold.woff2
www.sendgb.com/src/mdb/font/roboto/ 49 KB
50 KB 37ms
30ms Font
font/woff2 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/mdb/font/roboto/Roboto-Bold.woff2

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/src/mdb/css/mdb.min.css?v=6.1.5

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.sendgb.com/src/mdb/css/mdb.min.css?v=6.1.5
Origin: https://www.sendgb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:21 GMT
Strict-Transport-Security: max-age=0; includeSubDomains; preload
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3593
Connection: keep-alive
Content-Length: 49976
Last-Modified: Sun, 26 Jul 2020 18:46:56 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5f1dcfa0-c338"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEAOBtsXlSTDEPZramBihjt25LLsxc9iQmJvEZZ21UvDRrPx8%2BVgruCZ7Af45NjAl1MTjO40pMt5rXdmJLK%2B9t5pojbgY%2BmrVVujTV7RaEuciabJ1pMkn5B8VioCP4Vkt%2F1jSc9fUQpJp9%2Bj"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 728107c9ab8d5a1f-MXP

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 6A98 371 KB
151 KB 339ms
338ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.322&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfamJyZnFrcmRqcnJqZHJpaXNlamxqZnJkY2NscHpmIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=f8981340e5b00&storageID=uid_3df53ca27c_mti6mjm6mje&sessionID=uid_849528c941_mti6mjm6mje&buttonSessionID=uid_4fb10619e5_mti6mjm6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c4f081d4c2e91121c22a0870475794c72d20427b726eff7d7e5533d5aecdc3f

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sendgb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 12:23:22 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"5cdad-c9K3f7I5KtIk7sv/Bb0I1oLMy4A"
p3p: true
paypal-debug-id: f98069050c560
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f98069050c560-28f4d3a527bb1c8f-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-hhn4041-HHN
x-timer: S1657369402.020483,VS0,VE331
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 0747 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1002 B
1 KB 193ms
193ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c59de3f066958064cc11195d4444657f7428f397c6555011dcbfacaffb754a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.sendgb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f9806904fa444
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4073-HHN
traceparent: 00-0000000000000000000f9806904fa444-fa9921c2b401e79a-01
x-timer: S1657369402.297915,VS0,VE186
etag: W/W/"3ea-Fwh2/0KMlHls1NLQrbspxsVKpJ8"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sendgb.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 198ms
185ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sendgb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.sendgb.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sat, 09 Jul 2022 12:23:22 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f98069058be08
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f98069058be08-52cc29683d4e8918-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4073-HHN
x-timer: S1657369402.111668,VS0,VE170

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 47ms
7ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.sendgb.com&t=xo&v=5.0.322&source=payments_sdk&client_id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F14) /

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: b44355062a6e1
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 16464
last-modified: Tue, 03 May 2022 17:28:29 GMT
server: ECAcc (frc/8F14)
traceparent: 00-0000000000000000000b44355062a6e1-5fa67eefd13de79f-01
etag: "6271663d-da91"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 09 Jul 2022 13:23:22 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
806 B 210ms
177ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A4RQRGB7XMVPX8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A4RQRGB7XMVPX8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=9c15c1c2-6279-4f14-882c-c6873838ec83&fltp=analytics&mrid=4RQRGB7XMVPX8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Gro%C3%9Fe%20dateien%20verschicken%20-%20versenden%20%26%20Kostenlose%20%7C%20SendGB&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1657369402109&g=0&completeurl=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: b8c82fafd1bc2
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4054-HHN
pragma: no-cache
traceparent: 00-0000000000000000000b8c82fafd1bc2-6f4416a29885eb1c-01
x-timer: S1657369402.144929,VS0,VE171
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Jul 2022 12:23:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX7DLT2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5234
date: Sat, 09 Jul 2022 10:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 09 Jul 2022 12:56:08 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 63ms
36ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX7DLT2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 12:23:22 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/ 339 KB
120 KB 62ms
48ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3672675116345653&plah=www.sendgb.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2592a03b65ea03708474b9ea74d6ad3738c124df64d49b6113584fde7f409417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122423
x-xss-protection: 0
server: cafe
etag: 18266540604079000143
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 12:23:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/ Frame D7F4 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sendgb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54700
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 21:11:42 GMT
etag: 10429905676100781186
expires: Fri, 22 Jul 2022 21:11:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame 2F1D 240 B
980 B 16ms
15ms Document
text/html 13.227.219.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-58.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sendgb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1736
cache-control: max-age=31536000
content-length: 240
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 11:54:43 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2e0227ef3f0af98f7b4e1f8452f59f84.cloudfront.net (CloudFront)
x-amz-cf-id: hd_aN3xmy6Cs7YP7kO76Bm5jzRfidxzIpaqzX4BXd9eQfbdDdGJvvQ==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H/1.1 200
OK invisible.js Show response
www.sendgb.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 10EC 36 KB
13 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1657368000

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc67bcb5f47d2a0494d9995a37eed6a9c6c8b6f9113394938b2bc1088cdd32a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXi9248j%2F0KCxlRWRqAm3y%2FaEqEKkcQrTlDPbLGq%2BQ%2F3LaAVszKMlgSDvHMYFsjGw%2FpLP7DlrIr9J9s%2BUKPcaN72ohNyUewfsbePkqfARKnHoW1w9G3nY8hYbS7lPy2mKXt3c5UZpq3Ljh6E"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
Transfer-Encoding: chunked
Connection: keep-alive
x-control-type-options: nosniff
CF-RAY: 728107cbf8795a1f-MXP

GET
H/1.1 200
OK sendgb.mp3 Show response
www.sendgb.com/src/plugins/ion-sound/sounds/ 39 KB
39 KB 78ms
78ms XHR
audio/mpeg 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/src/plugins/ion-sound/sounds/sendgb.mp3?1657369402246

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/src/plugins/ion-sound/ion.sound.js?v=6.1.5

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cdf01843b513efbec95706f4c28221b52ee8d2520e1351bad8d63555f705637

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:22 GMT
Strict-Transport-Security: max-age=0; includeSubDomains; preload
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 39450
Last-Modified: Sun, 26 Jul 2020 18:45:28 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5f1dcf48-9a1a"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rymKB79SL%2FdMCrDm0oFwbsDnC68%2FXrLHdlXJW5gWx55WvWdHfkuunO%2BxpdwxPo2hrXKrmvDaZbtiDOleret1HJGqHAPd0DIDgcTmxBArIpxwqhLc3pFNLPaaR3zX6JHB9mWYSEdBg%2BXIPrJ%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: audio/mpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 728107cc1de4bac9-MXP

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 0127 54 KB
17 KB 8ms
7ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F27) /

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sendgb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Sat, 09 Jul 2022 12:23:22 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Sat, 09 Jul 2022 13:23:22 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 9d22d381e7590
server: ECAcc (frc/8F27)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000009d22d381e7590-1b230d417c6f781f-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 2F1D 0
571 B 508ms
167ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2F1D 1 KB
1 KB 14ms
14ms Script
text/javascript 13.227.219.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-58.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: Hit from cloudfront
date: Sat, 09 Jul 2022 12:22:25 GMT
via: 1.1 2e0227ef3f0af98f7b4e1f8452f59f84.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
etag: W/"77711798ecf99b8bb8207cf88a10d73c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS54-C1
timing-allow-origin: *
x-amz-cf-id: NLRlTv7cHMq91E9QXonTm1Rr75WPnpIgpKFuYz-oy1RC2M9n_nN-ZA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 60ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-60745031-1&cid=788227081.1657369402&jid=1029914285&gjid=1196797776&_gid=961632869.1657369402&_u=YGBAgEABAAAAAE~&z=983433601

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sendgb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 12:23:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.sendgb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
6ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1378065278&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&ul=en-us&de=UTF-8&dt=Gro%C3%9Fe%20dateien%20verschicken%20-%20versenden%20%26%20Kostenlose%20%7C%20SendGB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1029914285&gjid=1196797776&cid=788227081.1657369402&tid=UA-60745031-1&_gid=961632869.1657369402&gtm=2wg6t0PX7DLT2&z=1441830009

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 05:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26180
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/977766457/ 2 KB
1 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977766457/?random=1657369402285&cv=9&fst=1657369402285&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&tiba=Gro%C3%9Fe%20dateien%20verschicken%20-%20versenden%20%26%20Kostenlose%20%7C%20SendGB&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

287e135561cd4b5fb1ccf23481ad4a81167a7888d3d9a92b59f8a7e51fc9d1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1096
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
274 B 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.sendgb.com&callback=_gfp_s_&client=ca-pub-3672675116345653

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3672675116345653&plah=www.sendgb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1339adea77a3d4ab0ced682cd21324f6f968b2ecccba3f6170af1faee53219d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sendgb.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sendgb.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&tn=DIV&id=loading&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF2A 132 KB
34 KB 468ms
467ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&adk=1559050123&adf=2739833515&lmt=1657369402&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657369402195&bpp=3&bdt=698&idt=115&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8403428176104&frm=20&pv=2&ga_vid=788227081.1657369402&ga_sid=1657369402&ga_hid=1378065278&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531606&oid=2&pvsid=2986032673561292&tmod=816489772&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=133

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e50eb5fc7780870856696c9b0f49eab82dcd16c85702113b6b160f8fdb4cb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sendgb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34594
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 12:23:22 GMT
expires: Sat, 09 Jul 2022 12:23:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 4D07 930 B
2 KB 39ms
8ms Document
text/html 2600:9000:20eb:a600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:a600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 54
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 12:22:28 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-id: wwQToyrk9nQ3rlpJA5AtZZsKpKm-PT6TNKgZCX-ztDE8oU1NX4gQOA==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F73C 92 KB
33 KB 818ms
818ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1657369402&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657369402198&bpp=2&bdt=701&idt=151&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8403428176104&frm=20&pv=1&ga_vid=788227081.1657369402&ga_sid=1657369402&ga_hid=1378065278&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531606&oid=2&pvsid=2986032673561292&tmod=816489772&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TYjhGnPkmV&p=https%3A//www.sendgb.com&dtd=155

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d0324fbc77a5bd7dedd1432090165bb8a891b6482b859bce22c9b1690ebc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sendgb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 12:23:23 GMT
expires: Sat, 09 Jul 2022 12:23:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ts
t.paypal.com/ 42 B
464 B 168ms
167ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A4RQRGB7XMVPX8-1&page=muse%3Aoffer%3A%3A%3A4RQRGB7XMVPX8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=9c15c1c2-6279-4f14-882c-c6873838ec83&es=visitorInfoFlowStarted&mrid=4RQRGB7XMVPX8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Gro%C3%9Fe%20dateien%20verschicken%20-%20versenden%20%26%20Kostenlose%20%7C%20SendGB&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1657369402359&g=0&completeurl=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 225bd75e55599
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4054-HHN
pragma: no-cache
traceparent: 00-0000000000000000000225bd75e55599-e53db8a5ff5a9c4a-01
x-timer: S1657369402.364148,VS0,VE161
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Jul 2022 12:23:22 GMT

GET
H/1.1 200
OK pica.js
www.sendgb.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 10EC 21 KB
8 KB 25ms
25ms Other
application/javascript 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d8eefcdc1bfeb18b92522aaa09710db97666de9aee4ecb20514eb4580bf3ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBZ95f%2Bqy0%2FfYRPKZfQNFYOv9v6QzHD76hAJvsSvN3XKh%2BuHI2DLTUrzUTbv8xVp4M22jjMdK0H%2BKwvWOzx7r9KzAn5KL%2FR7lKeNSuODkT52XJyLF6O9PR6TIJziRgoB%2F3m3JR%2FHRvIRLVtd"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
Transfer-Encoding: chunked
Connection: keep-alive
x-control-type-options: nosniff
CF-RAY: 728107cccf55bac9-MXP

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 174ms
173ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sat, 09 Jul 2022 12:23:22 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f980690b3d19e
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f980690b3d19e-e3376111a5b68fd2-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4073-HHN
x-timer: S1657369402.376702,VS0,VE167

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 0127 435 B
2 KB 294ms
294ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e536b2ee36ad4b77d1bb169e1785b58f3bf57f775eed4a051193b3a428dc8baf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-XscnmPGyjYFOZ30bw1QwgR/87QV1w+/eRH5uTAb7Qhd64evC' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-XscnmPGyjYFOZ30bw1QwgR/87QV1w+/eRH5uTAb7Qhd64evC' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
vary: Accept-Encoding
x-cache: MISS
paypal-debug-id: f274600f15a0f
date: Sat, 09 Jul 2022 12:23:22 GMT
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4041-HHN
traceparent: 00-0000000000000000000f274600f15a0f-b552bc7e64bf0705-01
x-timer: S1657369403.551095,VS0,VE287
x-frame-options: SAMEORIGIN
etag: W/W/"1b3-jZ8Hu242IHWC+LHWbZcmGkjVuiE"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/977766457/ 42 B
548 B 42ms
19ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/977766457/?random=1657369402285&cv=9&fst=1657368000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&tiba=Gro%C3%9Fe%20dateien%20verschicken%20-%20versenden%20%26%20Kostenlose%20%7C%20SendGB&async=1&fmt=3&is_vtc=1&random=4258466122&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/977766457/ 42 B
548 B 43ms
20ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/977766457/?random=1657369402285&cv=9&fst=1657368000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&tiba=Gro%C3%9Fe%20dateien%20verschicken%20-%20versenden%20%26%20Kostenlose%20%7C%20SendGB&async=1&fmt=3&is_vtc=1&random=4258466122&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 6A98 333 KB
103 KB 8ms
8ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.322&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfamJyZnFrcmRqcnJqZHJpaXNlamxqZnJkY2NscHpmIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=f8981340e5b00&storageID=uid_3df53ca27c_mti6mjm6mje&sessionID=uid_849528c941_mti6mjm6mje&buttonSessionID=uid_4fb10619e5_mti6mjm6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ec7cc14837eb13860245f8eeaa3848c6b63f5cec7e83e6be2ecc8906cfa21b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-NhGXujN2m7SaAFdxSE9v8CdeFbF93tF+Cvp6oe7GhpgifXrk' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NhGXujN2m7SaAFdxSE9v8CdeFbF93tF+Cvp6oe7GhpgifXrk' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.322&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfamJyZnFrcmRqcnJqZHJpaXNlamxqZnJkY2NscHpmIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=f8981340e5b00&storageID=uid_3df53ca27c_mti6mjm6mje&sessionID=uid_849528c941_mti6mjm6mje&buttonSessionID=uid_4fb10619e5_mti6mjm6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NhGXujN2m7SaAFdxSE9v8CdeFbF93tF+Cvp6oe7GhpgifXrk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NhGXujN2m7SaAFdxSE9v8CdeFbF93tF+Cvp6oe7GhpgifXrk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 9026
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: f5870469a340a
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 104495
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4041-HHN
traceparent: 00-0000000000000000000f5870469a340a-fedc4e632af911ed-01
x-timer: S1657369402.380605,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 09 Jul 2022 12:23:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"1982f-iTmpDsh6gGq4CaHrtdM5QWTzj2A"
accept-ranges: bytes
x-cache-hits: 2

POST
H2 200 csp-report
q.stripe.com/ Frame 4D07 0
344 B 391ms
168ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
DATA 200
OK truncated
/ Frame 6A98 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 4D07 86 KB
16 KB 11ms
8ms Script
text/javascript 2600:9000:20eb:a600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:a600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 102
date: Sat, 09 Jul 2022 12:21:42 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2P5BjDQezX4Hhgm1wctCiGDGn4E-bJ4m8ws6Kmn9FZcqOefAnnf8zw==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

POST
H2 200 6 Show response
m.stripe.com/ Frame 4D07 156 B
523 B 503ms
168ms XHR
application/json 54.148.100.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.100.42 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-100-42.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

168363136111e706b568a74673117fdffc52c2ad6832d6753ff2a2a91d134612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H/1.1 200
OK 728107c6598483a3 Show response
www.sendgb.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 10EC 2 B
1 KB 45ms
45ms XHR
text/plain 2606:4700:20::681a:4bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendgb.com/cdn-cgi/challenge-platform/h/g/cv/result/728107c6598483a3

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1657368000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 09 Jul 2022 12:23:22 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIEMFad7AlUbj6qFw6MCcSv2Bk99AVHWchkFyOJOIoD1AWXn8GL878i%2B5doJzW%2FKf4VSd4484gixmzeRz6COW7cS4Jhh5%2F9JYVyoSpc6Ftu8aVUSlQjZt3dPJPJ83BcnGalLlL%2BEMan3sFCy"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 728107cf7c8ebac9-MXP

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/ 149 KB
53 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54c21995b26d9c889a8ef2863c7bbc80be2a68ce94be86c75a13027e27598f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54368
x-xss-protection: 0
server: cafe
etag: 10917899923360948320
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 12:23:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sendgb.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sendgb.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/ Frame 0ACC 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sendgb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 11:01:07 GMT
etag: 10429905676100781186
expires: Sat, 23 Jul 2022 11:01:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 0ACC 4 KB
636 B 31ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 10:55:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 12:23:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 12:23:22 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0ACC 205 B
294 B 29ms
7ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 11:17:22 GMT
x-content-type-options: nosniff
age: 3960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 09 Jul 2023 11:17:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0ACC 604 B
1 KB 28ms
6ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:16:03 GMT
x-content-type-options: nosniff
age: 439
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 09 Jul 2023 12:16:03 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ Frame 0ACC 19 KB
9 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 11:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 11:52:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 76E1 8 KB
893 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 10:53:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 12:23:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 12:23:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 76E1 2 KB
902 B 26ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 12:19:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 76E1 21 KB
8 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 12:21:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 76E1 3 KB
1 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 12:16:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76E1 137 KB
43 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 12:23:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 76E1 17 KB
7 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 12:17:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 76E1 0
0 32ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCGkaYLdRIYbieqoGGnm01_6LKNzsRx3cYTKoHgIzpcmewahrkXLYj66qn8E4q8JeHR_x3Y1ucWUfQGmn75DaxGKbTpA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 e335c40f4e500f406840f7159cec7b48.js Show response
www.gstatic.com/mysidia/ Frame 76E1 31 KB
13 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e335c40f4e500f406840f7159cec7b48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 18:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 18:10:58 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0EFE 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 12:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D41B 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sun, 10 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame D41B 35 B
463 B 40ms
13ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG9Lamm3qlaDUNlqzLApl_s&google_cver=1&google_push=ARnp8GBFU5UOmd08qM_qFV99RvQAwbotYBQElE74Dt96NIroVaH8sU9Yi4HAzUZzV6J0pqvttAri4WbpF7kEb-LnByA-7Zv36g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame D41B 43 B
356 B 52ms
25ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDMWY9CNGG40LGQn48-hQOw&google_push=ARnp8GA-VPPjTfECGFjKsEIkdf6GhC_fj9__hpukIhanoqBq84g14TSM9GxidvlASI0qiArH-EAAwvkK1g_wYTCJXzEy4lcokQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame D41B 43 B
351 B 65ms
27ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOD9ipruWhx_3XcyNe4OYs0&google_cver=1&google_push=ARnp8GDkPGDOoGQqYhUVPpzVC17XFZpZnYniROxM36i4AX7Df88HAd_nQ2FboqIA9xQHaGHLekjHthM5m4_T2Qbkht3NgF5paIs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: q1qkn2t1ht2k0nu3v6f87mmr5i9eklun

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D41B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=buRJa7AMSoGEgBILrf_WPw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=buRJa7AMSoGEgBILrf_WPw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCtjA3rWnt_YWVDvPVttWnfPKQ-wKVMWqDJEVf-bDZ5xoJm5R6ftKe8t3-lnaqzgajbp4ln6E6ZOYeVXXJd9wkos6H6BQ

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=buRJa7AMSoGEgBILrf_WPw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCtjA3rWnt_YWVDvPVttWnfPKQ-wKVMWqDJEVf-bDZ5xoJm5R6ftKe8t3-lnaqzgajbp4ln6E6ZOYeVXXJd9wkos6H6BQ
date: Sat, 09 Jul 2022 12:23:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D41B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB0PdDjfL3JYrti6B71FB9U&google_cver=1&google_push=ARnp8GBVk0opOLwmP1Z1QfMlK7VNT9Q-qBDCvk0xRrGHxGVO-by1xg6B9AQ3lojq4eNUM2-xVp0...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVEVVk3WFEtVC1ISU1Z&google_push=ARnp8GBVk0opOLwmP1Z1QfMlK7VNT9Q-qBDCvk0xRrGHxGVO-by1xg6B9AQ3lojq4eNUM2-xVp0HZqZC47f8SATKdc8A41UwUw

170 B
188 B

32ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVEVVk3WFEtVC1ISU1Z&google_push=ARnp8GBVk0opOLwmP1Z1QfMlK7VNT9Q-qBDCvk0xRrGHxGVO-by1xg6B9AQ3lojq4eNUM2-xVp0HZqZC47f8SATKdc8A41UwUw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVEVVk3WFEtVC1ISU1Z&google_push=ARnp8GBVk0opOLwmP1Z1QfMlK7VNT9Q-qBDCvk0xRrGHxGVO-by1xg6B9AQ3lojq4eNUM2-xVp0HZqZC47f8SATKdc8A41UwUw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D41B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGG7eqBwAKLikcK8agCUyjY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGG7eqBwAKLikcK8agCUyjY&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGG7eqBwAKLikcK8agCUyjY&google_hm=YslzO6p8edK9ztl6B7CKfAAABIAAAAIB&google_nid=index&google_push=ARnp8GBtL45yWHk2zqwBZcpap35yw7Mpx8QBo...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGG7eqBwAKLikcK8agCUyjY&google_hm=YslzO6p8edK9ztl6B7CKfAAABIAAAAIB&google_nid=index&google_push=ARnp8GBtL45yWHk2zqwBZcpap35yw7Mpx8QBoaHpPr3DvftKw0SIuSH5IUFtSIv91sQRuql1KgYd-twnEHw-cXhi_Q73vspGlQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itUbsAvjrgRdBn0hjFPD1qG4DIHE4mNfs5uZjEOJjY361zHsrLkuaVK0FY52GgxaZiN%2BaOhQtwsH2h40FNj%2FK1SqfWD5y1SCLrPmJ63xP2QJ12Y%2B8QXVjLwPugKsSaY8wrhaCTtEutiSFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGG7eqBwAKLikcK8agCUyjY&google_hm=YslzO6p8edK9ztl6B7CKfAAABIAAAAIB&google_nid=index&google_push=ARnp8GBtL45yWHk2zqwBZcpap35yw7Mpx8QBoaHpPr3DvftKw0SIuSH5IUFtSIv91sQRuql1KgYd-twnEHw-cXhi_Q73vspGlQ
cache-control: no-cache
cf-ray: 728107d13d2490fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame D41B 0
44 B 692ms
226ms Image
text/plain 54.64.217.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEKcwOLDSDYuV5wGP6eRTtrQ&google_cver=1&google_push=ARnp8GBhDnBQ6Vmzl2LaaD6SVg4EWWefzLDvTj-LsTHxdq9baC7mCZ6uU6bIh8QjFlb0Q-vAS9XN0FTL3PsklXbby4tK8JA3v2A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.217.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-217-203.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
server: awselb/2.0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D41B 0
232 B 50ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8QJuIU5IsEZ7uPsnamEQxD0komzwCx6Wgs176zO3FSCRwNDNXGWHAO2rhwFo5uzxQwhoo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0EFE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

48ms
48ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 12:23:23 GMT
expires: Sat, 09 Jul 2022 12:23:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 12:23:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 6A98 56 KB
20 KB 65ms
8ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (frc/8FDD) /

Resource Hash

72c99b1de87499b425e697b2e0e0a8e4e36363506c68e08a7e8d5db555c1db43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58219
x-cache: HIT, HIT
paypal-debug-id: 686a8f6bf83d0
x-cache-hits: 50482
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19745
via: 1.1 varnish
x-served-by: cache-hhn4027-HHN
last-modified: Tue, 21 Jun 2022 22:04:47 GMT
server: ECAcc (frc/8FDD)
x-timer: S1657369403.117142,VS0,VE1
etag: W/"62b2407f-e12a"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Jul 2022 12:23:23 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 6A98 999 B
2 KB 246ms
246ms Ping
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5210f10cc2c733eec8d52d32767f69f520772562bbbd63ba8f6d7338a62eda69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.322&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfamJyZnFrcmRqcnJqZHJpaXNlamxqZnJkY2NscHpmIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=f8981340e5b00&storageID=uid_3df53ca27c_mti6mjm6mje&sessionID=uid_849528c941_mti6mjm6mje&buttonSessionID=uid_4fb10619e5_mti6mjm6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f274600a72be7
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4041-HHN
traceparent: 00-0000000000000000000f274600a72be7-4779d5b4eb527efa-01
x-timer: S1657369403.122449,VS0,VE239
etag: W/W/"3e7-YDypev35ecNomg/diAdPeRaPAmM"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame D61E 160 B
1 KB 151ms
151ms Document
text/html 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 45e22d6f38b66
date: Sat, 09 Jul 2022 12:23:23 GMT
paypal-debug-id: 45e22d6f38b66
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000045e22d6f38b66-7bf6e3cfc31a49e5-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4027-HHN
x-timer: S1657369403.140924,VS0,VE144
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 7604
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_849528c941_mti6mjm6mje&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_849528c941_mti6mjm6mje&s=SMART_PAYMENT_BUTTONS

42 B
299 B

92ms
29ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_849528c941_mti6mjm6mje&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.322&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfamJyZnFrcmRqcnJqZHJpaXNlamxqZnJkY2NscHpmIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=f8981340e5b00&storageID=uid_3df53ca27c_mti6mjm6mje&sessionID=uid_849528c941_mti6mjm6mje&buttonSessionID=uid_4fb10619e5_mti6mjm6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 12:23:23 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_849528c941_mti6mjm6mje&s=SMART_PAYMENT_BUTTONS
Date: Sat, 09 Jul 2022 12:23:23 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H3 200 fa287546e1d5bd0678894d5c227e456c.js Show response
www.gstatic.com/mysidia/ Frame F73C 10 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1657369402&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657369402198&bpp=2&bdt=701&idt=151&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8403428176104&frm=20&pv=1&ga_vid=788227081.1657369402&ga_sid=1657369402&ga_hid=1378065278&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531606&oid=2&pvsid=2986032673561292&tmod=816489772&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TYjhGnPkmV&p=https%3A//www.sendgb.com&dtd=155

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 09:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4351
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 03 Oct 2022 09:05:41 GMT

GET
H3 200 db2e47a9a3671f527cf86ca9ac22fc67.js Show response
www.gstatic.com/mysidia/ Frame F73C 10 KB
4 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db2e47a9a3671f527cf86ca9ac22fc67.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 09:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4277
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 03 Oct 2022 09:05:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F73C 5 KB
667 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 11:02:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 12:23:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 12:23:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame F73C 2 KB
902 B 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 12:19:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame F73C 21 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 12:21:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame F73C 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 12:16:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F73C 137 KB
42 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 12:23:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame F73C 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 12:17:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F73C 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBADI8D4t9cWQWxNfH5IfeRHTSkX_qqgBouVEci3R2gFzHQO9yxQRtkY1G6SigewGGMAGUeFsNNuSP39-k8z-MbF1Amw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1657369402&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657369402198&bpp=2&bdt=701&idt=151&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8403428176104&frm=20&pv=1&ga_vid=788227081.1657369402&ga_sid=1657369402&ga_hid=1378065278&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531606&oid=2&pvsid=2986032673561292&tmod=816489772&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TYjhGnPkmV&p=https%3A//www.sendgb.com&dtd=155
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 e335c40f4e500f406840f7159cec7b48.js Show response
www.gstatic.com/mysidia/ Frame F73C 31 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e335c40f4e500f406840f7159cec7b48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 18:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 18:10:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F73C 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_DRKOnPJYr28F9iEtweB2I3YC_3NnoZrqK_BnO8Lz9briI8aEAEgxav-e2CV4pCCoAegAavVtLsCyAEBqAMByAPLBKoEzAFP0B-LY_D4vnwZpqwhZSrx0CnIU-Z3MIMeBmzzBC4cDK3lkMjfcJGl6Syq0o2EeC319CojCHjC3fLhGS1iB-keRPU6ceSIzcdU6Tzlre_lSvYUB_DnVvmFTG6sSUUenjsGI6QzYNS5VId_z7rjqCij59YKPuqjx6siNsuDpZlE5NBOZVevxhPI9gxpudC1nsMhpRcwiL9-J-_pcZObmiA9zKmyAaeCg4ho0PmmBrKDU_JiFeoVnuprCouyIzK2rPvuxd0yPY89CJt10MzABKWF2e3xApIFBAgEGAGSBQQIBRgEgAfFtJPJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEJOcwAHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUA9AVAYAXAbIXHAoaCAASFHB1Yi0zNjcyNjc1MTE2MzQ1NjUzGAA&sigh=a2TEqU0Qjq8&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1657369402&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657369402198&bpp=2&bdt=701&idt=151&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8403428176104&frm=20&pv=1&ga_vid=788227081.1657369402&ga_sid=1657369402&ga_hid=1378065278&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531606&oid=2&pvsid=2986032673561292&tmod=816489772&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TYjhGnPkmV&p=https%3A//www.sendgb.com&dtd=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 09 Jul 2022 12:23:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 71A1 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1657369402&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657369402198&bpp=2&bdt=701&idt=151&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8403428176104&frm=20&pv=1&ga_vid=788227081.1657369402&ga_sid=1657369402&ga_hid=1378065278&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531606&oid=2&pvsid=2986032673561292&tmod=816489772&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TYjhGnPkmV&p=https%3A//www.sendgb.com&dtd=155
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 12:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A9A9 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sun, 10 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F73C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6c58370e5fd9f79d632e916a4741184191c3dfa7adc2ec725baa69e91ab5b47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A9A9
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEADhm_sUO5W6H_8mPOG329Q&google_cver=1&google_push=ARnp8GDETvvOFTPHdKUAExcIMU-7uxXZx8tNd3w-q0Tpcbqbz5bnaOyS54...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GDETvvOFTPHdKUAExcIMU-7uxXZx8tNd3w-q0Tpcbqbz5bnaOyS54X21gjyB2OJsZqEaPfD6YE_zD66Qv3RHLh1tAjXzXM&google_hm=Du2FdfiKMtWj5...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GDETvvOFTPHdKUAExcIMU-7uxXZx8tNd3w-q0Tpcbqbz5bnaOyS54X21gjyB2OJsZqEaPfD6YE_zD66Qv3RHLh1tAjXzXM&google_hm=Du2FdfiKMtWj53nYXVjzEQ

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GDETvvOFTPHdKUAExcIMU-7uxXZx8tNd3w-q0Tpcbqbz5bnaOyS54X21gjyB2OJsZqEaPfD6YE_zD66Qv3RHLh1tAjXzXM&google_hm=Du2FdfiKMtWj53nYXVjzEQ
pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A9A9
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAHDMpS...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAHDMpS...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDkxMjIzMjQwMDAxNTA3Nzc2NDE4MQ%3D%3D&google_push=ARnp8GAHDMpSnsza-Da6H1DGXxrgHsAyD-QlDFd3XYtKjUtxOUWfEk9b8PxEh0msO0Vam3...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDkxMjIzMjQwMDAxNTA3Nzc2NDE4MQ%3D%3D&google_push=ARnp8GAHDMpSnsza-Da6H1DGXxrgHsAyD-QlDFd3XYtKjUtxOUWfEk9b8PxEh0msO0Vam3YhC32Um57WTIvG8A4z3rAsPno62o4

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDkxMjIzMjQwMDAxNTA3Nzc2NDE4MQ%3D%3D&google_push=ARnp8GAHDMpSnsza-Da6H1DGXxrgHsAyD-QlDFd3XYtKjUtxOUWfEk9b8PxEh0msO0Vam3YhC32Um57WTIvG8A4z3rAsPno62o4
pragma: no-cache
date: Sat, 09 Jul 2022 12:23:24 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 09 Jul 2022 12:23:24 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame A9A9 43 B
64 B 34ms
25ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKo3DLR-bFR7y5qXN1MRDg4&google_cver=1&google_push=ARnp8GD5sT5NivFp04cjJ79hju-tVw-PE5igdC4yeN5LiVBwiNwdr5SqrADjlICd46P1SqVcmXMSXk3oMcx-Xj1dv06Qp1C94kU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1657369402&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657369402198&bpp=2&bdt=701&idt=151&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8403428176104&frm=20&pv=1&ga_vid=788227081.1657369402&ga_sid=1657369402&ga_hid=1378065278&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531606&oid=2&pvsid=2986032673561292&tmod=816489772&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TYjhGnPkmV&p=https%3A//www.sendgb.com&dtd=155
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 308jsqae79lv6ruf8fihaahtq74293jg

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A9A9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qVQ81jb6SHyueLL1xxzEDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qVQ81jb6SHyueLL1xxzEDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCdhOa8iHjltLeclabSrSQRqNFPvV078mkphpW1OWckr8FxBK91hb5HZw6pk77zD_zzg2yS8Qx93aM4hQdK6J3O30HC_CE

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qVQ81jb6SHyueLL1xxzEDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GCdhOa8iHjltLeclabSrSQRqNFPvV078mkphpW1OWckr8FxBK91hb5HZw6pk77zD_zzg2yS8Qx93aM4hQdK6J3O30HC_CE
date: Sat, 09 Jul 2022 12:23:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A9A9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELXF1rEvQj24v2QTnxUFWXs&google_cver=1&google_push=ARnp8GBlDgEKWPT5d7UVVzr-BkyUCH3li-spj31Ev8vlp-Vtr1oRUAArdnTrRGLiib9f-1I-WSM...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVEVVk4M1ctMUYtMkRTUA==&google_push=ARnp8GBlDgEKWPT5d7UVVzr-BkyUCH3li-spj31Ev8vlp-Vtr1oRUAArdnTrRGLiib9f-1I-WSMKBuPDlAZHMhuR6nWzEzTwVb4

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVEVVk4M1ctMUYtMkRTUA==&google_push=ARnp8GBlDgEKWPT5d7UVVzr-BkyUCH3li-spj31Ev8vlp-Vtr1oRUAArdnTrRGLiib9f-1I-WSMKBuPDlAZHMhuR6nWzEzTwVb4

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVEVVk4M1ctMUYtMkRTUA==&google_push=ARnp8GBlDgEKWPT5d7UVVzr-BkyUCH3li-spj31Ev8vlp-Vtr1oRUAArdnTrRGLiib9f-1I-WSMKBuPDlAZHMhuR6nWzEzTwVb4
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A9A9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPWgMjyPXSVqZ2fQFsb3_gk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPWgMjyPXSVqZ2fQFsb3_gk&google_hm=YslzO6p8edK9ztl6B7CKfAAABIAAAAIB&google_nid=index&google_push=ARnp8GDM1wvhYbMZ0sAILCxi57xvs8cVha3Mt...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPWgMjyPXSVqZ2fQFsb3_gk&google_hm=YslzO6p8edK9ztl6B7CKfAAABIAAAAIB&google_nid=index&google_push=ARnp8GDM1wvhYbMZ0sAILCxi57xvs8cVha3MtpvQHWEyOQVVaEev0Vla1DP_OHJ39h7wLG-E7p61Tk6JzXN8ph8NRn7nz3NAcnU

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxLdPA0s0vssjhGk1DXSBzljXTD3oj9TuPFPNBtrdV0ITjoqz9BOoq421lakiYyOKcZP3trkVRJ4WIVWBPdFL85P4lYyGB2A4DiZHdnjqzliM33hkksbdp2ryAJBc8A6xszg6sNNkq2KCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPWgMjyPXSVqZ2fQFsb3_gk&google_hm=YslzO6p8edK9ztl6B7CKfAAABIAAAAIB&google_nid=index&google_push=ARnp8GDM1wvhYbMZ0sAILCxi57xvs8cVha3MtpvQHWEyOQVVaEev0Vla1DP_OHJ39h7wLG-E7p61Tk6JzXN8ph8NRn7nz3NAcnU
cache-control: no-cache
cf-ray: 728107d27ec390fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame A9A9 0
43 B 414ms
227ms Image
text/plain 54.64.217.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEEwYIOBsfzDcx1TsSTZqJIg&google_cver=1&google_push=ARnp8GDS38DX415ZJSlz2_96HJueIAsRVvMRX0KYQNuV-Ts1jTHDpv39BuYNps5tTQNzle3cvAOTiWn4RzEmkECyXjrueaFUByw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1657369402&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3D4til0cYzN5d%26utm_medium%3DOsN4IP8x5yAK1Mf&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657369402198&bpp=2&bdt=701&idt=151&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8403428176104&frm=20&pv=1&ga_vid=788227081.1657369402&ga_sid=1657369402&ga_hid=1378065278&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531606&oid=2&pvsid=2986032673561292&tmod=816489772&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TYjhGnPkmV&p=https%3A//www.sendgb.com&dtd=155
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.217.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-217-203.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
server: awselb/2.0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A9A9 0
12 B 16ms
15ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZrWuhJvqOY_xd5KOGoJis5wL2bq0Zx3PGq7_It7WdvzAFizdKr0H9QpYNEWbxg2nNQKvQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame F73C 44 KB
44 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 391874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 23:32:09 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 71A1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

33ms
32ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 12:23:23 GMT
expires: Sat, 09 Jul 2022 12:23:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 12:23:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame D61E 56 KB
20 KB 9ms
8ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (frc/8FDD) /

Resource Hash

72c99b1de87499b425e697b2e0e0a8e4e36363506c68e08a7e8d5db555c1db43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58219
x-cache: HIT, HIT
paypal-debug-id: 686a8f6bf83d0
x-cache-hits: 50484
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19745
via: 1.1 varnish
x-served-by: cache-hhn4027-HHN
last-modified: Tue, 21 Jun 2022 22:04:47 GMT
server: ECAcc (frc/8FDD)
x-timer: S1657369403.300752,VS0,VE1
etag: W/"62b2407f-e12a"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Jul 2022 12:23:23 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame D61E 125 B
751 B 206ms
206ms XHR
application/json 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

045fd8835ed178b2efd0711c1df1540fcf3d72651c9fe92247d7c6de43f01605

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 445b7e9d832fe
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-hhn4027-HHN
correlation-id: 445b7e9d832fe
traceparent: 00-0000000000000000000445b7e9d832fe-59c5b123495584ff-01
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame D61E 0
193 B 173ms
173ms XHR
text/plain 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
via: 1.1 varnish
correlation-id: 9f343f8b99d42
traceparent: 00-00000000000000000009f343f8b99d42-f481ccdbd46011d6-01
x-served-by: cache-hhn4027-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: 9f343f8b99d42
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame D61E 0
122 B 185ms
163ms Image
text/plain 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_849528c941_mti6mjm6mje&s=SMART_PAYMENT_BUTTONS

Requested by

Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=4til0cYzN5d&utm_medium=OsN4IP8x5yAK1Mf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
via: 1.1 varnish
correlation-id: e6cccf4291227
traceparent: 00-0000000000000000000e6cccf4291227-538034219e5f2de9-01
x-timer: S1657369403.357436,VS0,VE156
x-served-by: cache-hhn4027-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: e6cccf4291227
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 6A98 1004 B
992 B 188ms
183ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bdde722fbbfdedcfde7448f989088e5e8b5669a3d36ece741548a33a45085052

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.322&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfamJyZnFrcmRqcnJqZHJpaXNlamxqZnJkY2NscHpmIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=f8981340e5b00&storageID=uid_3df53ca27c_mti6mjm6mje&sessionID=uid_849528c941_mti6mjm6mje&buttonSessionID=uid_4fb10619e5_mti6mjm6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f2746001df2e5
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4041-HHN
traceparent: 00-0000000000000000000f2746001df2e5-8291912ed593efc1-01
x-timer: S1657369403.377445,VS0,VE176
etag: W/W/"3ec-J91CzYqCtjTAXgiuuEA07TP5Q+o"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 37ms
21ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220630&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb15eaafd6e16f22aa73ca629bed0db49314681299f9a32d65bc5f07d649b876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 12:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10700
x-xss-protection: 0

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame E4F9 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 20:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 20:24:49 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 12:23:23 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1004 B
2 KB 193ms
192ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee29820a6a9e47931877622d5fca85eaa431e3d9b5a64b4c4c4e69deca154872

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.sendgb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f882455f4cc1e
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4073-HHN
traceparent: 00-0000000000000000000f882455f4cc1e-7ad4f4ebce83006e-01
x-timer: S1657369404.664259,VS0,VE171
etag: W/W/"3ec-PxoWIbKK44ykCrrBUsXpof/YCjs"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sendgb.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 185ms
185ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sendgb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.sendgb.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sat, 09 Jul 2022 12:23:23 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f274600cde763
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f274600cde763-2b172ab8ac26481b-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4073-HHN
x-timer: S1657369403.478495,VS0,VE178

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 975F 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sendgb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 12:12:13 GMT
expires: Sun, 09 Jul 2023 12:12:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A889 783 B
537 B 16ms
16ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

183f376c66d61f213ed92fb71d2b0dd0591dc51f620265b6932f8a5c523357f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rAGWkWA5cP7jR2FjgmGfkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sendgb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-rAGWkWA5cP7jR2FjgmGfkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 12:23:23 GMT
expires: Sat, 09 Jul 2022 12:23:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 975F 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 09:20:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 09:20:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A889 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220630&jk=2986032673561292&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 975F 0
9 B 9ms
9ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?J1wLBA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:23:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220630&jk=2986032673561292&bg=!uLulu__NAAaLlKKnq5Q7ACkAdvg8Wpn1m2v5HFlJ9TsYCZnVglsIMzp6r7BeTZlkAmh6P1phHUMAfgIAAABhUgAAAAJoAQcKAPjMdbz-V9QShQzUPfDuBUhEhYV73zdfTgpk0MvcGabekxiHKlDdG29zDqtERRuXgb6e2wUkTnpmqWpgJEPFfTcBg72eku6p60oOyyspKXI_gvqSZIqU75rvzkvSu_fVqi1dULXtT4Rt_UsQhf6oXA2bB4rYsBmVYdrXrGMO2zuWfPViFjIV40f4A6jOGnlSjpXJ9VouLlYJUrS2-qtL3APcwsRpTBjKKuvIE2onsfLNEfFP-FOJ_oNjhfl98IZibKzW6mIhJ1n9XquTme2fOdrDlKtatlSPQ6nK8q_Az5dM5IOP-C6fh3xx45fSVCVoOUkItY649OoyN5kCnWlYlGB6PpjqTS_MKfcX0s5E6EMKhi_AEhSm2WVOJKmLJDAUEM-WFvJSiAvdSPj-jB0Y5x0TiEqqT-2uoeK_ZlLtJ5APBuaqhxLdSDTQayfLn5Xcg7qFW_XhFE18zJcMMlc32rskXISZKFjxc_dO7FXYUMpi8svAc8nNnp8XtrPL-YJBC_rC563waJwsodTdUyQbTXk7ExNDyEqxfmoFvzA9ZMNVESFmbXoTX7HnmcXKrdMMA5hRdkmvJv198MS6VOy9gh8uSxzDlx9kJ_95Lzx2ZwKpu8jBpa6SA_6_KyknVKGjW8dJfGz0fVaZBqw5wMC6ZumcuINQsSlmuF6Q7suStHQl9ilSvko-FtymMvu5vU3Bmz75eyOlQ_SgcNMOzjKuCg08Oka8jr8WhCsgRIMrl60BNGmRU2zr9TpKsgL5GcZmvBqMvHvFSEDds-p3lOt62ya97Kk2PwwQv00mAhCtgeonDQCTH1XzPhKeoyPc9PX1d0bjQKxm8tjtKLijAnxBniqvuMdJJPimWI3J18HQ6OV4MSHdPVC1mR6ywmAWkJTz9-TmgGcJMkJdUKW_2ZSzlY7BeRUHr7uRwhD6xxQtdK-ZZz1AaZGLRZSpqoN7MUYElBA0HMMvH5bd1hIeNYHd9OxAVMdrKsjxZvUt5BUkjfVwdiUaD_0Pd2v6VGveGGtACbGb8XK8RjBFfyj-ezDv4wczRabKwAiDcjsEBRfXag2aC1JYO4iJI5Cn30k4ZutNuMJpU-9z4VvitpCU1610NSkRCrKeHZCkaqIHMaQCW0YcwDUpnqJz4xazdH60XKHHT_cFuyVLp8XhKrquMC65JH_qsX7AImlLWom1O5LuZ_x1AfYaoQgpr5mEQwme9XeXzjQCcy3DUGe1Fw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sendgb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F73C 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrneAQ9J9QWYAsFwgAMPFmyKvdIESfDyoUN80PDKsM6SZn_x8Qu7L1x8njf6MFxJFoG6bAu7c_dTx7aFolUIuTu2dm1NZySg69WUN-rDYRKKivE6eyI4s7Z2z20uK5Cjw06hbCnKPVdS-A&sai=AMfl-YTCxPtTgz9UoLTvcoASWbMhZoJk1sNoDlYf4mX7-bvCGgeZ0iUBz6_P7xVKnBma5BAjz-mHdIrI0ZF1_f0eNv_v29nK-Z74a2Y&sig=Cg0ArKJSzFRWDzpeYTS-EAE&cid=CAASF-RojP0t_PnWmj-t5Ywxg6SE_3a5F9Py&id=lidar2&mcvt=1000&p=0,0,280,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2871120342&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657369402354&rpt=1049&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 12:23:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

276 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sendgb.com/	1970-01-20 04:27:08	Name: __cflb Value: 02DiuH8DSb8Twk3Gk6gL249ahaUdvQPKf75pr6UFrLsJe
.sendgb.com/	1970-01-20 04:24:15	Name: sendgb_ses Value: 8fhtvdm6ef36ct4r1kj5pqc111
.sendgb.com/	1970-01-23 19:58:49	Name: l_code_3 Value: de
.sendgb.com/	1970-01-20 06:32:25	Name: _gcl_au Value: 1.1.1459005340.1657369402
.sendgb.com/	1970-01-20 21:54:01	Name: _ga Value: GA1.2.788227081.1657369402
.sendgb.com/	1970-01-20 04:24:15	Name: _gid Value: GA1.2.961632869.1657369402
.sendgb.com/	1970-01-20 04:22:49	Name: _dc_gtm_UA-60745031-1 Value: 1
.paypal.com/	1970-01-20 04:22:51	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-21 06:39:37	Name: ts_c Value: vr%3De2ea1afb1810a7a07bf7aff1ff2611b2%26vt%3De2ea1afb1810a7a07bf7aff1ff2611b1
.sendgb.com/	1970-01-20 13:44:25	Name: __gads Value: ID=4658722bad265ba6-22ce29d1c8cd00da:T=1657369402:RT=1657369402:S=ALNI_Mb2-MIOWYUJM3q9Bw_X91ukeaygag
.sendgb.com/	1970-01-20 04:22:51	Name: __cf_bm Value: rmsJzbPSBGXmQ8fVnSFBfsPVNL4WjX4_Vl8kX4ApBfg-1657369402-0-AX8u9jjLdrXKQqHdQCVY/UhzasLPvapCE5DynJgCpG+8QBH6XTurY/quSTF8CTIBPxnscsd5+OaGQWf34Nqo+UkLQGoTbbLvAag6hxzRba0n+H+Lnke0BA7QXAQp/BoUGQ==
.paypal.com/	1970-01-20 13:08:25	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 04:23:20	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AtKqV1SOxzsRJ8GitJ0dSwDgEX1Ud1RZZ.ym4XVWRb2KEeQPbtQ3G2IfnPj5kvQhBLgX9%2Bb%2BDUxLo
.paypalobjects.com/	1970-01-20 04:24:15	Name: paypal-offers--cust Value: null:null:null
.quantserve.com/	1970-01-20 06:32:25	Name: d Value: EHcBCQHJJoEA
.quantserve.com/	1970-01-20 13:53:03	Name: mc Value: 62c9733b-04b20-93eb2-66b9e
.casalemedia.com/	1970-01-20 13:08:25	Name: CMID Value: YslzO6p8edK9ztl6B7CKfAAA
.casalemedia.com/	1970-01-20 06:32:25	Name: CMPS Value: 1152
.casalemedia.com/	1970-01-20 06:32:25	Name: CMPRO Value: 1152
m.stripe.com/	1970-01-20 21:54:01	Name: m Value: 05d6693b-3ac2-4c82-9688-c6aff0727181d9649b
.www.sendgb.com/	1970-01-20 13:08:25	Name: __stripe_mid Value: 90b9781b-5891-4d32-a280-89629784b17da3e3dc
.www.sendgb.com/	1970-01-20 04:22:51	Name: __stripe_sid Value: 6cf0668c-da05-4b91-bbdf-66fc1d16c1ea23c228
.doubleclick.net/	1970-01-20 04:22:53	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 13:44:25	Name: IDE Value: AHWqTUmFLPos3R0g1k2jn0TrIakab9IUFkaGKJluW4YeBviZkItYvX2l7IMlp1HTb-w
.pubmatic.com/	1970-01-20 04:24:15	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 06:32:25	Name: KADUSERCOOKIE Value: A9543CD6-36FA-487C-AE78-B2F5C71CC40E
.casalemedia.com/	1970-01-20 06:32:25	Name: CMTS Value: 1128
.paypal.com/	1970-01-20 04:27:08	Name: tsrce Value: loggernodeweb
.paypal.com/	1970-01-21 06:39:37	Name: ts Value: vreXpYrS%3D1752063803%26vteXpYrS%3D1657371203%26vr%3De2ea1afb1810a7a07bf7aff1ff2611b2%26vt%3De2ea1afb1810a7a07bf7aff1ff2611b1%26vtyp%3Dnew
.c.paypal.com/	1970-01-22 00:10:49	Name: sc_f Value: Qrf3Rosx3wmmU3DQVlFsj3jZkiJnsbJKRaTO3nT1d4ey_z5O6oLlYiyYIdvp8aPnY6R1WthfoKa6uz9kcFa7AAM1aCD-bEbLpkJ3yW
.paypal.com/	1970-01-27 11:34:49	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: oT4skJN_o7owyXP2ZnWgGUkbyJP1SaDsUvtmpZF3iavUvPvviDnCal0lH4jNm5F0Rv9lDKvmbS_kJJAa
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY1NzM2OTQwMzQ4MyIsImwiOiIwIiwibSI6IjAifQ
.e.dlx.addthis.com/	1970-01-20 13:53:03	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:53:03	Name: na_id Value: 2022070912232400015077764181
.addthis.com/	1970-01-20 13:53:03	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:53:03	Name: uid Value: 62c9733c10bfeb6d
.addthis.com/	1970-01-20 13:53:03	Name: ouid Value: 62c9733c00014d808b3f8fa649ec3241fb6acb07961f0e5d712c
.dlx.addthis.com/	1970-01-20 05:06:01	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 05:06:01	Name: na_sr Value: 20220709
.dlx.addthis.com/	1970-01-20 04:22:49	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 05:06:01	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.sendgb.com/src/plugins/ion-sound/ion.sound.js?v=6.1.5(Line 9) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cc.adingo.jp
cdn.muicss.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
dub.stats.paypal.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
js.stripe.com
m.stripe.com
m.stripe.network
maxcdn.bootstrapcdn.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
q.stripe.com
rtb.openx.net
sendgb.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
t.paypal.com
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.sendgb.com
104.111.215.191
104.18.18.126
13.227.219.58
142.250.185.98
142.250.186.98
151.101.1.21
151.101.193.35
192.229.221.25
198.47.127.19
2001:4de0:ac18::1:a:2a
2600:9000:20eb:a600:19:7d10:bd80:93a1
2606:4700:20::681a:418
2606:4700:20::681a:4bd
2606:4700:3032::ac43:a9f7
2606:4700::6812:acf
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2008
2a00:1450:4001:801::2001
2a00:1450:4001:803::200a
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:400c:c1b::9d
34.98.67.61
35.186.253.211
54.148.100.42
54.187.159.182
54.64.217.203
64.4.245.84
69.173.144.138
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85
045fd8835ed178b2efd0711c1df1540fcf3d72651c9fe92247d7c6de43f01605
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0616bad6c2fcac05ee501c969bcde956164175cbe0b03c7d7695511aad88652c
0886d8101f7306cbc2dbfe95d574c6bf2e37f8a15b4a820974e43e4934a2f8be
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf8ccb23da9bebd5d893144a21f5cb7e4621aaeca10ece05c0e08b2b1161170
0e50eb5fc7780870856696c9b0f49eab82dcd16c85702113b6b160f8fdb4cb5c
106836ab0f8b9d70b6cc2f07a7203a7eac7e46bb22a96c8a4446559b141a52fd
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
168363136111e706b568a74673117fdffc52c2ad6832d6753ff2a2a91d134612
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183f376c66d61f213ed92fb71d2b0dd0591dc51f620265b6932f8a5c523357f8
1ac1fa8c871caac481a3d555f524d1fddf1fae74f1c860f06354ee324489962e
1d5d6a84e422162b752937ac706144ac9804bd0f25615198271cb787dea5299f
1f8252f61b26e0acddfe4ff023f9870b64380eb8f2965802ee7b849cb33dafd0
204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587
2592a03b65ea03708474b9ea74d6ad3738c124df64d49b6113584fde7f409417
25dd44ce52f5899b4214d668df8830cf43e1ab84e985adbcd38a8ec21139b23f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
287e135561cd4b5fb1ccf23481ad4a81167a7888d3d9a92b59f8a7e51fc9d1f7
29078882474d79afa53fce5c6571524bef414b65ffe6565466601bc1354dc8f7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c4f081d4c2e91121c22a0870475794c72d20427b726eff7d7e5533d5aecdc3f
2cdf01843b513efbec95706f4c28221b52ee8d2520e1351bad8d63555f705637
2d8eefcdc1bfeb18b92522aaa09710db97666de9aee4ecb20514eb4580bf3ced
2ec7cc14837eb13860245f8eeaa3848c6b63f5cec7e83e6be2ecc8906cfa21b1
31f5ec4cbe07f5cc35b55e8adee84ecdb253a39aaedc1e6fe077e32381f93356
345dda44c8a173eb352ba5f42f599d09c62338050825b9d271774d23a88fc8d3
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
4166306d4d4b781e96d0551dea10baa4aad7becf605abb1ceba2e4ccac3ab9ec
43cf7ecac2784d1439e854b88a12c3e6b2439c0481b670dc3065822ce48a1a94
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
4ad353c3ee40763bf8e0bc502a4a8853a2f039c4939805877fa0300d368bf5d4
4bf30ddd888c25e3ee55a8d75d4af44331af5c9bf70a2fcec7c820f9b076130e
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d4fcc55da9bb4d888c4427b41b6878c20a5cbe244e8f8c9fb0743a9b2ce03a4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5210f10cc2c733eec8d52d32767f69f520772562bbbd63ba8f6d7338a62eda69
54c21995b26d9c889a8ef2863c7bbc80be2a68ce94be86c75a13027e27598f74
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b5aaa671b04605b64f1cf1e82a0341e988f816b094e3d2e5250549da94a723
58cb6a78afc204b7165e947c965cbce6296ee0e587fbab3e12c0d2b6378e9004
5b7342dac6d3a1943e4e7f4136574ae766097ecadfea71d5d679ca7910800af3
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
72c99b1de87499b425e697b2e0e0a8e4e36363506c68e08a7e8d5db555c1db43
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
78613a6e5bab939b078feae691fb0661e2b2671dcce1b1be66517203b2a7b3b1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cc67bcb5f47d2a0494d9995a37eed6a9c6c8b6f9113394938b2bc1088cdd32a
7f8d0324fbc77a5bd7dedd1432090165bb8a891b6482b859bce22c9b1690ebc9
811bef5a48939b61f1df697cd53a84cf19f13365931fecc80b0ff27d9fd1d9ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
931743dece3a4a05e697f2998e9b5ec43ec5af765f481d3346e10af44ef1869e
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
94d927ba55402e39e5dcd5f7ae35e8003b3fdd8ea2d810c1d15ae7a7c71c02af
96e194b10e24dc030925d3a7ac2922b19e391d83e8cf8fd5615de8ae6418f8b0
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c59de3f066958064cc11195d4444657f7428f397c6555011dcbfacaffb754a4
9cc2ec0ea535d97760f7701b038db791199915c68c4c69d56f01d5b7161753de
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a255f7339be3cdca2906640eb20969717cc88e2acd8d7d0dbf2dac7a8069fdc7
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a85c68b65334deca20d94a75e37634861baf2604937f5d7234266c698801acfa
aa523b47c24d5499c0b3b89501c9aa0fc188889686decb326b99c6c3901e1743
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b8bdd7ea8be8313fbdcb25cb0bf1f9e8a751c9a94722bffa5be319ce24a5c86d
b91ba687f4714983a4ef374a515d8892f167f329e3d49d38ad587300a2b95986
ba5a0b541af8b1879049dc4662e53c76916d46f26b570101a8eff8af1c1fb902
bdde722fbbfdedcfde7448f989088e5e8b5669a3d36ece741548a33a45085052
c1339adea77a3d4ab0ced682cd21324f6f968b2ecccba3f6170af1faee53219d
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6c58370e5fd9f79d632e916a4741184191c3dfa7adc2ec725baa69e91ab5b47
c9b58de5aa4861b6860edfc1f38702e3603ab83ca3cd97bfa2b3be9bff5838e5
caa761f345bab156984d7a0a5c51062cbc19dbecf61dc28a7972756bda9dc914
cb15eaafd6e16f22aa73ca629bed0db49314681299f9a32d65bc5f07d649b876
d2c051726cd5924188b232e3c6a4b514a0e0c48f668c5752f3aebcc3b4d33ee2
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
e536b2ee36ad4b77d1bb169e1785b58f3bf57f775eed4a051193b3a428dc8baf
ee29820a6a9e47931877622d5fca85eaa431e3d9b5a64b4c4c4e69deca154872
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5b05ea7cff0bc256a1117fd2b67a1ff4ba90aec2363956df191c576a696e09e
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
fe44acaad81496bc89732f68b5ee7b1bb5a3dd5564dcc26672a6a1bddce0da95

www.sendgb.com Open in urlscan Pro 2606:4700:20::681a:4bd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

94 %HTTPS

54 %IPv6

27 Domains

42 Subdomains

32 IPs

6 Countries

2066 kBTransfer

6101 kBSize

42 Cookies

11 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sendgb.com Open in urlscan Pro
2606:4700:20::681a:4bd Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

94 %
HTTPS

54 %
IPv6

27
Domains

42
Subdomains

32
IPs

6
Countries

2066 kB
Transfer

6101 kB
Size

42
Cookies

155 HTTP transactions
3 data transactions