urlscan.io logo urlscan.io
SecurityTrails logo

ladybirdar.com Open in urlscan Pro
2606:4700:3037::6815:18db  Public Scan

Go To Rescan Add Verdict Report
URL: https://ladybirdar.com/
Submission: On September 12 via manual from AE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 11 domains to perform 87 HTTP transactions. The main IP is 2606:4700:3037::6815:18db, located in United States and belongs to CLOUDFLARENET, US. The main domain is ladybirdar.com.
TLS certificate: Issued by GTS CA 1P5 on August 11th 2023. Valid for: 3 months.
This is the only time ladybirdar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

23    2606:4700:3037::6815:18db (United States)

ASN13335 (CLOUDFLARENET, US)
ladybirdar.com
16    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
15    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4010:c05::78 (Finland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    64.233.166.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f154.1e100.net
bid.g.doubleclick.net
2    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:401e:28::7 (Ireland)

ASN15169 (GOOGLE, US)
r2---sn-4g5ednsr.c.2mdn.net
Apex Domain
Subdomains		 Transfer
31 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
403 KB
23 ladybirdar.com
ladybirdar.com
231 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
bid.g.doubleclick.net — Cisco Umbrella Rank: 930
135 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
78 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
imasdk.googleapis.com — Cisco Umbrella Rank: 521
135 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1308
r2---sn-4g5ednsr.c.2mdn.net — Cisco Umbrella Rank: 623184
2 MB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1180
www.googleadservices.com — Cisco Umbrella Rank: 156
610 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2541
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
114 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
133 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5643
408 B
87 11
Domain Requested by
23 ladybirdar.com 1 redirects ladybirdar.com
16 pagead2.googlesyndication.com ladybirdar.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
15 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
8 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 csi.gstatic.com imasdk.googleapis.com
4 fonts.googleapis.com googleads.g.doubleclick.net
2 r2---sn-4g5ednsr.c.2mdn.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.googleadservices.com googleads.g.doubleclick.net
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 www.gstatic.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 www.googletagmanager.com ladybirdar.com
www.googletagmanager.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.gstatic.com fonts.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de ladybirdar.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
87 20

This site contains links to these domains. Also see Links.

Domain
ranktok.com
www.facebook.com
www.instagram.com
youtube.com
www.tiktok.com
t.me
twitter.com
Subject Issuer Validity Valid
ladybirdar.com
GTS CA 1P5		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-08-29 -
2023-11-07		 2 months crt.sh

This page contains 14 frames:

Primary Page: https://ladybirdar.com/
Frame ID: 4402A9F894623014E23CD5A24BF49A3C
Requests: 37 HTTP requests in this frame

Frame: https://ladybirdar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
Frame ID: 3083F12A101C2B2C2EC140B86A992E1E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html
Frame ID: 3686D5157431EAFCAA49F4AB97923AB3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&adk=1812271804&adf=3025194257&lmt=1694496204&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fladybirdar.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404407&bpp=4&bdt=297&idt=303&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8680381221685&frm=20&pv=2&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=324
Frame ID: 023F5D6D933E54857B1C8DE94A4B9F2B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Frame ID: 5DA233CFB2C81303FFF37D841BD0FF8B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0DEC3A6A1667151649817D9FDA06C7FC
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1CA5911F1F90B0A461E2B6A024151CF9
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js
Frame ID: BBB54A5FF7E62E51E6B82EFC016D9F60
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 186C98CEACB99D12EE4B10A30C899005
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8DE3FFED6D58D47EAD6A9274C31F407F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: FC0A4EE07B433CBA4237455DD6E66AA2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 2C92B553E239F5E28C0FE40EE5E1C3E3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 41107CD01C7F856B26981BB6FD170B91
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 746953B626AF82D863FED4D494539AF0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ليدي بيرد - موقع التهنئة الأول عربياً

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

87
Requests

97 %
HTTPS

90 %
IPv6

11
Domains

20
Subdomains

20
IPs

5
Countries

3387 kB
Transfer

5441 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://ladybirdar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://ladybirdar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
Request Chain 61
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CTvyv7BEAZbz0M6eAi9YP6vifwA613P62cvirjbaREt2a99yRDhABILyriiNglcKmgrAHoAG6_Yi_AsgBAakCpugbxwIIsj6oAwHIA8sEqgTTAU_Qz5f1PE5gpTmeEp42YQ96pf4CUqQu5eVLwkq-vocAOY8uPDTRbok3Wq9gVmAIpDBOfLNeDrlOfHHJn6TRmUkpovA0QLXd6LMzHCsReJn0JWz6Yxa46PpA1FabHAusp3jjmOxYqY3q4sCvPEDzSd6otJtAkklez586xGhlvXjM0BcJqmhxGLiZfKzArPyq5mmilMm8eCxhYMJu1s2biN7c0OHEptko1_HkPJilNZGM2PooQZ3LJvbmoodWvMJQ4I2r6bIpWpRQ1rHuksVb9ny-TZrABKG1m629BIgF6cffnkySBQQIBBgBkgUECAUYBIAHjuTRwAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCa5BvSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mglMaHR0cHM6Ly9tb2JpbGUuMXVuZDEuZGUvc2Ftc3VuZy1nYWxheHktczIzP2FjPU9NLlBXLlBXcjQzSzQwODA2MVQ3MDczYSZtcz15dIAKAcgLAdgTDtAVAYAXAbIXHAoaCAASFHB1Yi05Nzc0NTY2NDMzMDUzNzY1GAA&sigh=gDcDsjuab0U&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW12LJ339M9RVd-zMYWLdNsTMVqNGnChgB&template_id=5028&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212590759866246060190%22,%22debug_reporting%22:true,%22destination%22:%22https://1und1.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22669138618%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216677453714900607025%22}&andc=true
Request Chain 70
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 74
  • https://gcdn.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726039406/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A4117AF179A3AC36BEA3B0715909B431770B77ED.5CED2F46CE151AE019E081AFB85A913022E5B813/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726039406/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6C8D742EB2968663D106B241AD3117897077A46A.147C3F2CC8455F59363A1A13215D9BEFB11C5D97/key/cms1/cms_redirect/yes/mh/C5/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1694503031/mv/u/mvi/2/pl/36/file/file.mp4

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ladybirdar.com/ 		163 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Rocket/3.12.0.3
Resource Hash
3e10d8433569a401c8f0cdd8edb73106d540b02bc025922f7bc6b7fab6d00098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, public
cf-cache-status
DYNAMIC
cf-ray
805667a33a5e372f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 12 Sep 2023 07:23:24 GMT
expires
Tue, 12 Sep 2023 07:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8D4TjnXYh1I0WmSociAvU2mn6e9vNyxEmR3XCntfkLSWzSy2EAb4og0wb0Bwtl3pLG4PtrIW46KVmatLwXe827m4%2B9%2B%2FbzfY%2FsMlL0rpIAxRLZtrlaxvQQiKn5j0grAtvR7%2FCOpEfJ2hLGLJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-powered-by
WP Rocket/3.12.0.3
x-server-powered-by
Dimofinf INC
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9774566433053765
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c0f8242f10ce7da3f33aaf48c8f7b95d3806f337851a2286d9371661773a039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ladybirdar.com/
Origin
https://ladybirdar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50687
x-xss-protection
0
server
cafe
etag
6084865213045184778
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 07:23:24 GMT
eaa-styles.css
ladybirdar.com/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/css/ 		763 B
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/css/eaa-styles.css
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c53a78aa78c129596570e6919f034004d73ae707a6c5955ab2b360e31afbb38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227556
cf-polished
origSize=1006
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
cf-bgj
minify
last-modified
Sun, 15 May 2022 16:31:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtG8Bo0372vUyBVRRIiFt1VMTk2z5WznPDWV55Gv9ntowjrjbE2rAdSDXgf8DGzOT%2FE6Nwg%2FRykeAkquRwX3zALWXeIjeF2gKVs1Y3c5yaVIGNiu7NN4W7cfEm7ojx9FWG9m77Bb2bm5jfqieg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
cf-ray
805667a3faf5372f-FRA
expires
Mon, 09 Oct 2023 16:08:10 GMT
classic-themes.min.css
ladybirdar.com/wp-includes/css/ 		291 B
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/wp-includes/css/classic-themes.min.css
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227556
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sun, 23 Apr 2023 15:50:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwMSRy7uxrXQMrXlNID%2F8tdUD1h97QI%2FLAHv9o2qIi0KpDYuvlJWyzXQfBkEUbR9XD1Z26r36pvWVQch2CaaESTYiAm9iwF068PdXwCfLn6Boj%2FB809GBRfpfeIGMsLzfVcdlJcXPbwAB58qAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
cf-ray
805667a3faf6372f-FRA
expires
Mon, 09 Oct 2023 16:08:10 GMT
style-rtl.css
ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/css/style-rtl.css
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6716b46f45f2331bbeb02ba36e388539d8bd6cca9f0038220a75b9712f9026ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227556
cf-polished
origSize=32574
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
cf-bgj
minify
last-modified
Wed, 01 Feb 2023 18:06:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejR3WjPOru4bGfkpPKM2%2BTDizWYGsLZRURVo4Gv7L24mmgh9fJbqa6K%2FWzl77V6yqwQIpnEwvl9oXrwIVoUX7Rx%2BMGvl7AfIUs3QVxyRL69uKmsAmafCe8NgdfzKCAxtjqdY3vR5rXTSViQ2KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
cf-ray
805667a40b12372f-FRA
expires
Mon, 09 Oct 2023 16:08:10 GMT
glide.core.min.css
ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/css/ 		843 B
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/css/glide.core.min.css
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6765981015a3543a5d5d9c1e2c9a06e05f7bd2a0610842adf426a11abcf928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227556
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Wed, 01 Feb 2023 17:36:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNlvzN9Ng7DgHWYlStaYyKhvoMKP7fEbFwEhiICnG7XRDbZjrRse1no7VMOvi%2FwKZ3ppa89KGU53OIA16v%2FesDE7uid100A7VS5bsx%2FM0ExCfW2NoWX9tCX3E5WpBkaDevB2tZaDwatCY1y28g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
cf-ray
805667a40b13372f-FRA
expires
Mon, 09 Oct 2023 16:08:10 GMT
jquery.min.js
ladybirdar.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227556
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sun, 23 Apr 2023 15:50:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJqzNqIMGn3cmCrOAG2AX7MCYB1i7Bj804k1mHiMRy15L4scBuTTiXk%2Fuy72COjRYY8nNedgPG8SrUDpmGn7034BNUeirar1nSdJ0fwfekjxPzTBmVsv%2BJS6uLCJmVmszjJbY7zDgjf%2FuIZuew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
805667a40b14372f-FRA
expires
Mon, 09 Oct 2023 16:08:10 GMT
jquery-migrate.min.js
ladybirdar.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227556
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sun, 23 Apr 2023 15:50:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuV6xh2rJwaytFRtFu4gw9cmtsFsXADyU0GyxFxZ1pOVgMdHU2mtk3eSMlx2VpLFFH%2B9ffV7wd7GYeuJtwL94CBnfL24BZm8CWMx%2BPGAND8efzb5LBC0RIJBOy73OTqJAF6XHgDd6Ujz1a0bLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
805667a40b15372f-FRA
expires
Mon, 09 Oct 2023 16:08:10 GMT
eaa-scripts.js
ladybirdar.com/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/js/ 		679 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/js/eaa-scripts.js
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c421fa94220ecc78ab2044859a8b3bf54380a2dafded1a9f74fb84733b7921bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227556
cf-polished
origSize=886
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
cf-bgj
minify
last-modified
Sun, 15 May 2022 16:31:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hqmj98zQNspPJEBDgC7a3zgBQrFJm2x81KaHlkQODs7VXnZgXumuAq1vk9bJb2nOEhMQ1i%2F0BF92RXa2MqobqiAA9UQ5m5p4D3TGfiVH%2BpAFO1ogXTj969hIMkQ1Vw%2BIgf3OWvtMVhv3CnT8Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
805667a40b16372f-FRA
expires
Mon, 09 Oct 2023 16:08:10 GMT
ArabicUIText-Regular.woff2
ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/fonts/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/fonts/ArabicUIText-Regular.woff2
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f1b83962daef585d8564ffe313a959c97864f083447b921d3312387d7376c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227686
alt-svc
h3=":443"; ma=86400
content-length
55720
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Wed, 01 Feb 2023 17:34:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4kL2y5byF40Yd7lFfEQefhcmywDlqaHnMFLpCByQhb5Kpt9N05Z12hRe1y7mALfjBP1%2BMm6AOzEUvEyYzoUNo2eGDhONLjr6j78dpy9y7GH6JZyx%2B6j3kep5EYxIpUrpq5%2F9wUzXD3yit%2F6Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
805667a40b1a372f-FRA
expires
Wed, 08 Nov 2023 16:07:52 GMT
gtm.js
www.googletagmanager.com/ 		121 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MRGH3D3
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc4eded90d3401c89025225e709609b584407aa932e668ff10a930195e8c3618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47965
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Sep 2023 07:23:24 GMT
script.js
ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/js/script.js
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de199fdc39a08b5ca433d02befebe64e1351592060245eaace624f2b18d5c827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2386359
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
cf-bgj
minify
last-modified
Wed, 01 Feb 2023 18:06:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtZLYb4JIjs093%2BlSaT5fjUrSPTkRJAMHccMUj01CBBqgBx7E0BDLQlC8qKPFzfRJ3exhiz4UcvEhhvLrMqKDFhLrzRXtDucuZ%2B%2F0yDZ%2BBZJr0P1kKYn0vFkRldHWArA9vD%2Bx%2BQvbfUdn7izgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
805667a41b22372f-FRA
expires
Sat, 09 Sep 2023 16:08:09 GMT
glide.min.js
ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/js/glide.min.js
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076308544539911152f6057af008763c7ed4133e204f640c4283c08d6307cf0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2343587
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Wed, 01 Feb 2023 17:36:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3UUjy0T%2Fa7ZE3ycBjr7P4JUoWWCI8jnTdKBhAT4RDLL5Oq6WyIQ5azT%2F3X65f2thboNmTKwtmxtJE4aefDs9ixztsFqQ93qkEaPf%2B8WL%2FUHKTpknYC4VKAdWQRReRj3lFG8auxLtB0uqnFb1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
805667a41b24372f-FRA
expires
Sat, 09 Sep 2023 16:08:25 GMT
lazyload.min.js
ladybirdar.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227357
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Thu, 20 Jul 2023 14:55:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnxKwIHFVWmwE0kiREJWOouEPmQqqNgYoK896MGOr6wbDlEUzoCofIYUFig%2FONo0Nx%2BGIR7V0Q3B7uFR%2Bs3WNZgfMTMsxE%2BBALE3qUxcMTsZ3ZVpQa8CThl1c3qq31bGQy4CEsZk8RyBGp9clA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
805667a51a859951-FRA
expires
Mon, 09 Oct 2023 16:14:07 GMT
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7169e998026d94513dfd744cbb38690804909e78e9dfcabe53c5060efa3ea5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bc493cb89e2940671ffb16b6640bd5f1e32680e5a23a7567476b769fad6f829

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
search.png
ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/img/ 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/img/search.png
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/css/style-rtl.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9000298b2c6fd96c151092909a03b0000712be7001d4f9d7a82362e7397a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/wp-content/themes/ladybirdar/assets/frontend/css/style-rtl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227724
alt-svc
h3=":443"; ma=86400
content-length
756
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Wed, 01 Feb 2023 17:34:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gu0h4FNZ8cKPz6ixwLvsxIqvrB4dJGhgGfFprhPZaFso2tpaA7jXvYSX7fzUhKBRGmcdnQtYODdyiIFRtemZYTqjVDH9Ysj6p5pT7p4R%2F9sRrnRcnPlf2hOF8XbKvOj1fWrQAVn6KMZN0w0gPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
805667a51a899951-FRA
expires
Wed, 08 Nov 2023 16:08:00 GMT
main.js
ladybirdar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/ Frame 3083
Redirect Chain
  • https://ladybirdar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://ladybirdar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ff10d62a444638bc53c26521817308b108c03ca548d9ce13971b2916c94c3df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39BdGPNpuDj2BMHvp3E48Hm6VvYdBPTKpdPg4VgSLIsJ8h85sMlCYSP2pPzuTIq2SzVGZxxFPSxrDEhT3N3vYMW6q7tKLl9O%2B0X5YsdBQeuuScyjepPi1WWrj5TlS8rf3X5JxVNduuB3slShFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
805667a56ae29951-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 12 Sep 2023 07:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cSYVRvmUxaVtIcmArQ%2BAm64KY5lhC9A%2FsGN4B2Y1zN3zTcpG9yAMuCTktK4NpPOsELsUUfUMWpUIR2JgACXa0EXyvuPeHxyYXnErFhH8OrkxhN1eMBcTbtmm5GnL21d9Q4IjOcAVURVuStaLw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
cache-control
max-age=300, public
cf-ray
805667a51a8e9951-FRA
alt-svc
h3=":443"; ma=86400
ladybirdar.com-logo-2.png
ladybirdar.com/wp-content/uploads/2022/09/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ladybirdar.com/wp-content/uploads/2022/09/ladybirdar.com-logo-2.png
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8227a03d29b6c6fcb6312de924d565a4f87c6a01d8b726ccbc5e9d50bc0cc8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
227724
alt-svc
h3=":443"; ma=86400
content-length
7635
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Fri, 09 Sep 2022 13:15:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwjXtxAUy6GT5NY20L%2BlM1Afsle4Xie7SHjvvEvhdRv3UKSmpcW%2FiBMDcfpGjfJfgvdbZpfvFjff20L%2FprakQz38jp5%2FVVpnUn3qzWr9RniIXV%2FKPRqDmFbby7curl3KitxZ6UHDtoO%2BNeAO6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
805667a58b059951-FRA
expires
Wed, 08 Nov 2023 16:08:00 GMT
%D8%B9%D8%A8%D8%A7%D8%B1%D8%A7%D8%AA-%D8%B9%D9%86-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-202x128.jpg
ladybirdar.com/wp-content/uploads/2021/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ladybirdar.com/wp-content/uploads/2021/09/%D8%B9%D8%A8%D8%A7%D8%B1%D8%A7%D8%AA-%D8%B9%D9%86-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-202x128.jpg
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
679760151eae88cd89ee7c9a6291f09e74272eeb1d0cbc9393185de3dc28a7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454014
alt-svc
h3=":443"; ma=86400
content-length
7886
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sun, 19 Sep 2021 15:03:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ynrh73U%2FF8yXAhgNMLuIdybZQDQP72ex33shFIPWBAysq3M9XTB3yzwrvk9aatVcQuRN726o2ZpQeJp1ywhYR6IESQ71HCAwSRTVh9jmlUJD6D8p72kwLpdlb1P8%2BtGbPPsv5dWtdg8HS8trPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
805667a58b0a9951-FRA
expires
Mon, 06 Nov 2023 01:16:30 GMT
%D8%AA%D9%87%D9%86%D8%A6%D8%A9-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-%D8%A8%D8%A7%D9%84%D8%A7%D9%86%D8%AC%D9%84%D9%8A%D8%B2%...
ladybirdar.com/wp-content/uploads/2021/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ladybirdar.com/wp-content/uploads/2021/09/%D8%AA%D9%87%D9%86%D8%A6%D8%A9-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-%D8%A8%D8%A7%D9%84%D8%A7%D9%86%D8%AC%D9%84%D9%8A%D8%B2%D9%8A-202x128.jpg
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58048e54975295c1b5ca1374263f6eb85ddcab2440f9ff98bfb90e1c4e45b5c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
476001
alt-svc
h3=":443"; ma=86400
content-length
8116
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sun, 19 Sep 2021 15:19:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGPXduf2sjMdzn2GBLpx89Mj61n4esgPrnkpw3UbWJgNpypu%2FrPBBSjjVamxdiX%2BQJkQhWEMm4HR20egdg%2FYs9N8BLaVBCLJIJoH3xscbs4ZyfUPF37SufbHnDrO%2FO6QoJNSc6m51npey7cNXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
805667a58b0b9951-FRA
expires
Sun, 05 Nov 2023 19:10:03 GMT
%D8%B1%D8%B3%D8%A7%D8%A6%D9%84-%D8%AA%D9%87%D9%86%D8%A6%D8%A9-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-202x128.jpg
ladybirdar.com/wp-content/uploads/2021/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ladybirdar.com/wp-content/uploads/2021/09/%D8%B1%D8%B3%D8%A7%D8%A6%D9%84-%D8%AA%D9%87%D9%86%D8%A6%D8%A9-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-202x128.jpg
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2acfd941a4643821536a7e3d78494f1b12ea7a6ecd8e6e456e2bd5e9535fde46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
333720
alt-svc
h3=":443"; ma=86400
content-length
8944
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sun, 19 Sep 2021 16:40:30 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZolwjJ6O1yNjZ64dHBWsd4cahCTwDc7SgB9DRiaGDmdlLNQ4gh593Ck8nF8Q0w45WTlA9kRre%2BLyePhZRpmhqhDmPfCXfHaUNBFRt3AQXpcRFPr%2FNE9ifRCsfNgNiRCgl5%2FTPuJpozHaUGO0SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
805667a58b0e9951-FRA
expires
Tue, 07 Nov 2023 10:41:24 GMT
%D9%83%D9%84%D8%A7%D9%85-%D8%AC%D9%85%D9%8A%D9%84-%D8%B9%D9%86-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-202x128.jpg
ladybirdar.com/wp-content/uploads/2021/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ladybirdar.com/wp-content/uploads/2021/08/%D9%83%D9%84%D8%A7%D9%85-%D8%AC%D9%85%D9%8A%D9%84-%D8%B9%D9%86-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-202x128.jpg
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f59392f2afec49a966046e85f3f63206f086494fd93f5a47c61f23f3d885a70a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
318483
alt-svc
h3=":443"; ma=86400
content-length
10787
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sun, 19 Sep 2021 16:43:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00%2FTO2DFd8vwRgoEoo4FgScWFGKrkb%2Fpp89zBDl%2B%2FvUD8TirXshGivp12nLSo%2B6F01uoQc8OC%2BHBiWROrLpGp8uIBy4M7dSXWMso02GUauFY71nvVVkQv8rBifKEwl3SgyRanZUvhz8MFVCYYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
805667a58b0f9951-FRA
expires
Tue, 07 Nov 2023 14:55:21 GMT
%D8%AA%D9%87%D9%86%D8%A6%D8%A9-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-%D9%84%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-202x128.jpg
ladybirdar.com/wp-content/uploads/2021/09/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ladybirdar.com/wp-content/uploads/2021/09/%D8%AA%D9%87%D9%86%D8%A6%D8%A9-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-%D9%84%D9%84%D8%AD%D8%A8%D9%8A%D8%A8-202x128.jpg
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d907f7fa5a6db8db91fe3380e5927c795c789675af637b5bca12281d9a00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43272
alt-svc
h3=":443"; ma=86400
content-length
9395
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sun, 19 Sep 2021 15:06:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87xFzx040ptXzFCUYxNzhuR83C6BvYwJE8Pe024rR1JW2NASL16S1p%2BnSKm2vaZ%2F7IxNMQbHO0l5lqarj6zsVWKu0BpCno3Hp1bHoFC0djaBD%2Fi%2B%2B%2FrdG7oMj3OI8wEg%2BpqL47bjo7iO%2FxW%2FPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
805667a58b109951-FRA
expires
Fri, 10 Nov 2023 19:22:12 GMT
%D8%B9%D8%A8%D8%A7%D8%B1%D8%A7%D8%AA-%D8%B3%D8%A7%D8%AE%D9%86%D8%A9-%D9%84%D9%84%D8%B2%D9%88%D8%AC-202x128.jpg
ladybirdar.com/wp-content/uploads/2017/06/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ladybirdar.com/wp-content/uploads/2017/06/%D8%B9%D8%A8%D8%A7%D8%B1%D8%A7%D8%AA-%D8%B3%D8%A7%D8%AE%D9%86%D8%A9-%D9%84%D9%84%D8%B2%D9%88%D8%AC-202x128.jpg
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c647315cced82ea4e609f7586ab66473dd4931822235e08c333bd618009a5e8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
x-server-powered-by
Dimofinf INC
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50459
alt-svc
h3=":443"; ma=86400
content-length
9444
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Fri, 12 Mar 2021 13:17:02 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwojEALTN8tQge8xid1Ae%2BdGS2vhIlwCFL50Is%2BgB0WBVaxU3bzgiu5Td89E%2F2eo5%2BUgi1UK2lrelcvdacXpQDBxK9OY60kIK0YLUZdjtug92c2Emg9fx6axoLBJQY6rPm2KQnEX0nKo%2Bh8zfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
805667a58b119951-FRA
expires
Fri, 10 Nov 2023 17:22:25 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9774566433053765&plah=ladybirdar.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9774566433053765
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bd212676d8febe51c472cb975a7216aadcca6784e5b21f0a1b195d702bab1ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131798
x-xss-protection
0
server
cafe
etag
10655077443450080109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 07:23:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/ Frame 3686 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9774566433053765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ladybirdar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80282
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 09:05:22 GMT
etag
8554266389219770021
expires
Mon, 25 Sep 2023 09:05:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
805667a33a5e372f
ladybirdar.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 3083 		0
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ladybirdar.com/cdn-cgi/challenge-platform/h/b/jsd/r/805667a33a5e372f
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:18db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvaefh2IdV%2BOYP84iUVOHrGhQnYNlJAhtmbv6PECzOAgVl4hT15ipS0aarZs3fPrDk9anPlFkD4o1pdmQN83hlpPsRD4%2FDbVEN%2B3CB0baPB9fEcn8VivYScrz6KC5gXcrraa5edZNZBjwXR17g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
805667a67c169951-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		250 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RTEKD3YTDD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRGH3D3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56317d7ffcfb36a994c4f92235b04dfe2323e318908424367f08ac4ea0be43f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87850
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Sep 2023 07:23:24 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RTEKD3YTDD&gtm=45je3960&_p=1692306404&_gaz=1&cid=1596567122.1694503405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694503404&sct=1&seg=0&dl=https%3A%2F%2Fladybirdar.com%2F&dt=%D9%84%D9%8A%D8%AF%D9%8A%20%D8%A8%D9%8A%D8%B1%D8%AF%20-%20%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%AA%D9%87%D9%86%D8%A6%D8%A9%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D8%B9%D8%B1%D8%A8%D9%8A%D8%A7%D9%8B&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RTEKD3YTDD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ladybirdar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RTEKD3YTDD&cid=1596567122.1694503405&gtm=45je3960&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RTEKD3YTDD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ladybirdar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RTEKD3YTDD&cid=1596567122.1694503405&gtm=45je3960&aip=1&z=209117551
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		395 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ladybirdar.com&callback=_gfp_s_&client=ca-pub-9774566433053765
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9774566433053765&plah=ladybirdar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99387e6d53675273c4ddaa04812e31906ca65dc4f334955b7bd5b92fc0da5296
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 023F 		292 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&adk=1812271804&adf=3025194257&lmt=1694496204&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fladybirdar.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404407&bpp=4&bdt=297&idt=303&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8680381221685&frm=20&pv=2&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=324
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9774566433053765&plah=ladybirdar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3120ed376db3e812ca6634ce5999705d130c1a0a744deb32530ecf847e82556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ladybirdar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
69720
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 07:23:25 GMT
expires
Tue, 12 Sep 2023 07:23:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=eaa_sticky_ad_bottom&cls=eaa-wrapper%20eaa_sticky_ad_bottom%20eaa_mobile&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5DA2 		97 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9774566433053765&plah=ladybirdar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd4fef5a803f5e7807ee4fb01ce83dabac39db7d5cbc170617d9282f27724bf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ladybirdar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
36146
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 07:23:25 GMT
expires
Tue, 12 Sep 2023 07:23:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9774566433053765&plah=ladybirdar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ac481dea57f2fbf5822c5c2849df3c63d37c6420c9501532590ab4a1051e9c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53662
x-xss-protection
0
server
cafe
etag
14418101054176225756
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 07:23:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&hl=ar&pvc=4487308119799822
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=pfeofe&evt=place&vh=1200&eid=44787782&pos=AUTO_PROSE_BOTTOM_ANCHOR&vpt=DESKTOP&pvc=4487308119799822
Requested by
Host: ladybirdar.com
URL: https://ladybirdar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame 0DEC 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9774566433053765&plah=ladybirdar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ladybirdar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
65114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 13:18:11 GMT
etag
8554266389219770021
expires
Mon, 25 Sep 2023 13:18:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame 1CA5 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9774566433053765&plah=ladybirdar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ladybirdar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
65114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 13:18:11 GMT
etag
8554266389219770021
expires
Mon, 25 Sep 2023 13:18:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 0DEC 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Sep 2023 07:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 05:43:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Sep 2023 07:23:25 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/elements/html/ Frame 0DEC 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 18:51:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
45126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6551
x-xss-protection
0
server
cafe
etag
511223485441000916
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 18:51:19 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/elements/html/ Frame 0DEC 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 18:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
45920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 18:38:05 GMT
css
fonts.googleapis.com/ Frame 1CA5 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Sep 2023 07:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 06:25:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Sep 2023 07:23:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame 1CA5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 17:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
49622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 17:36:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 1CA5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
38303
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 20:45:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 1CA5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 17:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
49622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 17:36:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1CA5 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 07:23:25 GMT
1c0c92110fea9bdf1302b7cf16d857ac.js
www.gstatic.com/mysidia/ Frame 1CA5 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 16:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15112
x-xss-protection
0
last-modified
Wed, 06 Sep 2023 19:29:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 16:19:52 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame BBB5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 17:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
49622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 17:36:23 GMT
css
fonts.googleapis.com/ Frame BBB5 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Sep 2023 07:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 06:14:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Sep 2023 07:23:25 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame BBB5 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 19:19:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:38:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 19:19:43 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame BBB5 		368 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:31:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130842
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:38:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Sep 2024 20:31:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame BBB5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 17:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
49622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 17:36:23 GMT
css
fonts.googleapis.com/ Frame 5DA2 		9 KB
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4357480eb37bae9db3f92e201944795e820fd28cf4815ded5000b59573012c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Sep 2023 07:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 06:02:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Sep 2023 07:23:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame 5DA2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 17:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
49622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 17:36:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 5DA2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
38304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 20:45:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 5DA2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 17:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
49622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 17:36:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DA2 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 07:23:25 GMT
1c0c92110fea9bdf1302b7cf16d857ac.js
www.gstatic.com/mysidia/ Frame 5DA2 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 16:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15112
x-xss-protection
0
last-modified
Wed, 06 Sep 2023 19:29:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 16:19:52 GMT
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 186C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:51:06 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 5DA2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CTvyv7BEAZbz0M6eAi9YP6vifwA613P62cvirjbaREt2a99yRDhABILyriiNglcKmgrAHoAG6_Yi_AsgBAakCpugbxwIIsj6oAwHIA8sEqgTTAU_Qz5f1PE5gpTmeEp42YQ96pf4CUqQu5eV...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212590759866246060190%22,%22debug_reporting%22:true,%22destination%22:%22https://1und1.de%22,%22event_report_window%22:%222...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212590759866246060190%22,%22debug_reporting%22:true,%22destination%22:%22https://1und1.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22669138618%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216677453714900607025%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:26 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"12590759866246060190","debug_reporting":true,"destination":"https://1und1.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["669138618"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"16677453714900607025"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Sep 2023 07:23:26 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Sep 2023 07:23:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12590759866246060190","debug_reporting":true,"destination":"https://1und1.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["669138618"],"4":["09-12"],"6":["true"]},"priority":"500","source_event_id":"16677453714900607025"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8DE3 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
912
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 07:08:14 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5DA2 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5DA2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c996dfdacb1759877a24993afb1269eb69813a8886b9662ba405cdc44c8d384

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 5DA2 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 09:02:59 GMT
x-content-type-options
nosniff
age
339627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 09:02:59 GMT
csi
csi.gstatic.com/ Frame BBB5 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lmfzks1y&c=3375894633896&slotId=1687947316948&qqid=CPvSkIzFpIEDFWsBrQYdLgEPfQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c05::78 , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BBB5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ct_ic7BEAZfusM-uCtOUProK86Ae4vMWyce6BrIi6Eb_Zor3AARABILyriiNglcKmgrAHyAEFqQKQ6FFACQWyPqgDAcgDmwSqBPMBT9BrXvzeMeq24eztY5DC6PGeF7QXOiKAHG6dG-6UOl7RlSCDdAjGgfyajKoX2i4mO6cYICKb4yeUAEYU42Xy-WP3GevQAXJHtbMCbNcNLI57Q14M-GAR4E3p6Zy_oX1EPa0HhtOpFQT-xqXiIxiU18JIwIWSHwZqxqEcpSYnb3-4fmZnvrG06iBbZogRzV2IRK2lNVLvSCuzJy9wkV5uhYjeRQsLsf7dkdr8bnkCyYzaOFsWX0hTUl34DDhdsAbuoURMqqUyAQsmT_Bs2IS29CMsAMRGIffWfQimQR-wGFG1SGPZodA0xmNh-j155779sUZhwATh95yIvATgBAOIBeeL79pLkAYBoAZ2gAfYjuu-AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE7bD9hPIE-rlleMD0BMA2BMKiBQH2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1694503406095&ai=Ct_ic7BEAZfusM-uCtOUProK86Ae4vMWyce6BrIi6Eb_Zor3AARABILyriiNglcKmgrAHyAEFqQKQ6FFACQWyPqgDAcgDmwSqBPMBT9BrXvzeMeq24eztY5DC6PGeF7QXOiKAHG6dG-6UOl7RlSCDdAjGgfyajKoX2i4mO6cYICKb4yeUAEYU42Xy-WP3GevQAXJHtbMCbNcNLI57Q14M-GAR4E3p6Zy_oX1EPa0HhtOpFQT-xqXiIxiU18JIwIWSHwZqxqEcpSYnb3-4fmZnvrG06iBbZogRzV2IRK2lNVLvSCuzJy9wkV5uhYjeRQsLsf7dkdr8bnkCyYzaOFsWX0hTUl34DDhdsAbuoURMqqUyAQsmT_Bs2IS29CMsAMRGIffWfQimQR-wGFG1SGPZodA0xmNh-j155779sUZhwATh95yIvATgBAOIBeeL79pLkAYBoAZ2gAfYjuu-AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE7bD9hPIE-rlleMD0BMA2BMKiBQH2BQB0BUB-BYBgBcB6BcF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BBB5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lmfzks28&c=3375894633896&slotId=1687947316948&qqid=CPvSkIzFpIEDFWsBrQYdLgEPfQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.122&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c05::78 , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame BBB5 		29 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B0YfB4azu_RmRLwFOvUpkZIwCNshlieA-qp2mxVFYOfQnXca797UdW6c5gjk5Li5-wnyBIeMi4BL5ZQ7kl04Kr6gTHRA&cry=1&dbm_d=AKAmf-CX0AF-Tb9BF8Ct0eF6RTA_9HHi9KF31UesKxHiUXxyR4VcNi6JrzNNAvl09ucabir4QybHZV7Mfp5-eX-ckcjGOo5OOeWfUIREdl_4x_CAFapSkr59j-41H_ApSpoLOHZTYkwd1TylkEy4vu_0hh0dRQPC98NUj7RqDoJ3FNbYeS-3QghdzoY16E8XufrCbLLGokeezVo2MnKw8gmK-yFjuNfiD-FvPEUNMOK51rhWQ9sxwY_vgxyFJjs5oDLFImQs7Qa6ufzur0yjj9FormCkXzDsYbzQuf2iK0h9ym_PUv3pGEJJzf-un_M11DpW0_29p-FNKwr-edNTNkyycPxmTy_s_7cAh9DXIAa2d5xaD48Smhh3e6M2xSUDVZcJfs-DV4Rw2szyBWSLXV-jC_iNyTz978NjOh6UGxxZabJFnpkjvcO1mylEfG01bkiGMtZBP0m1j9MNlG7WSHiBGg1sXPFCVU6tEAawnY7eVThi7ejCZjznuTHxLjaPXz64ANYy2lOG69icCqQQkhHhoy9zLQj_VNbwgYgtgy9imNZqsJ-ef_Y_79rOBISIu_BWI9AzZCL3fLKMELc4b2Ma27kdAg1osVdHZ0urxBAx_4ziwEAd-4aeiZhuqdlxBVTt2HQxL175JP6DaJBZ-eIBCgdU2HzPI_Mh7-krdw5gWVq33TW2pZPnbNqSx9fofnyBFITIStJ-tFNlpjW2K0UWsPdAClqpSqFuKuaAphFu8IJDr-XKVYOyMUaevwnlL2IrpGqwdtOEf3J4y8c3zZ_wS4BwJghmEbRd8qpLwWIFgOAKqfFEbsGYWW3kCzO6DqJ9KjKiV0cXu8nsO4a3mhAcHZYJJh4qdzOAC6dnEP-k6BVnBBhE8J1OAOW2wwgEhH1CP7_FR93PUoR5S2btTjuWP-y8uF0NeMyMSM03CaiDsZ567qhgre045YR0ANC3-U3p7fH4IsgAzPNVpqniR6AWga-dQuGqxf09vJ4qltrxt7thHq8irgevnwhCl61agUa4ZYMz5fXvrbNzfJXdB_s19Sc_e574g12eKePSQYGkdJltpfsKmkfzDsqNDSQradO69B7_DnJXWnDEhCcUSS_TJRRnSEegrMjHdcdsxYnTfHS7zvu8URI9YCxkojQWhqZIeyDYX0EMw6R0YTojd8g8U4VEGhbhSjAivBonuamKJywBoXp3-_WcxjdTJ9-a4jgzFUeH392Y2wqMG5spXq3o7QfCByoOm4sCc3vhmM5H6702UriJwcHnyoK-eKsAeUQtwKIzIiJS8YBOUJrgSNx31DAfpXPBFVXLIbky_V_qGjL0iIfI4oh80986pvJhuO877xpJtaVQGEPy48KKvvIELxxZgD8zIEu7yYxjeK4TuGRV3jGtEQyOomMJ4XPMziBX7IL_6gQGD17wcNdQmQ5Ju-aSSMZp29BBpA5WLpTnPOgOZfY-VWpcpqSjTFSG0fVRqkSL33Raw12XBtsM3OYZFUAXE6LiPbCpy8cM5T8BiB4l9fEjgVY05dpRvoKNpTRFI6oaiPiCJOEOsR4pf7thCo5KdlGjo-FO6tZOGMazPOQCHg5ambIH427-awgu9fD7kmXP9Uu0bFFwetubf1InIeHxliOIxsBeSGvRPZhLQZ07vEonptmuO1q8Eq2ARUHBAdC5_PzgmP6wRpInCtFswSWNZXLxsHI1skbvLzYY5YQugb2c507YbO0jqtpo2nBSpJrQhMlAHkrHRA0nsC19qMPLlgIoO0MU3uGuI2ysIj4av543BlUupw-pu10YDuVAnCXW-eq-PzKQKyjf-RMMq9zQURgRGALemmy-mB77GyPGBpBhzYfqKD0IAKWIKSu30bDXQwOMQsEoJr5tsT50-8cy1dONDoc3b5ahFaJst2GI4fCWjqeSbdPtYPP3Cq3VxPt2wczvAYhxiOOAoLReJ9imKqHWOnQLg7cau9189Siw08z6wbQ4DU53V4gZK7Vm4nmjW_9f-g0nhtDox-TMMHPSUPVCj4tGD8HN09RjvbwHyG-G62RS4QjTF9VgrmYHfjwbd00VY1knhZs32t9hHpuUqTDTFNhJZTPpAh2QQ55OqsrwbmF7g533XRxV5lc1_pJ6mIe6BAuQraWgKtYKbwogHer9AmuMKNurwueB0A7Z2IPYE404a5rXdQHVqlXRj0Xajor-R2DuIdhKbVcK46VRsnzzW1L3G6_Bv6UvWDyFqjZVuG_jP1UtWHJUUKc_4-90tukMDoloNKJgamZwphz-6g7WycsrLknpMr9bX4Ntenp04Y5ol6dOuU0iDBhJiPNbwwHc6rjcPv1gtAdvJP8BodI1jmcJvdjk1lxSVPil5b9fiR3m2UVvcFTaxLkJB9FW9kC2zaUV6_WB_ydU2MkKNnHptpH_zTeo4y62BHGaXkf5yogYX9TTJBqjEINdMrfsT2VIKH3cRBjYe5UFh4kGCkkW61_BbINuNu9zw5HOq5x39O1oMIITu2bJiy3qC0hG1B1puwngOMJH3MQab1V_AVMeYIh0rOLg8HHniZn4TkGdJ8QRZpb3tu0W9c-AmEkJMt4gVVxFeZkcG6zVIyWJUhcJymNDBsfmcspYVvT-01x3rBWLq3EGxky6yElBJYbfVEsu5DwLHCK2mLkgZff8FRlBZaReCs4OTj929HEogm4IcBFuIVXaKKRIZFz5525B4RuiNm5A9VolO_x4kyEx3kVZ6VQ450BG3B-Aus9i7ubr8TNRAAxboYKyUwCrZjgztry-kj0awfTws2TFHMn0vMbdxJP7_pgAKTJ3ZjP24TZBCNsh7TMMeuylh0f9In-ZGvn1pPWQ9sSsxPIUWugtX5ZE3i7KX3UECcKr6vquom_MKIr6K9Wrlc2dAZkGTtUizQZINEsRuyqd0e8STcBGc65I38RriaONcGONDxsPBCvQqvkwKNURwf23HOYY_kYFNRWGFuiBtioxq-Gmz9eoD3M6A_AZ9XZgs6NMZVMZNO14p1KZ_EfLFKza7xmKVJyr-B9w9A0eCgs-8j5Ch1Qm32klQP9FTvHVzR7bnTafsS1MG6GQiCOUa1bRfCZpXLqSkQ4SsCXBiquttnYprGFaCon0HPDW3NNvbNLVTeSXYJpJJKVI6H_oTixzGxTn-gIQO2kbu4z4scvEKCaxZNQdYc8D0R-cT6a2mMFrczg1UBvXJ7V6Otu-sMJ8nJ4BT3H2ag1qo_auwM9z5v8r-OBPMVhuWHaK49h51BbZpcDNvN56u9Zd4-264BcvH_GPJrlRHkFFdTipZtPFqRDK5mgfRH8nwpzpnz0qozGEll2g6ylbtXksEtvTH7yFew3tWPDeHHXOPf4rGvquQgarPOZo876F5skvV0jCV70h1fvrDMqxiJreS82reWgya4aBAzwUYbWFtQQ9RCZIm8XhYA5M0wLEjxxX6GLnkpza_jFjfGml4Szarj2QA7-j8y53_rhjOTiGGxJPCZ9UML8kS2sA02Hdru2EdLQGwiWD5_CNWmimC6soJOt76Jdxpsl5uEtWrzLYzMtslCO6H-bOGTlUe9UpzI-aflpoujcnMMX4brcQqQE&cid=CAQSGwBpAlJWrgehzg5OJxDOyxSbuzQDOta6mqhfVhgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f154.1e100.net
Software
cafe /
Resource Hash
6ec4a63bacd64042cdd7356682aefdaf5f3828458469e44bd196465811210711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16669
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8DE3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 07:23:26 GMT
expires
Tue, 12 Sep 2023 07:23:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 07:23:26 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212590759866246060190%22,%22debug_reporting%22:true,%22destination%22:%22https://1und1.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22669138618%22],%224%22:[%2209-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216677453714900607025%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Sep 2023 07:23:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame BBB5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lmfzks2h&c=3375894633896&slotId=1687947316948&qqid=CPvSkIzFpIEDFWsBrQYdLgEPfQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c05::78 , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame BBB5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 07:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Sep 2024 07:54:59 GMT
file.mp4
r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726039406/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BBB5
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726039406/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726039406/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726039406/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6C8D742EB2968663D106B241AD3117897077A46A.147C3F2CC8455F59363A1A13215D9BEFB11C5D97/key/cms1/cms_redirect/yes/mh/C5/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1694503031/mv/u/mvi/2/pl/36/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:401e:28::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 07:23:26 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2208368
Last-Modified
Wed, 05 Jul 2023 13:14:40 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Tue, 12 Sep 2023 07:23:26 GMT

Redirect headers

date
Tue, 12 Sep 2023 07:23:26 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726039406/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6C8D742EB2968663D106B241AD3117897077A46A.147C3F2CC8455F59363A1A13215D9BEFB11C5D97/key/cms1/cms_redirect/yes/mh/C5/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1694503031/mv/u/mvi/2/pl/36/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230907&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9774566433053765&plah=ladybirdar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26cb30decf67162684ad4d86cafbf9874935d86c3c8f48e30fff3f2f039aab16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11727
x-xss-protection
0
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame FC0A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9774566433053765&output=html&h=200&slotname=7466841769&adk=4205431737&adf=697875801&pi=t.ma~as.7466841769&w=320&lmt=1694496204&format=320x200&url=https%3A%2F%2Fladybirdar.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694503404411&bpp=1&bdt=301&idt=324&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8680381221685&frm=20&pv=1&ga_vid=1596567122.1694503405&ga_sid=1694503405&ga_hid=1692306404&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077222%2C31077327%2C31077699%2C44800658&oid=2&pvsid=4487308119799822&tmod=30475507&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z1jY1Nf30w&p=https%3A//ladybirdar.com&dtd=329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:51:06 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 2C92 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
44527
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 19:01:19 GMT
expires
Tue, 10 Sep 2024 19:01:19 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9774566433053765&plah=ladybirdar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 07:23:26 GMT
Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
pagead2.googlesyndication.com/bg/ Frame 2C92 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 16:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
140334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Sep 2024 16:24:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4110 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ladybirdar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2812
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 06:36:34 GMT
expires
Wed, 11 Sep 2024 06:36:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7469 		829 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ee899b4e7add336feb2c67719657058c783d62eb6b902df880011780d6e1ffd2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WhKieNPCUEOE78N4JCxBvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ladybirdar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-WhKieNPCUEOE78N4JCxBvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 07:23:26 GMT
expires
Tue, 12 Sep 2023 07:23:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 4110 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 06:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 06:51:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7469 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230907&jk=4487308119799822&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C92 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BFela7hEAZfydENSq1gbu1qj4BAAAAAA4AeAEAg&bg=!WlmlWRbNAAa6D61Rmg87ADQBe5WfOEqwK4GEvZz7zsqjSxb4Mj381NcKEL0a9pLIlQN-2sovoI__yhzREkqs5xe8OhbIAgAAAEhSAAAAB2gBBwoAWv6OkBbhoiLN_NhLeq6iqwMm5wgYbJmaZY_T8FSZIuKY_nE4emH2g9zU0Trjfb02IIO6eakH-fTT46FrTbI7DQzMJq_IjV3mZIuSvxcbZ_CMA2_S2d21ziuZT5kDCIE69KR4uwwNOxi1EIogP9J8EhydmzzcC_z5MrTSAwXXFvJ6zRWnOAloXk6i8qpIsg6WmgArA2ShcgxpmHqJMPjutkpvXPdSa1ttf9ZtkWIVA-tD4bRe4lK_4ihzCI_sTkgTqlYsFUY6ddaBNAg6wOmjkc35SjWCKVXsgRA7c8uniPHMZ8dXswmTU43ABLdaquEIrWZrFiN7deh0HUxSjgyjXk7pVpNlwW0yeMTzPXrX2L4d9CbBtpFUqA81NIHLKWHlIrx6aX8hSZKAg0NGXWdwGFrAUZFomjJPXcGHCE_WtxfC5lUsvzk2mTIGpVlLfML_4z82xlkV6Wav2TW-Xfn25wiDaUE8T9eCB8Krio33YqYcl1-BiySThV2bBxO5rZ2zvIv2H7iGRTsDjG0dN9leOkkH_NDk8jdeBeUUN7bt8-4Y33LKx6rO7WxcCID1f7QQO5LDBac6ipVSTrsMmNug9ryY9t5KBpb0y7R0fuQTNfDRqgRwsp06Jo8EgNoUKhV3CWDpFzZG6j6IyxWF_yyqUNzbSpY-U7x7ASqjy381PWUYOtvP7yHeiz7aFOl96f1OBv9VVPY03xCEBqWkTAQg4JNzCOidLJWKGtNyXFAT07v_oI0c50RK1z4Tzb_A7AbRhUzvK1FJhg5X4clFiCPZdXSqbA3Q6toTr8uBV_89xgoe_ssUAZfGSEKw6Csl3UGaTtUBZZFRvjkn1C6wTZukWVP1CIs81oIq2HfEx_MN8sbcIssUyz9reKNXfofaZrt5sPdfEUd73WulNVPuKFtWAqyrE4eVL0kCn196am7luyqMYbXZdkC01r8AY0wzPwdJY84aKTe4iEGOkkkHKENqd_h3QbxzRj6MUdVYf1bJ-1KAGfAPXIKdPvtrSxMmMRfHT56t0nxCAPTydfUCsZDIFbOXTWHckWfKBc1X6gkWESHClvw4FooCy7Y39FPFuhxkXnu2-SukBQkBl6QSQZ-orAKeXwoSmcAiNn2QUXkWBk_CZEGwSwffknvh2x_AdWeF5gTqXFyn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726039406/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BBB5 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726039406/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6C8D742EB2968663D106B241AD3117897077A46A.147C3F2CC8455F59363A1A13215D9BEFB11C5D97/key/cms1/cms_redirect/yes/mh/C5/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1694503031/mv/u/mvi/2/pl/36/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401e:28::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
5fd4bbea2602c84b40359b83d69eb7f838f205f824ab387ce389185437fbaf12
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=0-

Response headers

expires
Tue, 12 Sep 2023 07:23:26 GMT
date
Tue, 12 Sep 2023 07:23:26 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2208367/2208368
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2208368
last-modified
Wed, 05 Jul 2023 13:14:40 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
generate_204
tpc.googlesyndication.com/ Frame 4110 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BlXX-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:23:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230907&jk=4487308119799822&bg=!AgGlAU7NAAa6D61Rmg87ADQBe5WfOCrzA_TGd6QQb78rBJ7jFlu9wwS506KRCZhyfTU45VQlr4wxtdKiYs4mZ9y_QCY-AgAAAEtSAAAACWgBB5kCvJe7Jhm5oVeXr8Xq6c-RQdgwknD-P1mbVIJQOR4GZ7q6qzyN6Woqkcz5kxvYRBAygEvYzCTWkFpeUpGwe0wGAG5_oxlQyJTfNSiNy61jblrTt1F7lY4FticuLGjMD_BKD5YWc6CZcmuZhS7JakadH7nqhJcJuYIMvfzozTuEMP16_lLef6FhGtfAk2D1iaIgxG4KqhuV0OVXkHOmmrjqiw0CKibog-BkTilP1eyvsFrtGxTk0PVbXl_6UW_byzpJo6SduGiijhM9otD4CSp68kYIkOFySDqNZvVSfF0wXOCf9YrdDEZnItjrwm6i84PI10TB-AwNDde_AK0Cm7E7jOlMGLdrBBWD122NeEQzkYFI_F6QvRG2SBDfYdREoipHD3MSnro6gRvucqmHO4RHvw9kX7pJbxmqN_spbsebxPwLjfpMROls-jp1GEGSyqe7QQ8CUjEnMWJhdVUY1NRY7aaoLR_VxT6yLlBF1e180u6rSM0Rf71oo4tV_igO9RqVf0X5j4zHnfRejzeoc_gLT7jIG4ElsQ-KCzFoG4xK9KXOMU9Qmv7eJeoSBNkO4LYWlOSEAJzYKBPqw-cVzfXfFJgKrEEZDGPt22s76mHIKzAgkvxIB_P3hyj7tDo83QveQ97Nh6FL_NPpw6wM84G1b2cNXLnEXVYJUyE1xIceJoXQf6EhNNXa87-XUxHWZI3UKMpi6hG_PAdmz-R_9uRNw7xxrwdT-7U7kxtwweB-Pd_SMyrL3LvT-Y2PSqWksTr50cRPFucMCX2hSwHMQBy9niMaF-YXg4Eca6j-6ke_ZtDENTJJRJfSJrSUoAfcIH8ehCGP8rz0Vsclp_hyKQF-10dJSr4WNuvVv0N9scq72hvVpOrz1VA0hwcTQ77LLlh7NljMxE-BTibdIbhukHBC11KAxL-uKWlfpeKRsT0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ladybirdar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame BBB5 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lmfzks8y&c=3375894633896&slotId=1687947316948&qqid=CPvSkIzFpIEDFWsBrQYdLgEPfQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=976&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.18p~vil.1oi~vfl.1sx&ua_e=1&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4010:c05::78 , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5DA2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS_crvtYrfx70bFaIRMasZ-OSEYxmiW9klCNa4N6n2wq9CzKb9qwSdRQCa3OAB6hwR_cdF-QFdZ21_ewTKb-p8fbvC7CZhBdi0ALjS_RZyGMX84GER7ABvmCcC1YS11ActO6oehUSVMozf&sai=AMfl-YTyKz-KG84mQgl-ruTDvFiQQvH8qkUIqDdbzqBUycWHm6pRjOAfj_J2JB6UAjnYqWMbzwv8C_tF6qzT&sig=Cg0ArKJSzHC1q9yKi0q3EAE&cid=CAQSGwBpAlJW12LJ339M9RVd-zMYWLdNsTMVqNGnChgB&id=lidar2&mcvt=1001&p=0,0,200,320&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4205431737&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694503404741&rpt=1611&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 07:23:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture object| dataLayer undefined| $ function| jQuery string| image_save_msg string| no_menu_msg string| smessage function| disableEnterKey function| wccp_free_iscontenteditable function| disable_copy function| disable_copy_ie function| reEnable function| disableSelection function| onlongtouch undefined| timer number| touchduration string| elemtype function| touchstart function| touchend function| wccp_pro_is_passive undefined| e undefined| timeout_result function| show_wpcp_message function| hide_message object| adsbygoogle function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| obj function| Glide function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| V function| ea function| fa function| P function| W function| X function| da function| la function| m function| ca function| ha function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| lazyLoadOptions function| LazyLoad object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy string| google_user_agent_client_hint object| google_tag_manager function| getSelectionText function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googTempStyleOverrideInfo object| googNavStack object| googletag object| GoogleGcLKhOms function| arrive function| unbindArrive function| leave function| unbindLeave

9 Cookies

Domain/Path Name / Value
.ladybirdar.com/ Name: cf_clearance
Value: E0x.5w5CbqVVn88xSEjKIvGonNVfW_kFVuaLst3FtbQ-1694503404-0-1-44898c96.22670f6.d2b299e9-0.2.1694503404
.ladybirdar.com/ Name: _ga_RTEKD3YTDD
Value: GS1.1.1694503404.1.0.1694503404.60.0.0
.ladybirdar.com/ Name: _ga
Value: GA1.1.1596567122.1694503405
.ladybirdar.com/ Name: __gads
Value: ID=7b88a11510464fea-227f12ff6dde00af:T=1694503404:RT=1694503404:S=ALNI_MahEtJvQeSJzPzCvxWVCGoD3H4X3g
.ladybirdar.com/ Name: __gpi
Value: UID=00000c73f917110b:T=1694503404:RT=1694503404:S=ALNI_MbKjYz9B_FbhhquUh_7kmrgyNc_fA
.doubleclick.net/ Name: IDE
Value: AHWqTUljinLOOBtGWRhIxXXj0uP_wgFTgOF2wYJIywimFRz6srt1CzrdaacmxhVZumw
.doubleclick.net/ Name: APC
Value: AfxxVi7wufdYPiUYhk_RuwqNqKvYNAByCNbZJWt5Eyu0Jh4diw462w
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
ladybirdar.com
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-4g5ednsr.c.2mdn.net
region1.analytics.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
172.217.18.2
2001:4860:4802:34::36
2606:4700:3037::6815:18db
2a00:1450:4001:803::2003
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c04::9b
2a00:1450:4010:c05::78
2a00:1450:401e:28::7
64.233.166.154
076308544539911152f6057af008763c7ed4133e204f640c4283c08d6307cf0b
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0bd212676d8febe51c472cb975a7216aadcca6784e5b21f0a1b195d702bab1ed
0c0f8242f10ce7da3f33aaf48c8f7b95d3806f337851a2286d9371661773a039
0c996dfdacb1759877a24993afb1269eb69813a8886b9662ba405cdc44c8d384
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
26cb30decf67162684ad4d86cafbf9874935d86c3c8f48e30fff3f2f039aab16
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2acfd941a4643821536a7e3d78494f1b12ea7a6ecd8e6e456e2bd5e9535fde46
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c53a78aa78c129596570e6919f034004d73ae707a6c5955ab2b360e31afbb38
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3e10d8433569a401c8f0cdd8edb73106d540b02bc025922f7bc6b7fab6d00098
46f1b83962daef585d8564ffe313a959c97864f083447b921d3312387d7376c2
4ff10d62a444638bc53c26521817308b108c03ca548d9ce13971b2916c94c3df
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56317d7ffcfb36a994c4f92235b04dfe2323e318908424367f08ac4ea0be43f8
58048e54975295c1b5ca1374263f6eb85ddcab2440f9ff98bfb90e1c4e45b5c2
5fd4bbea2602c84b40359b83d69eb7f838f205f824ab387ce389185437fbaf12
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
6716b46f45f2331bbeb02ba36e388539d8bd6cca9f0038220a75b9712f9026ea
679760151eae88cd89ee7c9a6291f09e74272eeb1d0cbc9393185de3dc28a7dd
6e6765981015a3543a5d5d9c1e2c9a06e05f7bd2a0610842adf426a11abcf928
6ec4a63bacd64042cdd7356682aefdaf5f3828458469e44bd196465811210711
7ac481dea57f2fbf5822c5c2849df3c63d37c6420c9501532590ab4a1051e9c1
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d6d907f7fa5a6db8db91fe3380e5927c795c789675af637b5bca12281d9a00f
8f9000298b2c6fd96c151092909a03b0000712be7001d4f9d7a82362e7397a89
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99387e6d53675273c4ddaa04812e31906ca65dc4f334955b7bd5b92fc0da5296
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9bc493cb89e2940671ffb16b6640bd5f1e32680e5a23a7567476b769fad6f829
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a7169e998026d94513dfd744cbb38690804909e78e9dfcabe53c5060efa3ea5b
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c3120ed376db3e812ca6634ce5999705d130c1a0a744deb32530ecf847e82556
c421fa94220ecc78ab2044859a8b3bf54380a2dafded1a9f74fb84733b7921bb
c4357480eb37bae9db3f92e201944795e820fd28cf4815ded5000b59573012c4
c647315cced82ea4e609f7586ab66473dd4931822235e08c333bd618009a5e8c
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
cd4fef5a803f5e7807ee4fb01ce83dabac39db7d5cbc170617d9282f27724bf0
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de199fdc39a08b5ca433d02befebe64e1351592060245eaace624f2b18d5c827
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8227a03d29b6c6fcb6312de924d565a4f87c6a01d8b726ccbc5e9d50bc0cc8b
ee899b4e7add336feb2c67719657058c783d62eb6b902df880011780d6e1ffd2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59392f2afec49a966046e85f3f63206f086494fd93f5a47c61f23f3d885a70a
fc4eded90d3401c89025225e709609b584407aa932e668ff10a930195e8c3618