freshbooks2u.com Open in urlscan Pro
99.86.7.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%...
Submission: On April 16 via manual (April 16th 2022, 6:07:58 pm UTC) from SA — Scanned from DE

Summary HTTP 101 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 16 domains to perform 101 HTTP transactions. The main IP is 99.86.7.92, located in United States and belongs to AMAZON-02, US. The main domain is freshbooks2u.com.
TLS certificate: Issued by Amazon on December 9th 2021. Valid for: a year.

This is the only time freshbooks2u.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	99.86.7.92 99.86.7.92	16509 (AMAZON-02) (AMAZON-02)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	99.86.8.8 99.86.8.8	16509 (AMAZON-02) (AMAZON-02)
1	65.9.67.110 65.9.67.110	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::ac43:1695	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:3da8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.203.130 142.250.203.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
101	25

6 99.86.7.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-92.fra6.r.cloudfront.net

freshbooks2u.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.8.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-8.fra6.r.cloudfront.net

i.gr-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.67.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-67-110.fra56.r.cloudfront.net

s.gr-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:1695 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

zakz007.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:3da8 (United States)

ASN13335 (CLOUDFLARENET, US)

vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
publish.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.203.130 (United States)

ASN15169 (GOOGLE, US)
PTR: waw07s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	317 KB
18	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2298 www.google.com — Cisco Umbrella Rank: 4 adservice.google.com — Cisco Umbrella Rank: 77	88 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	81 KB
9	vuukle.com cdn.vuukle.com — Cisco Umbrella Rank: 16032 vuukle.com — Cisco Umbrella Rank: 13989 publish.vuukle.com — Cisco Umbrella Rank: 16663 api.vuukle.com — Cisco Umbrella Rank: 23116	94 KB
9	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 436	125 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	67 KB
6	freshbooks2u.com freshbooks2u.com	68 KB
4	gr-assets.com i.gr-assets.com — Cisco Umbrella Rank: 21385 s.gr-assets.com — Cisco Umbrella Rank: 25173	95 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	4 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5383 adservice.google.de — Cisco Umbrella Rank: 7579	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	73 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	github.io zakz007.github.io	26 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 942	88 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	646 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	38 KB
101	16

	Domain	Requested by
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	pagead2.googlesyndication.com	freshbooks2u.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	cdn.jsdelivr.net	freshbooks2u.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	freshbooks2u.com	freshbooks2u.com
5	cdn.vuukle.com	freshbooks2u.com cdn.vuukle.com
4	www.google.com	2 redirects freshbooks2u.com tpc.googlesyndication.com
4	fonts.googleapis.com	freshbooks2u.com googleads.g.doubleclick.net
3	i.gr-assets.com	freshbooks2u.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	publish.vuukle.com	cdn.vuukle.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	zakz007.github.io	cdn.jsdelivr.net
2	use.fontawesome.com	freshbooks2u.com use.fontawesome.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	api.vuukle.com	cdn.vuukle.com
1	www.google.de	freshbooks2u.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vuukle.com	cdn.vuukle.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	freshbooks2u.com
1	s.gr-assets.com	freshbooks2u.com
101	26

This site contains links to these domains. Also see Links.

Domain
forms.gle

Subject Issuer	Validity	Valid
freshbooks2u.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gr-assets.com Amazon	`2021-08-27` - `2022-09-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Frame ID: C11E7132E0A327EF902EC968686DE91B
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Frame ID: 9BEC87640F50A87F95AB57C6F446F399
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3473764004312773&output=html&adk=1812271804&adf=3025194257&lmt=1599870341&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffreshbooks2u.com%2Fdownload%2F%3Ffile%3D%2520%25D9%2583%25D8%25AA%25D8%25A7%25D8%25A8%252040%2520%25D8%25B2%25D9%2586%25D8%25B2%25D8%25A7%25D9%2586%25D8%25A9%2520%25D9%2585%25D9%2586%2520%25D8%25AF%25D8%25A7%25D8%25AE%25D9%2584%2520%25D8%25A7%25D9%2584%25D8%25B9%25D9%2582%25D9%2588%25D9%2584%2520%25D8%25A7%25D9%2584%25D8%25A5%25D8%25AC%25D8%25B1%25D8%25A7%25D9%2585%25D9%258A%25D8%25A9%2520pdf%26prev%3Dhttps%3A%2F%2Ffreshbooks2u.com%2F40-%25D8%25B2%25D9%2586%25D8%25B2%25D8%25A7%25D9%2586%25D8%25A9-%25D9%2585%25D9%2586-%25D8%25AF%25D8%25A7%25D8%25AE%25D9%2584-%25D8%25A7%25D9%2584%25D8%25B9%25D9%2582%25D9%2588%25D9%2584-%25D8%25A7%25D9%2584%25D8%25A5%25D8%25AC%25D8%25B1%25D8%25A7%25D9%2585%25D9%258A%25D8%25A9%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650132472718&bpp=3&bdt=276&idt=118&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1443672627011&frm=20&pv=2&ga_vid=693547660.1650132473&ga_sid=1650132473&ga_hid=1125783113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067131%2C31062931&oid=2&pvsid=3316821902148488&pem=580&tmod=1150470364&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317
Frame ID: 41960FEA30C9B796EB45D6C44C3F0DED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6011D4828E6EF9EE1156EB3CB5C7ED78
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1
Frame ID: C3636B353E11FD3226EEF5481E54A14B
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 08052E55A510B746FD13606492633358
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C4E263357E7A2C70EDC985A23FBE1826
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E17BC4A070CC8E876460FCABE8D01B5A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Frame ID: 238F3ECC03E4318E3E04AB0597748175
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Frame ID: D1C27B366CA124B45E20DE4297005AC6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A5B79EEAD6518B799A94F25A8C10C05
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 791EE33550F4F44CAC7FD7F2D7A75ED7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كتب فريش موقع ومحرك بحث للكتب

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

101
Requests

100 %
HTTPS

83 %
IPv6

16
Domains

26
Subdomains

25
IPs

3
Countries

1185 kB
Transfer

3239 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://forms.gle/c4E6ZjKP2u8YtgRVA
Title: إبلاغ عن محتوى مفقود؟

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

101 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
freshbooks2u.com/download/ 20 KB
5 KB 29ms
7ms Document
text/html 99.86.7.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-92.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f567ffaf3e6c947ae84b8ee9440701c76e3e1684811970315206410611373b2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40392
content-encoding: gzip
content-type: text/html
date: Sat, 16 Apr 2022 06:54:39 GMT
etag: W/"ec4d5fe5d54be6d08c98a11ddef908bf"
last-modified: Sat, 12 Sep 2020 00:25:41 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-id: WCDRdtFMHElZ_9HecSDhiK-H71AhdvrxHx-2h_bbi2vuBd51bydvCg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront

GET
H2 200 all.css
use.fontawesome.com/releases/v5.12.0/css/ 56 KB
13 KB 108ms
39ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Requested by: Host: freshbooks2u.com
URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24530390
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KAW9VZYY85MQYX51
x-amz-id-2: CEg3SxwyLZEu9KvEo8wmMTsBv++HT/2iwsWaVyR+9DV074tOGSMdeVZCD51ucZM9TxOpRqf4RGs=
last-modified: Wed, 30 Jun 2021 15:37:55 GMT
server: cloudflare
etag: W/"500d1a92f875b1d96d37a3a3f8f0438c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmeLJaK2XSIR9uE4dLTmZJOogRwKaeafHUFZiauhQleVLAyG2oQ%2B9qAZtXAnmuhgzRhxplyMkgrK2HhzZSy3h2CavqtEEHY7lW2Y9Hkj6QJK%2F%2BV02l7FRPY9U02%2FtcbeRkzmwTC6QYpFQtx3jQZPBhEh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6fcedce74e363750-MXP

GET
H2 200 atom-one-light.css
cdn.jsdelivr.net/npm/highlight.js@9.12.0/styles/ 1 KB
1 KB 50ms
19ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/highlight.js@9.12.0/styles/atom-one-light.css

Requested by

Host: freshbooks2u.com
URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86954b43616f5422536f7428745b8c2f0ff56bde785b6cb823dc64c89b576749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2276939
x-jsd-version: 9.12.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19133-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4f5-7aY9jM5EDb87uCPhBXehNOmUHes"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXFvZAmN%2FidYTjzhjVv5ws4hZOxCKeIUCPqudfbQd2agcN%2BGJY79KLsQdxul%2Bz%2F%2B5tM8zVKmloonzzjc%2BP8d8syFmSzILmd7kQThd4nnQS3NGQXQeYGgZ0tThTBno48aATtSToZFfaUav5E%2BmII%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fcedce6fb860229-ZRH

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;600&family=Source+Code+Pro

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83b61b4e2f8224860db4fb1826dd30345d2dcfac9f87c20af434bf1c774c971d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 17:56:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 18:07:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 18:07:50 GMT

GET
H2 200 default.css
freshbooks2u.com/css/ 216 KB
29 KB 8ms
7ms Stylesheet
text/css 99.86.7.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freshbooks2u.com/css/default.css
Requested by: Host: freshbooks2u.com
URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-92.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 313e0b6174146d0fcd896947f9f40e18219e2167b7304d1c80de23804df54dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 01:00:49 GMT
content-encoding: gzip
last-modified: Thu, 25 Jun 2020 00:16:47 GMT
server: AmazonS3
age: 61622
etag: W/"47bed4a3c5b531fbf56fd8c05dc9274f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: dUEZVnLmFv48wiWLqk0MrhRwkidgsUc2o9it6H1GkCR1w72d0t4GVg==

GET
H2 200 lightgallery.min.css
cdn.jsdelivr.net/npm/lightgallery@1.6.8/dist/css/ 20 KB
4 KB 50ms
20ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lightgallery@1.6.8/dist/css/lightgallery.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2b7c76c9afe8eedce734f7d8c524c475c403eef024cf1d4f2e3f92775ff5406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2276938
x-jsd-version: 1.6.8
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19178-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4fea-G3InI3+XhcZgYqSBFQiRZRjkEyw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXYA5Hyn0IzXB47BXshCYzfsXoBPCtrDhDtpxgui5%2BA9fdXUJYb%2BhaXUM8jsXdtMx0K0a1D%2FQav2qEDRrLBVvd8CZ05QMl5KQ8VU5MwK%2BUsGzCd9n9tOElKPEMX1DLTgCMFEZl3ilYIWPllx6eU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fcedce6fb870229-ZRH

GET
H2 200 justifiedGallery.min.css
cdn.jsdelivr.net/npm/justifiedGallery@3.7.0/dist/css/ 2 KB
1 KB 51ms
21ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/justifiedGallery@3.7.0/dist/css/justifiedGallery.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64a386be9ed85705f6ea0d9dd28a03bdb481412122222e0177d16e2bed76664d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2277497
x-jsd-version: 3.7.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19155-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"9d3-krtuRoodt/vZnMuWDhXihXIlQmM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2KWspjg9B7r2kxQOx67S5My6asjf%2F9s93CuXqjeKyR%2B6ALsATbDVkufYy%2Fn1LVI%2BmQdU13RMruoKDIuJTOuOXUs%2F7PqkB7XZEBpoAZ3%2B5d4akAWToh%2FRC1s5wYvgcmwAzF2vIACJdg07nApdGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fcedce6fb8a0229-ZRH

GET
H2 200 pace.min.js Show response
cdn.jsdelivr.net/npm/pace-js@1.0.2/ 12 KB
5 KB 50ms
20ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/pace-js@1.0.2/pace.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d8568fe6f9d837f664000f1973f22009d776aabb49bd6daf692912825f6e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2276938
x-jsd-version: 1.0.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19142-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"3108-0yq4GOD5fTsMgPVjH8I9igy1J5U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smK4yEbPyTy8oxJueGwH6HSLefdYbJWH%2FrRIjwRu5ncjIbRn3zxn7VSFU7yG%2FTOEpiHN%2Be95fMHBWoBif5wjj3f2ujNBXa6oTv0%2BkqtFP0D3UpHwLhJNigCMIc%2FxM05t8OHpOJcq97w47m3COWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fcedce6fb8b0229-ZRH

GET
H2 200 logo.png
freshbooks2u.com/images/ 29 KB
30 KB 10ms
8ms Image
image/png 99.86.7.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freshbooks2u.com/images/logo.png
Requested by: Host: freshbooks2u.com
URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-92.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90f72403cd14c4919a0f8ebc86897d9a4194eedcc227605c558b5fe4563836bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 06:13:37 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified: Tue, 07 Jan 2020 09:48:22 GMT
server: AmazonS3
age: 42854
etag: "1bd3dcbd798c375361b4d1599cf5441d"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA6-C1
content-length: 29908
x-amz-cf-id: teB1w0sF-uPjOE1Nu3WV2RZCc6Q92teOsaLWdW5xdXQZgiJUBW1g0w==

GET
H2 200 45415484._SY475_.jpg
i.gr-assets.com/images/S/compressed.photo.goodreads.com/books/1556626449l/ 35 KB
35 KB 64ms
7ms Image
image/jpeg 99.86.8.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.gr-assets.com/images/S/compressed.photo.goodreads.com/books/1556626449l/45415484._SY475_.jpg
Requested by: Host: freshbooks2u.com
URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-8.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 2390df576cb1c1bff0d62eb2dbb75942aa32b030335eb4bac5164f9f7f614836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 06:16:48 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
age: 42663
edge-cache-tag: x-cache-787,/images/S/compressed.photo.goodreads.com/books/1556626449l/45415484
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 35798
surrogate-key: x-cache-787 /images/S/compressed.photo.goodreads.com/books/1556626449l/45415484
last-modified: Tue, 30 Apr 2019 12:15:51 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
x-amz-ir-id: 0e501788-2251-41d3-8dcd-2cda58cd5b6e
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: ZVSlc7oMGPHahX3LBFqUX5DbVmVKZ7WvV5HB-1Er4X2M2ABvfivOMA==

GET
H2 200 111x148-bcc042a9c91a29c1d680899eff700a03.png
s.gr-assets.com/assets/nophoto/book/ 599 B
1 KB 74ms
6ms Image
image/png 65.9.67.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.gr-assets.com/assets/nophoto/book/111x148-bcc042a9c91a29c1d680899eff700a03.png
Requested by: Host: freshbooks2u.com
URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-67-110.fra56.r.cloudfront.net
Software: Server /
Resource Hash: a141246ec0bcd7201e9f23b3123a1f5519fefb3bc7a0ccf06b410f9de48dec22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 09:00:14 GMT
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
age: 983257
x-cache: Hit from cloudfront
content-length: 599
last-modified: Fri, 01 Apr 2022 19:10:05 GMT
server: Server
x-amz-rid: ND8CX5YR7R20RCPBKACC
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000, public
permissions-policy: interest-cohort=()
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: rOWDySGIVhhhI7ANQk63K5lcLw2jvcghMOMVsPJfen9YCE6lhuzgDQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 16101638.jpg
i.gr-assets.com/images/S/compressed.photo.goodreads.com/books/1350895778l/ 42 KB
42 KB 69ms
13ms Image
image/jpeg 99.86.8.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.gr-assets.com/images/S/compressed.photo.goodreads.com/books/1350895778l/16101638.jpg
Requested by: Host: freshbooks2u.com
URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-8.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 16428c68e098c6de7dd5a1394a9730370721e7b4773067ed26bd36e36d632613

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:41:41 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
age: 48370
edge-cache-tag: x-cache-416,/images/S/compressed.photo.goodreads.com/books/1350895778l/16101638
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 42518
surrogate-key: x-cache-416 /images/S/compressed.photo.goodreads.com/books/1350895778l/16101638
last-modified: Fri, 15 Jul 2016 01:20:37 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
x-amz-ir-id: 1655182d-4d32-4c6d-8b20-fcbaed8712ab
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: wDe5Y6KdLaxfUTTM0kfWiiR0j9yfH2vOGBR7fQqf10wkVylTvqbCMg==

GET
H2 200 17287515.jpg
i.gr-assets.com/images/S/compressed.photo.goodreads.com/books/1359233703l/ 16 KB
16 KB 69ms
13ms Image
image/jpeg 99.86.8.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.gr-assets.com/images/S/compressed.photo.goodreads.com/books/1359233703l/17287515.jpg
Requested by: Host: freshbooks2u.com
URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-8.fra6.r.cloudfront.net
Software: Server /
Resource Hash: d70570152f16a7042d5217307086e0493efd7dc46f843e8fe160d1256ef19d40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:38:50 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
age: 48541
edge-cache-tag: x-cache-393,/images/S/compressed.photo.goodreads.com/books/1359233703l/17287515
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
content-length: 16340
surrogate-key: x-cache-393 /images/S/compressed.photo.goodreads.com/books/1359233703l/17287515
last-modified: Thu, 14 Jul 2016 04:10:21 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
x-amz-ir-id: 22d3ad16-3d20-451d-a8a3-18f79b2d6f62
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: NuZgrS3ThF84NY19VpBkCEsetc4dUCX-r1sgcJWKiPMEKO1SOMz6BA==

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.3.1/dist/ 85 KB
31 KB 28ms
27ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2277942
x-jsd-version: 3.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19161-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1538f-DcMttKqcXwPzs4xH2IPb1P7ROq4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLDkwrBOBVY72SLNfGKUwWbRn1HrtPUchi8UQNezOjzux%2Fp2w3yWwHSIMpuW5NcpMqUGztff5k%2BS4j%2F886nocybfCRU2ZQDf6fybSJANdBAd2k%2BgS9yazY9IuiZFsTTRDhRiwObgTrvwuoRTgmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fcedce72bbe0229-ZRH

GET
H3 200 moment-with-locales.min.js Show response
cdn.jsdelivr.net/npm/moment@2.22.2/min/ 319 KB
67 KB 30ms
30ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/moment@2.22.2/min/moment-with-locales.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b9ad34701d1b38cdb1436d5981b9e71c44f710d3cf8805eb7c7fa6b297287d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2277948
x-jsd-version: 2.22.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19136-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4fc01-qEhAyvwJf7z6q2xJ1fz6pZjg7G0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Wqjq5gFUaocRtPo3T53jK1TQN2VTeBAqjM83TokH9So94uwskW8FHr7hKRltT2jBwECyFNp0PzgVED%2BneYtKUpc2w%2FeL1KLT144x4aVWHaVFo%2B66bsXTRTh2JeI%2FyPOhN95CgVrquQ0BjYJnlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fcedce75f852397-ZRH

GET
H3 200 clipboard.min.js Show response
cdn.jsdelivr.net/npm/clipboard@2.0.4/dist/ 11 KB
4 KB 47ms
45ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clipboard@2.0.4/dist/clipboard.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2276938
x-jsd-version: 2.0.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19121-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2a02-7mDKW6lAFFYQXvcDqYCSNptXnIA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3mtY%2B1b%2BXM275o8RDTTcw4wR69y6SQmo7Dqiw%2BOqmbVwE%2BNjvZIO%2FDQE0fAqDqkjY5A2oi5wWXNwkY%2Fqgh4QsGLKeSIv2PPYdLVQUtAI8HaodlebWNCoss3dVi52yRUXe2YyKQ%2BID175u5STpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fcedce78fc02397-ZRH

GET
H2 200 animation.js Show response
freshbooks2u.com/js/ 2 KB
795 B 9ms
8ms Script
application/javascript 99.86.7.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freshbooks2u.com/js/animation.js
Requested by: Host: freshbooks2u.com
URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-92.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 463d0ef0ef39e70ebb8220c6e586a498b656a37725ff2dea894b4e7725f1fffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:56:39 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 09:48:23 GMT
server: AmazonS3
age: 49006
etag: W/"0c794ad2b3712352ee0f751b7f78febd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: JQdVSpPnKGzqdVus_Vrx45oj4XxhEpJhAKv_h8A2aWhjZRFU6fuR1Q==

GET
H2 200 back_to_top.js Show response
freshbooks2u.com/js/ 0
306 B 10ms
8ms Script
application/javascript 99.86.7.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freshbooks2u.com/js/back_to_top.js
Requested by: Host: freshbooks2u.com
URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-92.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:56:39 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified: Fri, 18 Sep 2020 09:05:30 GMT
server: AmazonS3
age: 48680
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: FaTzap21tgYOVbPiHdH1XHLXaCqlYrZaPjIuh2sKQCC62c7LzU5nfg==

GET
H3 200 lightgallery.min.js Show response
cdn.jsdelivr.net/npm/lightgallery@1.6.8/dist/js/ 18 KB
6 KB 47ms
45ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lightgallery@1.6.8/dist/js/lightgallery.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1135ea34b1fb783d2f2ee57b7b6ca67afbf2a94b90ea8fb5271825e4548b7858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2276938
x-jsd-version: 1.6.8
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19148-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"479e-RzYWnMAl2GAA/EvQ4g9M/1inD7o"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdIMQiWRNFAbU2UXymUtEUezHTyjiR3EN7ktpexEomSf%2FHotFiyATqIc9zU2JRtF2wOBaqBnQztIhHcfFom4TsMpdXX%2Fygvm4wXC5oHYgrYm%2BGlQrP1WQNBkbTomg1azabEjg2Ft5JI3nH0GBxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fcedce78fc22397-ZRH

GET
H3 200 jquery.justifiedGallery.min.js Show response
cdn.jsdelivr.net/npm/justifiedGallery@3.7.0/dist/js/ 18 KB
6 KB 47ms
46ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/justifiedGallery@3.7.0/dist/js/jquery.justifiedGallery.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2277497
x-jsd-version: 3.7.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19158-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"484e-gqs5UXbJJ/+7L3yVEy7goGzV1ko"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jl881ALHax9nU1Jer1PbHtEGS%2BWkZ8sbQNXzWNW1lOibTAxvxwqsY6qmESlkgY%2BEPXGCknYQMJEpdKKGpI1%2Fg1Xyq4AVflDli3Lszu%2FH7uH5vyavzQXKFUN93TCbWdl6L6IwxiD3OLZEkmnvaVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fcedce78fc42397-ZRH

GET
H2 200 main.js Show response
freshbooks2u.com/js/ 10 KB
3 KB 10ms
9ms Script
application/javascript 99.86.7.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freshbooks2u.com/js/main.js
Requested by: Host: freshbooks2u.com
URL: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-92.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b760e647fcf05b3ce1152b223160beef7771a9e5bbf6b68f849dc0f433f60675

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/download/?file=%20%D9%83%D8%AA%D8%A7%D8%A8%2040%20%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9%20%D9%85%D9%86%20%D8%AF%D8%A7%D8%AE%D9%84%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84%20%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9%20pdf&prev=https://freshbooks2u.com/40-%D8%B2%D9%86%D8%B2%D8%A7%D9%86%D8%A9-%D9%85%D9%86-%D8%AF%D8%A7%D8%AE%D9%84-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D9%84-%D8%A7%D9%84%D8%A5%D8%AC%D8%B1%D8%A7%D9%85%D9%8A%D8%A9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 08:34:06 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 08:40:21 GMT
server: AmazonS3
age: 34425
etag: W/"342f0f253eb54f6a10f8052a787ddb61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: SvHUIikguA9EGxny5z2c8sR6K0eT1Q5TWETJWM9q0IB6nwQAgf6KZA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 42ms
19ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-150295979-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ac5fb88c1b410287fa4b3f2259d3a67a75d530a4bdeeac1b98b597537069929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38582
x-xss-protection: 0
expires: Sat, 16 Apr 2022 18:07:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
54 KB 65ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09605edfb57b1e39cc71f28af187e7a56544a7f9ffc1ad977229e5b8323f8f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54371
x-xss-protection: 0
server: cafe
etag: 14579791970707278330
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 16 Apr 2022 18:07:51 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.12.0/webfonts/ 74 KB
75 KB 98ms
68ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Referer: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Origin: https://freshbooks2u.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11634384
cf-ray: 6fcedce7db93375c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76084
x-amz-id-2: Fj/+1Bua1X3z1DFwrz/EPc82SUKpPE2PBo6+Zvxn2aiwBQbQJIAHIBf8IBRy1eax48W75XUFOI8=
last-modified: Wed, 30 Jun 2021 15:38:16 GMT
server: cloudflare
etag: "f6121be597a72928f54e7ab5b95512a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWbmj%2BrlRIuA%2F%2FL%2FWNrhYsvSMvD2EV40ufKFJnpkcHSAiq5NkrnCKdtxJiPHLPYDei6qphTID9Xnk8NCxi2CqI0%2FC161LB5DGjPUjKgPjROR6R3urFsFAYpuzFt%2FzPz9wP6hb1HZhFGuHZVCMfR7zLc3"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: H7B0P3EPTYT7FEDY
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v19/ 34 KB
35 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v19/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;600&family=Source+Code+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freshbooks2u.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:32:36 GMT
x-content-type-options: nosniff
age: 254114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:56:27 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:32:36 GMT

GET
H2 200 platform.js Show response
cdn.vuukle.com/ 150 KB
41 KB 73ms
34ms Script
application/javascript 2606:4700:10::ac43:1695
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/platform.js
Requested by: Host: freshbooks2u.com
URL: https://freshbooks2u.com/js/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80800254dfe763fa806d13ac92fead21d4cd2daacb5dcb966d5f45e9ceb59eae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 105915
cf-polished: origSize=153667
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 15 Apr 2022 12:40:13 GMT
server: cloudflare
etag: W/"625967ad-25843"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
cf-ray: 6fcedce87e8e01e3-ZRH
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

GET
H2 200 button.js Show response
zakz007.github.io/ 61 KB
24 KB 166ms
113ms Script
application/javascript 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zakz007.github.io/button.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

0c44eabdb457cb2305beba80a2c266db78661bedf1f9a8d3f8e5b707489136d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-fastly-request-id: c288f46d023080ec2d25e0f373bb104ccc296ae9
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5f7efb62-f244"
age: 0
x-cache: HIT
content-length: 24640
x-served-by: cache-mxp6979-MXP
access-control-allow-origin: *
last-modified: Thu, 08 Oct 2020 11:43:30 GMT
server: GitHub.com
x-github-request-id: A552:EADB:1608879:16913BE:6259D7E1
x-timer: S1650132471.129873,VS0,VE97
date: Sat, 16 Apr 2022 18:07:51 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Fri, 15 Apr 2022 20:48:58 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 button.css
zakz007.github.io/ 5 KB
1 KB 170ms
118ms Stylesheet
text/css 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zakz007.github.io/button.css

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

0d143c860b44f2cd25778fec825908704c2ac0e0173154bfea6f31ec573984f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-fastly-request-id: f52abfb5764377eecab1f67efa1e41056de73c87
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"5f7efb62-1460"
age: 0
x-cache: HIT
content-length: 1144
x-served-by: cache-mxp6979-MXP
access-control-allow-origin: *
last-modified: Thu, 08 Oct 2020 11:43:30 GMT
server: GitHub.com
x-github-request-id: D752:EADA:CFAC09:D7DB31:625AC447
x-timer: S1650132471.129765,VS0,VE100
date: Sat, 16 Apr 2022 18:07:51 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sat, 16 Apr 2022 13:37:35 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
11ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150295979-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6640
date: Sat, 16 Apr 2022 16:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 16 Apr 2022 18:17:11 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ 304 KB
108 KB 56ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3473764004312773&plah=freshbooks2u.com&bust=31067131

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

235462fa3648a2387ba65999af8d3952486043ffc5ad1066662d1f2deecfa313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110952
x-xss-protection: 0
server: cafe
etag: 17144792504313932119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Apr 2022 18:07:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/ Frame 9BEC 10 KB
5 KB 36ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 20:59:15 GMT
etag: 14837630671339829333
expires: Fri, 29 Apr 2022 20:59:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1125783113&t=pageview&_s=1&dl=https%3A%2F%2Ffreshbooks2u.com%2Fdownload%2F%3Ffile%3D%2520%25D9%2583%25D8%25AA%25D8%25A7%25D8%25A8%252040%2520%25D8%25B2%25D9%2586%25D8%25B2%25D8%25A7%25D9%2586%25D8%25A9%2520%25D9%2585%25D9%2586%2520%25D8%25AF%25D8%25A7%25D8%25AE%25D9%2584%2520%25D8%25A7%25D9%2584%25D8%25B9%25D9%2582%25D9%2588%25D9%2584%2520%25D8%25A7%25D9%2584%25D8%25A5%25D8%25AC%25D8%25B1%25D8%25A7%25D9%2585%25D9%258A%25D8%25A9%2520pdf%26prev%3Dhttps%3A%2F%2Ffreshbooks2u.com%2F40-%25D8%25B2%25D9%2586%25D8%25B2%25D8%25A7%25D9%2586%25D8%25A9-%25D9%2585%25D9%2586-%25D8%25AF%25D8%25A7%25D8%25AE%25D9%2584-%25D8%25A7%25D9%2584%25D8%25B9%25D9%2582%25D9%2588%25D9%2584-%25D8%25A7%25D9%2584%25D8%25A5%25D8%25AC%25D8%25B1%25D8%25A7%25D9%2585%25D9%258A%25D8%25A9%2F&ul=en-us&de=UTF-8&dt=%D9%83%D8%AA%D8%A8%20%D9%81%D8%B1%D9%8A%D8%B4%20%D9%85%D9%88%D9%82%D8%B9%20%D9%88%D9%85%D8%AD%D8%B1%D9%83%20%D8%A8%D8%AD%D8%AB%20%D9%84%D9%84%D9%83%D8%AA%D8%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=65061641&gjid=784077276&cid=693547660.1650132473&tid=UA-150295979-1&_gid=1322191244.1650132473&_r=1&gtm=2ou4d0&z=1717362456

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 18:07:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freshbooks2u.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 ar.json
cdn.vuukle.com/widgets/translations/ Frame 0
0 229ms
214ms Preflight
text/plain 2606:4700:10::ac43:1695
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/widgets/translations/ar.json
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://freshbooks2u.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fcedce8ef910211-ZRH
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 16 Apr 2022 18:07:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H2 200 getGeo Show response
vuukle.com/ 90 B
396 B 75ms
38ms XHR
application/json 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vuukle.com/getGeo
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 86400
cf-ray: 6fcedce91f310215-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ar.json Show response
cdn.vuukle.com/widgets/translations/ 13 KB
4 KB 23ms
23ms XHR
application/json 2606:4700:10::ac43:1695
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/widgets/translations/ar.json
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e1c5523f6e9ffd718df53c08fd6be37aa40de5bd25b19e9224e0486e4943127

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 412255
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Mar 2022 09:12:11 GMT
server: cloudflare
etag: W/"623ed8eb-33ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=10800
cf-ray: 6fcedcea495b0211-ZRH
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 newsfeed.js Show response
cdn.vuukle.com/widgets/ 124 KB
46 KB 57ms
38ms Script
application/javascript 2606:4700:10::ac43:1695
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/widgets/newsfeed.js
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f9e65e62114575c26bde910b034c684df11b77329c28d1492de26807f9828e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 388152
cf-polished: origSize=127231
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 22 Dec 2021 12:03:25 GMT
server: cloudflare
etag: W/"61c3140d-1f0ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=10800
cf-ray: 6fcedce8f9aacc5a-ZRH
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 82ms
28ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-150295979-1&cid=693547660.1650132473&jid=65061641&gjid=784077276&_gid=1322191244.1650132473&_u=YEBAAUAAAAAAAC~&z=1253168079

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 16 Apr 2022 18:07:51 GMT
content-type: text/plain
access-control-allow-origin: https://freshbooks2u.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-3473764004312773 Show response
fundingchoicesmessages.google.com/i/ 90 KB
32 KB 57ms
31ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3473764004312773?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3473764004312773&plah=freshbooks2u.com&bust=31067131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

112a3c3b14302fe4553493d9cca19308384960ee9ee23194f133ba3fecd89c23

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-A2BSpu2TXeEZPL07UDO9sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-A2BSpu2TXeEZPL07UDO9sg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-A2BSpu2TXeEZPL07UDO9sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-A2BSpu2TXeEZPL07UDO9sg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cnsnt.platform.js Show response
cdn.vuukle.com/ 4 KB
2 KB 31ms
25ms Script
application/javascript 2606:4700:10::ac43:1695
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/cnsnt.platform.js
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62c3a4f78334221a29592245d0d3cda9fb3a850afc658bc7010682c0b723cb72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 2439
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 15 Apr 2022 12:41:44 GMT
server: cloudflare
etag: W/"62596808-edd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=7200
cf-ray: 6fcedce99a5ccc5a-ZRH
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj: minify

GET
H2 200 bq-publish Show response
publish.vuukle.com/ 45 B
123 B 224ms
208ms XHR
text/plain 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22view_page%22,%22hashed_email%22:%22$534912-53d5-40d5-94b8-04f51c3f2ca7%22,%22hostname%22:%221037930a-173e-4895-853d-b7ab7c77c8dd%22,%22pubdomain%22:%22freshbooks2u.com%22,%22refDomain%22:%22%22,%22sessionId%22:%22787771a4-b526-4491-9b22-9a3b6fc5c018%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22%22,%22article_id%22:%22/download/%22,%22hashed_article_url%22:%22https%3A%2F%2Ffreshbooks2u.com%2Fdownload%2F%3Ffile%3D%2520%25D9%2583%25D8%25AA%25D8%25A7%25D8%25A8%252040%2520%25D8%25B2%25D9%2586%25D8%25B2%25D8%25A7%25D9%2586%25D8%25A9%2520%25D9%2585%25D9%2586%2520%25D8%25AF%25D8%25A7%25D8%25AE%25D9%2584%2520%25D8%25A7%25D9%2584%25D8%25B9%25D9%2582%25D9%2588%25D9%2584%2520%25D8%25A7%25D9%2584%25D8%25A5%25D8%25AC%25D8%25B1%25D8%25A7%25D9%2585%25D9%258A%25D8%25A9%2520pdf%26prev%3Dhttps%3A%2F%2Ffreshbooks2u.com%2F40-%25D8%25B2%25D9%2586%25D8%25B2%25D8%25A7%25D9%2586%25D8%25A9-%25D9%2585%25D9%2586-%25D8%25AF%25D8%25A7%25D8%25AE%25D9%2584-%25D8%25A7%25D9%2584%25D8%25B9%25D9%2582%25D9%2588%25D9%2584-%25D8%25A7%25D9%2584%25D8%25A5%25D8%25AC%25D8%25B1%25D8%25A7%25D9%2585%25D9%258A%25D8%25A9%2F%22,%22referrer%22:%22%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22}&_=1489139930741

Requested by

Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d0f4783ab461baf76b3e7af880c03591c479b7d9edc842dd8aabd9a8afd69f

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://freshbooks2u.com
access-control-allow-credentials: true
cf-ray: 6fcedce9bfe60215-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1

GET
H2 200 bq-publish Show response
publish.vuukle.com/ 0
257 B 207ms
194ms XHR
text/plain 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22web_vitals%22,%22hashed_email%22:%22$2c52dd-652e-46af-bc07-280290bd8878%22,%22hostname%22:%221037930a-173e-4895-853d-b7ab7c77c8dd%22,%22pubdomain%22:%22freshbooks2u.com%22,%22refDomain%22:%22%22,%22sessionId%22:%224f0ee804-ee16-4b69-8546-695be56865a1%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22%22,%22article_id%22:%22/download/%22,%22hashed_article_url%22:%22https%3A%2F%2Ffreshbooks2u.com%2Fdownload%2F%3Ffile%3D%2520%25D9%2583%25D8%25AA%25D8%25A7%25D8%25A8%252040%2520%25D8%25B2%25D9%2586%25D8%25B2%25D8%25A7%25D9%2586%25D8%25A9%2520%25D9%2585%25D9%2586%2520%25D8%25AF%25D8%25A7%25D8%25AE%25D9%2584%2520%25D8%25A7%25D9%2584%25D8%25B9%25D9%2582%25D9%2588%25D9%2584%2520%25D8%25A7%25D9%2584%25D8%25A5%25D8%25AC%25D8%25B1%25D8%25A7%25D9%2585%25D9%258A%25D8%25A9%2520pdf%26prev%3Dhttps%3A%2F%2Ffreshbooks2u.com%2F40-%25D8%25B2%25D9%2586%25D8%25B2%25D8%25A7%25D9%2586%25D8%25A9-%25D9%2585%25D9%2586-%25D8%25AF%25D8%25A7%25D8%25AE%25D9%2584-%25D8%25A7%25D9%2584%25D8%25B9%25D9%2582%25D9%2588%25D9%2584-%25D8%25A7%25D9%2584%25D8%25A5%25D8%25AC%25D8%25B1%25D8%25A7%25D9%2585%25D9%258A%25D8%25A9%2F%22,%22referrer%22:%22%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22,%22webVitals%22:{}}&_=1489139930741

Requested by

Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://freshbooks2u.com
access-control-allow-credentials: true
cf-ray: 6fcedce9bfe70215-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 288ms
266ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-150295979-1&cid=693547660.1650132473&jid=65061641&_u=YEBAAUAAAAAAAC~&z=340457696

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 18:07:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 326ms
304ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-150295979-1&cid=693547660.1650132473&jid=65061641&_u=YEBAAUAAAAAAAC~&z=340457696

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 18:07:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getStories Show response
api.vuukle.com/api/v1/Articles/ 48 B
269 B 221ms
211ms XHR
application/json 2606:4700:10::6816:3da8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vuukle.com/api/v1/Articles/getStories?host=freshbooks2u.com

Requested by

Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/widgets/newsfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57451b950d5eac76bb23fadf705faedda1abec42e30059d861221ac2b3e80cb7

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
age: 90
access-control-allow-credentiails: true
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1
x-varnish: 314969060 314614010
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://freshbooks2u.com
access-control-allow-credentials: true
cf-ray: 6fcedcea083d0215-ZRH
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H3 204 AGSKWxVokhM3StWsbbCsXLzlpPP6cLgDEFTiqu9VHYoOFZ2K29WwgFD05wV7oZcrOWRnjIqWqpanidnvtilAQkejh-g= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 36ms
20ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVokhM3StWsbbCsXLzlpPP6cLgDEFTiqu9VHYoOFZ2K29WwgFD05wV7oZcrOWRnjIqWqpanidnvtilAQkejh-g=?pvid=061D6FE5-93CC-4CE9-A673-066836CDC344&anonid=95030881-CD9B-4AE2-B251-F496762EE675

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YgtdYe4QkcE.es5.O/d=1/rs=AJlcJMxAEMEIxyQeuUb1U8pzM0scR4UM9g/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v3Pg5C0PQ9wsFd2DxZi8tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-v3Pg5C0PQ9wsFd2DxZi8tA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://freshbooks2u.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-v3Pg5C0PQ9wsFd2DxZi8tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-v3Pg5C0PQ9wsFd2DxZi8tA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
646 B 118ms
41ms Script
text/javascript 142.250.203.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=freshbooks2u.com&callback=_gfp_s_&client=ca-pub-3473764004312773

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.203.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

waw07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

2dbe4e348a88391df3117c520382f2b92cfeb73b2afe31200ea6f654f9332ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 57ms
29ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=freshbooks2u.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 53ms
26ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=freshbooks2u.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Apr 2022 18:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4196 263 KB
66 KB 582ms
563ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3473764004312773&output=html&adk=1812271804&adf=3025194257&lmt=1599870341&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffreshbooks2u.com%2Fdownload%2F%3Ffile%3D%2520%25D9%2583%25D8%25AA%25D8%25A7%25D8%25A8%252040%2520%25D8%25B2%25D9%2586%25D8%25B2%25D8%25A7%25D9%2586%25D8%25A9%2520%25D9%2585%25D9%2586%2520%25D8%25AF%25D8%25A7%25D8%25AE%25D9%2584%2520%25D8%25A7%25D9%2584%25D8%25B9%25D9%2582%25D9%2588%25D9%2584%2520%25D8%25A7%25D9%2584%25D8%25A5%25D8%25AC%25D8%25B1%25D8%25A7%25D9%2585%25D9%258A%25D8%25A9%2520pdf%26prev%3Dhttps%3A%2F%2Ffreshbooks2u.com%2F40-%25D8%25B2%25D9%2586%25D8%25B2%25D8%25A7%25D9%2586%25D8%25A9-%25D9%2585%25D9%2586-%25D8%25AF%25D8%25A7%25D8%25AE%25D9%2584-%25D8%25A7%25D9%2584%25D8%25B9%25D9%2582%25D9%2588%25D9%2584-%25D8%25A7%25D9%2584%25D8%25A5%25D8%25AC%25D8%25B1%25D8%25A7%25D9%2585%25D9%258A%25D8%25A9%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650132472718&bpp=3&bdt=276&idt=118&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1443672627011&frm=20&pv=2&ga_vid=693547660.1650132473&ga_sid=1650132473&ga_hid=1125783113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067131%2C31062931&oid=2&pvsid=3316821902148488&pem=580&tmod=1150470364&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cbacbf314e31dd086d2e58cce653f9b079cf08981ddb7db3eaee76080f03e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 68018
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Apr 2022 18:07:51 GMT
expires: Sat, 16 Apr 2022 18:07:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxWz-7EXS34TteTQjLa6_ytb5obtHU5yjc1nHH-p1aEFGrQNmDEBASzpgpirrqSftVjjIBU1G1BiHe9Yj32NxfE= Show response
fundingchoicesmessages.google.com/f/ 44 KB
17 KB 68ms
37ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWz-7EXS34TteTQjLa6_ytb5obtHU5yjc1nHH-p1aEFGrQNmDEBASzpgpirrqSftVjjIBU1G1BiHe9Yj32NxfE=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUwMTMyNDczLDU4MDAwMDAwXSwiMDYxRDZGRTUtOTNDQy00Q0U5LUE2NzMtMDY2ODM2Q0RDMzQ0IiwiOTUwMzA4ODEtQ0Q5Qi00QUUyLUIyNTEtRjQ5Njc2MkVFNjc1IixudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly9mcmVzaGJvb2tzMnUuY29tL2Rvd25sb2FkLyIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94f33bd4d4a5eb0cdce62c80a9a3fad3a51249002f19afe43d75e8a73ada9329

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zEOdzwUG4dbpCWzj8nC8Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-zEOdzwUG4dbpCWzj8nC8Eg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zEOdzwUG4dbpCWzj8nC8Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-zEOdzwUG4dbpCWzj8nC8Eg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sat, 16 Apr 2022 18:07:51 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUvgEI_WX2UrwzwAzbtx1ZSkXZnMMe8iV3ILnChRy4T48iC_QFcrmqVn01i0mp4E2VRBFFtbVPPMP523YbAUOkkIl0g9Ove3h9UAttDtpSKsUaxwsy0sFbQQM-o90WwTCcf_YynwGNKSXiyJx2eYhhTdCLAVByoU9LeDJ7iF8hu8_Gy_6gKgcaUoSiD Show response
fundingchoicesmessages.google.com/el/ 0
28 B 19ms
19ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUvgEI_WX2UrwzwAzbtx1ZSkXZnMMe8iV3ILnChRy4T48iC_QFcrmqVn01i0mp4E2VRBFFtbVPPMP523YbAUOkkIl0g9Ove3h9UAttDtpSKsUaxwsy0sFbQQM-o90WwTCcf_YynwGNKSXiyJx2eYhhTdCLAVByoU9LeDJ7iF8hu8_Gy_6gKgcaUoSiD

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.pOI3oYNPV2c.es5.O/d=1/rs=AJlcJMxT1YLQyQ4528M2Cl22gM2pKHn1Ag/m=iabccpawebsignalscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CGuOdP74RiTCPR9L5joHOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CGuOdP74RiTCPR9L5joHOQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Apr 2022 18:07:51 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://freshbooks2u.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CGuOdP74RiTCPR9L5joHOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CGuOdP74RiTCPR9L5joHOQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUR34MuCj2QVrWQUAoINf9crv6SNVt29yguMFjg5yC9Q4fomu2xivZHSSDHmNy3MFBNmFc80PVXkigvlYBb8hnjh5Qn_5GjupqwpT33nXJnrCdxkzNwYYx_w6w7PyTg6fwWeTRYLvQOSq7F4uAHXQNK5lJrD6_HC8dj0zqVFtlRz3fRBwdF2XolmBOz Show response
fundingchoicesmessages.google.com/f/ 63 KB
23 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUR34MuCj2QVrWQUAoINf9crv6SNVt29yguMFjg5yC9Q4fomu2xivZHSSDHmNy3MFBNmFc80PVXkigvlYBb8hnjh5Qn_5GjupqwpT33nXJnrCdxkzNwYYx_w6w7PyTg6fwWeTRYLvQOSq7F4uAHXQNK5lJrD6_HC8dj0zqVFtlRz3fRBwdF2XolmBOz?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUwMTMyNDczLDE0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxLDFdLCJodHRwczovL2ZyZXNoYm9va3MydS5jb20vZG93bmxvYWQvIixudWxsLFtdXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b4495d70de3c0b59117f978a90308ef38cd09b29624823b70ab074f7e22b440

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Duj4hXHciewA3/RG9FRyqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Duj4hXHciewA3/RG9FRyqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-Duj4hXHciewA3/RG9FRyqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Duj4hXHciewA3/RG9FRyqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sat, 16 Apr 2022 18:07:51 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ 145 KB
51 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/reactive_library_fy2019.js?bust=31067131

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ce4a5ae6403640aafaf3b13fa0c2ed0fe80a2d06386038685195f7cdeb7f2b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52690
x-xss-protection: 0
server: cafe
etag: 7516298931692033631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Apr 2022 18:07:52 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=freshbooks2u.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Apr 2022 18:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=freshbooks2u.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Apr 2022 18:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/ Frame 6011 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 21:18:40 GMT
etag: 14837630671339829333
expires: Fri, 29 Apr 2022 21:18:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/ Frame C363 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 21:18:40 GMT
etag: 14837630671339829333
expires: Fri, 29 Apr 2022 21:18:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 6011 4 KB
634 B 39ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 17:25:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 18:07:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 18:07:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6011 205 B
742 B 52ms
8ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 17:13:37 GMT
x-content-type-options: nosniff
age: 3255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Apr 2023 17:13:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6011 604 B
695 B 52ms
9ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 10:23:26 GMT
x-content-type-options: nosniff
age: 27866
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Apr 2023 10:23:26 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 6011 19 KB
9 KB 49ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 13275616604445095965
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 18:03:45 GMT

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame C363 9 KB
4 KB 53ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 05:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 13:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 05:51:12 GMT

GET
H2 200 d153763d065fc486a30a5318c8635961.js Show response
www.gstatic.com/mysidia/ Frame C363 8 KB
4 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d153763d065fc486a30a5318c8635961.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 05:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:43:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 05:51:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C363 8 KB
892 B 22ms
19ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 17:25:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 18:07:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 18:07:52 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame C363 2 KB
983 B 39ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 18:07:01 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame C363 19 KB
8 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 18:03:53 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame C363 3 KB
1 KB 38ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 18:05:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C363 119 KB
37 KB 65ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 18:07:52 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame C363 15 KB
6 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 18:07:04 GMT

GET
H2 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame C363 29 KB
12 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 14:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:43:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 14:53:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0805 8 KB
892 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 17:19:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 18:07:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 18:07:52 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 0805 2 KB
904 B 23ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 18:07:01 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 0805 19 KB
8 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 18:03:53 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 0805 3 KB
1 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 18:05:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0805 119 KB
36 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 18:07:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 0805 15 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 18:02:26 GMT

GET
H3 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame 0805 29 KB
12 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 14:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:43:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 14:53:37 GMT

GET
H3 200 exbl.php Show response
fundingchoicesmessages.google.com/f/AGSKWxVBbsxkmuQee6-1U53tJ-lbSKDOU-CfepWIpdEaGzc9ElM6jLBsE2RZ0zXGzhr6UHcijPVAvUoMc2Fddf6P8VkNkbekThZZ8V09nNBOdZVqKpB05taM0wtAZO2U0is_Jdu6MI2bel2TdwrKmsKD0slqNZL1m... 54 B
109 B 19ms
19ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVBbsxkmuQee6-1U53tJ-lbSKDOU-CfepWIpdEaGzc9ElM6jLBsE2RZ0zXGzhr6UHcijPVAvUoMc2Fddf6P8VkNkbekThZZ8V09nNBOdZVqKpB05taM0wtAZO2U0is_Jdu6MI2bel2TdwrKmsKD0slqNZL1miQGlYkh_6G0I4iBN8ZJ30_f9g_DytUu6XLHOBebETUnLmHgE7B4SV4UEWr08RoLcko091YB7Tzj2wmR6W0=/_/exbl.php?_adright2..theadtech./468x60v1_/topads1.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.RwnWdm5wniI.es5.O/d=1/rs=AJlcJMyHAzfUSu32DD9dWC2QEm-uQKZ7Bw/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb42986165a072160477dcf7b933ab9a68597a05fe9022442113fba9b6957f81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5SM2mlqEsJkgcloeKx8Qqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5SM2mlqEsJkgcloeKx8Qqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-5SM2mlqEsJkgcloeKx8Qqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5SM2mlqEsJkgcloeKx8Qqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sat, 16 Apr 2022 18:07:52 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 150 B
175 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.RwnWdm5wniI.es5.O/d=1/rs=AJlcJMyHAzfUSu32DD9dWC2QEm-uQKZ7Bw/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b236f82ab80f86a107f3f515f08efd59e273ef9120c58ef6f1f92c5a59676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 17:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149
x-xss-protection: 0
server: cafe
etag: 8503686451332090603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 16 Apr 2022 18:42:17 GMT

POST
H3 204 AGSKWxV6pd5CjSWlQ5sbGD5JCZHzT32t_oQZ90XnpNMyFosBDoIlbb-t8ZdT3PTb7iTLlhzMa1eJHbwrLGAPV1f1XFX2VZX3_DQo_rFY38a7XFGDkqYmUfzNkDoMCaMeRkIEcNEUsAdzCO-1SBBRk7aup5ml-Ge0tlSFp_7pJhfMGBvMSOHsaVqyV-qSQea5 Show response
fundingchoicesmessages.google.com/el/ 0
29 B 23ms
23ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV6pd5CjSWlQ5sbGD5JCZHzT32t_oQZ90XnpNMyFosBDoIlbb-t8ZdT3PTb7iTLlhzMa1eJHbwrLGAPV1f1XFX2VZX3_DQo_rFY38a7XFGDkqYmUfzNkDoMCaMeRkIEcNEUsAdzCO-1SBBRk7aup5ml-Ge0tlSFp_7pJhfMGBvMSOHsaVqyV-qSQea5

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.RwnWdm5wniI.es5.O/d=1/rs=AJlcJMyHAzfUSu32DD9dWC2QEm-uQKZ7Bw/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PzZFuM0LVIKhc7SsV+jZkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PzZFuM0LVIKhc7SsV+jZkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Apr 2022 18:07:52 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://freshbooks2u.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-PzZFuM0LVIKhc7SsV+jZkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PzZFuM0LVIKhc7SsV+jZkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C363 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Czbay9wVbYtK6HJ-A1fAPnfufwAWJ2rqeaa3cuvjvDqm26NvFIhABII3yoHlgleKQgqAHoAGdxeDvAsgBAakCX_01J_cksj6oAwHIA8sEqgTbAU_QuMGtF66PyUfK3mynkSw5qJir_OeHhN-aZ41nE69pUjiifmlai5o1RepuI22YHrPuqtL_Ad2YeluuSyKyVMToeguzLQTMasgXpnEPRRblcvTnmQ6kGtLPXz6-ffS2rOpisXttnnRrc3yfkOjKfXPZ-P72y2VTlTFCiKqySEQ46FzfwXnrcOaFNaro-1HcrV88ZbIPdLH3KojGnPxQr1yNpgRUPoOze0yAFP6NoUvJ9mv4UZsgxkYfCx0o6-E-REmmfYwfjy5ZnN6EYwqvSc4w5Q4qVSEsVDb4XMAE1-2rmv0CkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB_iE6pQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQycoN0ggJCIDhgBAQARgfgAoByAsB2BMMiBQB0BUBgBcBshccChoIABIUcHViLTM0NzM3NjQwMDQzMTI3NzMYAA&sigh=Q5ASAUfrKKU&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 16 Apr 2022 18:07:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 16 Apr 2022 18:07:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C4E2 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 17:08:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E17B 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 17:08:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C363 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7deaaa6318be337ba5b737e690701fbac358819ca7b58b6cd63e9048eb839b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 AGSKWxV6pd5CjSWlQ5sbGD5JCZHzT32t_oQZ90XnpNMyFosBDoIlbb-t8ZdT3PTb7iTLlhzMa1eJHbwrLGAPV1f1XFX2VZX3_DQo_rFY38a7XFGDkqYmUfzNkDoMCaMeRkIEcNEUsAdzCO-1SBBRk7aup5ml-Ge0tlSFp_7pJhfMGBvMSOHsaVqyV-qSQea5 Show response
fundingchoicesmessages.google.com/el/ 0
29 B 21ms
20ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.RwnWdm5wniI.es5.O/d=1/rs=AJlcJMyHAzfUSu32DD9dWC2QEm-uQKZ7Bw/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-m9E6yV++mlz9f9hc1hMUhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-m9E6yV++mlz9f9hc1hMUhQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Apr 2022 18:07:52 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://freshbooks2u.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-m9E6yV++mlz9f9hc1hMUhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-m9E6yV++mlz9f9hc1hMUhQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV6pd5CjSWlQ5sbGD5JCZHzT32t_oQZ90XnpNMyFosBDoIlbb-t8ZdT3PTb7iTLlhzMa1eJHbwrLGAPV1f1XFX2VZX3_DQo_rFY38a7XFGDkqYmUfzNkDoMCaMeRkIEcNEUsAdzCO-1SBBRk7aup5ml-Ge0tlSFp_7pJhfMGBvMSOHsaVqyV-qSQea5 Show response
fundingchoicesmessages.google.com/el/ 0
28 B 58ms
58ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.RwnWdm5wniI.es5.O/d=1/rs=AJlcJMyHAzfUSu32DD9dWC2QEm-uQKZ7Bw/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KdFpToRNaqUU5aDRxotUNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KdFpToRNaqUU5aDRxotUNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Apr 2022 18:07:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://freshbooks2u.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-KdFpToRNaqUU5aDRxotUNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KdFpToRNaqUU5aDRxotUNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXJdHIIDjEert9FDUN51JVkLT-DqUsRDax2RozcIhwpnyUJ-NzY_gqf4ueHOSS8klvzjAVCGS0ljVluwGFKxwf3xOctFFiL6cs-ME3h4KJQ3dCoFIObYWEsZ75NR7YmhvYb-jzxlIlG3iYg1Ea5xOUqlpICm9GNXPnldhQIRqok9FxtFD5SR2wkyKEC Show response
fundingchoicesmessages.google.com/f/ 39 KB
15 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXJdHIIDjEert9FDUN51JVkLT-DqUsRDax2RozcIhwpnyUJ-NzY_gqf4ueHOSS8klvzjAVCGS0ljVluwGFKxwf3xOctFFiL6cs-ME3h4KJQ3dCoFIObYWEsZ75NR7YmhvYb-jzxlIlG3iYg1Ea5xOUqlpICm9GNXPnldhQIRqok9FxtFD5SR2wkyKEC?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUwMTMyNDczLDkzNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vZnJlc2hib29rczJ1LmNvbS9kb3dubG9hZC8iLG51bGwsW11d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.RwnWdm5wniI.es5.O/d=1/rs=AJlcJMyHAzfUSu32DD9dWC2QEm-uQKZ7Bw/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2b3d6fec954d21455ac1b724225494dd4a4b8cafa4e8baf09240b5453892c06

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-W7KdsP3E3XH7PNizL+W5kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-W7KdsP3E3XH7PNizL+W5kg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-W7KdsP3E3XH7PNizL+W5kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-W7KdsP3E3XH7PNizL+W5kg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV6pd5CjSWlQ5sbGD5JCZHzT32t_oQZ90XnpNMyFosBDoIlbb-t8ZdT3PTb7iTLlhzMa1eJHbwrLGAPV1f1XFX2VZX3_DQo_rFY38a7XFGDkqYmUfzNkDoMCaMeRkIEcNEUsAdzCO-1SBBRk7aup5ml-Ge0tlSFp_7pJhfMGBvMSOHsaVqyV-qSQea5 Show response
fundingchoicesmessages.google.com/el/ 0
28 B 54ms
54ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.RwnWdm5wniI.es5.O/d=1/rs=AJlcJMyHAzfUSu32DD9dWC2QEm-uQKZ7Bw/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yM3F+bbNdAHpmHw13JrG4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-yM3F+bbNdAHpmHw13JrG4Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Apr 2022 18:07:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://freshbooks2u.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yM3F+bbNdAHpmHw13JrG4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-yM3F+bbNdAHpmHw13JrG4Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C4E2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

87ms
86ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 18:07:52 GMT
expires: Sat, 16 Apr 2022 18:07:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 18:07:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 238F 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 09:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Apr 2023 09:47:16 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E17B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

127ms
127ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 18:07:52 GMT
expires: Sat, 16 Apr 2022 18:07:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 18:07:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame D1C2 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 09:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Apr 2023 09:47:16 GMT

POST
H3 204 AGSKWxVHyDb8rYx-Y1SbBYUSpTAJu088zIyj6nl9q1_ZuRPk0upx4SFXeC-Ebc5TOC2sEBM7Ih_YHb-n1VqXRbc4ersRnN2Ijvq1OvfcOufoDGogSnXw7IWGnK0lIJpKWtfvBArIRNhn-ET5LTgX2x5Sr97cVvPVU1JTe5r4J1agEMFFM50v1Of2CMl-OXrk Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
36ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHyDb8rYx-Y1SbBYUSpTAJu088zIyj6nl9q1_ZuRPk0upx4SFXeC-Ebc5TOC2sEBM7Ih_YHb-n1VqXRbc4ersRnN2Ijvq1OvfcOufoDGogSnXw7IWGnK0lIJpKWtfvBArIRNhn-ET5LTgX2x5Sr97cVvPVU1JTe5r4J1agEMFFM50v1Of2CMl-OXrk

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.pTVakmQL07c.es5.O/d=1/rs=AJlcJMy6Xz2dtlaFc-7PPJ7W1iVPG0WWJA/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-i32L3PGR3Dd4b5ItHHMCKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-i32L3PGR3Dd4b5ItHHMCKA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Apr 2022 18:07:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://freshbooks2u.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-i32L3PGR3Dd4b5ItHHMCKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-i32L3PGR3Dd4b5ItHHMCKA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 45ms
30ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9af507c07532d4778867ed28df314bceb88ad0f3e78c59f745d3c3efe9c1682d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Apr 2022 18:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10669
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 18:07:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A5B 13 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freshbooks2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Apr 2022 16:34:49 GMT
expires: Sun, 16 Apr 2023 16:34:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 791E 783 B
534 B 17ms
17ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

87e4c299d2348e67a0e65686809059e9d38fbfaa719663c4e0f3515001171d99

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-65I0aozm46jrIodB1Ss6+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freshbooks2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-65I0aozm46jrIodB1Ss6+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 16 Apr 2022 18:07:52 GMT
expires: Sat, 16 Apr 2022 18:07:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 791E 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=3316821902148488&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A5B 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 09:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Apr 2023 09:47:16 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3A5B 0
9 B 13ms
11ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bIe4pg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:07:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
74ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220413&jk=3316821902148488&bg=!hoWlhcHNAAZvJBiFTyQ7ACkAdvg8WvgBHABCAqA1l6k9s81j3P65IRBcCcN7ElW9Tt1ELY9OQYcX3wIAAACLUgAAAAJoAQeZAqVMwwgmiOzdRr1C5oWIjCGM2UnA3Tk0BMZxPQunFIK8ezYCbIaf3choOTVb1BtFg1lrxCkGGR76DNMwoIE1SMLXGJaddtHnZy82bX9b6x_N0KrVw_QYpxrwQ6TKtlyHKhtQoi5FovBK3nZlBIRsntJtHwKr0HbbFNerXGL-iCti8lYzaIkMpXsuT4IZbsAYJa8tSKHUkTkeGAQhLkgFIpDLlUTO7Y9i1u3ryKtaUWVhsJuX4jQQp3qcdToAAqrbX4xojxqEd4EdxCbCIpdVd87FyiEQjdhofMSh7vVVVVWQ4ktXdvhiTP_RDp0ujpqAPPG9VokzB2-ltJf1X5NgTi1FGpQX7__VdIq5IUL71640FsVJrdyoGUDWn0US0Xum_FGke1a9L-pxX59iRwguZcNqn-AZZG3OTXk8ajVZPjaw8sw9KG8nvqrlSZ9Uzr6Lf6P2ERYzFbUmLCsxEcnE-tmGk4ETrAwF6HYLcG_9IRTNoYX_-DWUFf_vp1EZSUW7Ncsi2KdclhD33NDKUOmdN0FNvCTdRouCZVndveaj7nUKPXEkl5wjuMHvC3GXjgsoNOuOPmtiGmUgWF7qWWP4SN6kbUDSH8grvV10yr4UoqAvyHPU2Cv9JEABqM19sdiwAC4tt0H8QQ4TOxfU16Ua3xnwn5MwjAoshQ64Y8UjGf40EBgkx--hpj3_qrajRlgG8qdzmxSNGqjEBO2hys1ou-yeJPaLycoDuc9ALKxTBWsJH6OSofFt2zvcjZcMn37XaIQeQZrFSLLW0ZAUtnBRZQ2jHSXx9jS_G78fMqIVRs3uf-gzGPXlioQBo0F_lQIbXvBJ0c9m7NFgOnrBrxbU2KGcgwG0GYMsTZfirPwX8b3eZLSsGdJFee4_XJpaf3synvI3qIvGKw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freshbooks2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C363 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveBxuMuVuW_fjc-vsCrKCx141gLZ3WZKJKV2mLu2uT9IN4i3JFEzMhG7Zgl2tyOHRat6B8q98sGh1vT2GN12wFt4xmzgPwEL_VbnT6roeEQvBnKySQgw&sai=AMfl-YT1SPNP6OWJ0rJetlNvFATvvIOeUccBYf-kV0euq_hdnsOBQuMirc9r0nWkff5dEIW2Kaf0CcJhfTDI&sig=Cg0ArKJSzOmYbjvl7iS9EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=129,812,1000,1148,1148&tos=129,683,188,148,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650132473734&rpt=263&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 18:07:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.freshbooks2u.com/	1970-01-20 19:53:24	Name: _ga Value: GA1.2.693547660.1650132473
.freshbooks2u.com/	1970-01-20 02:23:38	Name: _gid Value: GA1.2.1322191244.1650132473
.freshbooks2u.com/	1970-01-20 02:22:12	Name: _gat_gtag_UA_150295979_1 Value: 1
.freshbooks2u.com/	1970-01-20 11:43:48	Name: __gads Value: ID=c82726058476b37a-225686cb78cd0064:T=1650132471:RT=1650132471:S=ALNI_MbZ_CT0-Owx1CwDAmgGfvkw5vzNZA
.doubleclick.net/	1970-01-20 11:43:48	Name: IDE Value: AHWqTUk7UrTZzi08u0UTcCJOuGayeTdsNz2F_gIB2OK_LeDNZQ_KiBaFoA-uQPbdyCg
.freshbooks2u.com/	1970-01-20 11:07:48	Name: FCNEC Value: [["AKsRol8gbqZFN3In2wNr2BkpmHfRXMBnnXbYlobX4UxBViJnKkpqRGLhtcoQWSDhACWBMUyLODMHTggKZWhsSL1avAaY0RPMamB1T_fj1h-kukpKMFZ8CMjbANomzNNz72Hgpm3DikEnW0ulixcI2gmHo3iTH8zNIg=="],null,[]]
.doubleclick.net/	1970-01-20 02:22:16	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-3473764004312773&fa=1&ifi=3&uci=a!3&xpc=y6ixT7xzkL&p=https%3A//freshbooks2u.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.vuukle.com
cdn.jsdelivr.net
cdn.vuukle.com
fonts.googleapis.com
fonts.gstatic.com
freshbooks2u.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i.gr-assets.com
pagead2.googlesyndication.com
partner.googleadservices.com
publish.vuukle.com
s.gr-assets.com
stats.g.doubleclick.net
tpc.googlesyndication.com
use.fontawesome.com
vuukle.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
zakz007.github.io
142.250.203.130
2606:4700:10::6816:3da8
2606:4700:10::ac43:1695
2606:4700::6810:5614
2606:50c0:8000::153
2a00:1450:4001:800::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9a
2a06:98c1:3121::7
65.9.67.110
99.86.7.92
99.86.8.8
09605edfb57b1e39cc71f28af187e7a56544a7f9ffc1ad977229e5b8323f8f25
0c44eabdb457cb2305beba80a2c266db78661bedf1f9a8d3f8e5b707489136d4
0cbacbf314e31dd086d2e58cce653f9b079cf08981ddb7db3eaee76080f03e99
0d143c860b44f2cd25778fec825908704c2ac0e0173154bfea6f31ec573984f5
112a3c3b14302fe4553493d9cca19308384960ee9ee23194f133ba3fecd89c23
1135ea34b1fb783d2f2ee57b7b6ca67afbf2a94b90ea8fb5271825e4548b7858
1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
16428c68e098c6de7dd5a1394a9730370721e7b4773067ed26bd36e36d632613
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
235462fa3648a2387ba65999af8d3952486043ffc5ad1066662d1f2deecfa313
2390df576cb1c1bff0d62eb2dbb75942aa32b030335eb4bac5164f9f7f614836
2dbe4e348a88391df3117c520382f2b92cfeb73b2afe31200ea6f654f9332ec2
2f567ffaf3e6c947ae84b8ee9440701c76e3e1684811970315206410611373b2
313e0b6174146d0fcd896947f9f40e18219e2167b7304d1c80de23804df54dee
320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
40b236f82ab80f86a107f3f515f08efd59e273ef9120c58ef6f1f92c5a59676f
463d0ef0ef39e70ebb8220c6e586a498b656a37725ff2dea894b4e7725f1fffd
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b9ad34701d1b38cdb1436d5981b9e71c44f710d3cf8805eb7c7fa6b297287d
57451b950d5eac76bb23fadf705faedda1abec42e30059d861221ac2b3e80cb7
5b4495d70de3c0b59117f978a90308ef38cd09b29624823b70ab074f7e22b440
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ce4a5ae6403640aafaf3b13fa0c2ed0fe80a2d06386038685195f7cdeb7f2b3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c3a4f78334221a29592245d0d3cda9fb3a850afc658bc7010682c0b723cb72
64a386be9ed85705f6ea0d9dd28a03bdb481412122222e0177d16e2bed76664d
6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ac5fb88c1b410287fa4b3f2259d3a67a75d530a4bdeeac1b98b597537069929
7deaaa6318be337ba5b737e690701fbac358819ca7b58b6cd63e9048eb839b1b
7e1c5523f6e9ffd718df53c08fd6be37aa40de5bd25b19e9224e0486e4943127
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7f9e65e62114575c26bde910b034c684df11b77329c28d1492de26807f9828e5
80800254dfe763fa806d13ac92fead21d4cd2daacb5dcb966d5f45e9ceb59eae
83b61b4e2f8224860db4fb1826dd30345d2dcfac9f87c20af434bf1c774c971d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86954b43616f5422536f7428745b8c2f0ff56bde785b6cb823dc64c89b576749
87e4c299d2348e67a0e65686809059e9d38fbfaa719663c4e0f3515001171d99
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
90f72403cd14c4919a0f8ebc86897d9a4194eedcc227605c558b5fe4563836bd
94f33bd4d4a5eb0cdce62c80a9a3fad3a51249002f19afe43d75e8a73ada9329
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
9af507c07532d4778867ed28df314bceb88ad0f3e78c59f745d3c3efe9c1682d
a141246ec0bcd7201e9f23b3123a1f5519fefb3bc7a0ccf06b410f9de48dec22
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3
b760e647fcf05b3ce1152b223160beef7771a9e5bbf6b68f849dc0f433f60675
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
c0d8568fe6f9d837f664000f1973f22009d776aabb49bd6daf692912825f6e28
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
d2b3d6fec954d21455ac1b724225494dd4a4b8cafa4e8baf09240b5453892c06
d70570152f16a7042d5217307086e0493efd7dc46f843e8fe160d1256ef19d40
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b7c76c9afe8eedce734f7d8c524c475c403eef024cf1d4f2e3f92775ff5406
f7d0f4783ab461baf76b3e7af880c03591c479b7d9edc842dd8aabd9a8afd69f
fb42986165a072160477dcf7b933ab9a68597a05fe9022442113fba9b6957f81

freshbooks2u.com Open in urlscan Pro 99.86.7.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

101 Requests

100 %HTTPS

83 %IPv6

16 Domains

26 Subdomains

25 IPs

3 Countries

1185 kBTransfer

3239 kBSize

7 Cookies

1 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freshbooks2u.com Open in urlscan Pro
99.86.7.92 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

100 %
HTTPS

83 %
IPv6

16
Domains

26
Subdomains

25
IPs

3
Countries

1185 kB
Transfer

3239 kB
Size

7
Cookies

101 HTTP transactions
1 data transactions