urlscan.io logo urlscan.io
SecurityTrails logo

wizid.blogspot.com Open in urlscan Pro
2a00:1450:4001:812::2001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.contracostatimes.com/news/ci_24819771/document-appeal-describes-jahi-mcmaths-post-surgical-bleeding
Effective URL: https://wizid.blogspot.com/
Submission Tags: falconsandbox
Submission: On June 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 6 countries across 21 domains to perform 174 HTTP transactions. The main IP is 2a00:1450:4001:812::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is wizid.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on June 6th 2022. Valid for: 3 months.
This is the only time wizid.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 151.101.193.53 54113 (FASTLY)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
60 2620:1ec:c11:... 8068 (MICROSOFT...)
2 46.105.201.240 16276 (OVH)
2 6 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 192.99.13.63 16276 (OVH)
1 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
1 178.250.2.135 44788 (ASN-CRITE...)
2 178.250.2.150 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
174 30
2    151.101.193.53 (United States)

ASN54113 (FASTLY, US)
www.contracostatimes.com
10    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2606:4700:3032::ac43:d5f5 (United States)

ASN13335 (CLOUDFLARENET, US)
uads.coky.cc
60    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tse1.mm.bing.net
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
6    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
13    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
wizid.blogspot.com
3.bp.blogspot.com
1.bp.blogspot.com
4.bp.blogspot.com
1    2a00:1450:4001:80e::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
10    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:200::347 (United States)

ASN54113 (FASTLY, US)
cdn.statically.io
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
12    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    192.99.13.63 (Terrebonne, Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net
s4.histats.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
15    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
60 bing.net
tse1.mm.bing.net — Cisco Umbrella Rank: 8477
1 MB
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
323 KB
13 blogspot.com
wizid.blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 12414
1.bp.blogspot.com — Cisco Umbrella Rank: 9765
4.bp.blogspot.com — Cisco Umbrella Rank: 12431
389 KB
12 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
69 KB
10 criteo.net
static.criteo.net — Cisco Umbrella Rank: 606
pix.eu.criteo.net — Cisco Umbrella Rank: 6881
csm.eu.criteo.net — Cisco Umbrella Rank: 7033
65 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
159 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 8
adservice.google.com — Cisco Umbrella Rank: 92
3 KB
7 coky.cc
uads.coky.cc
21 KB
6 gstatic.com
www.gstatic.com
36 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
3 KB
3 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13468
ads.eu.criteo.com — Cisco Umbrella Rank: 7052
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8884
40 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
127 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 7751
www.google.de — Cisco Umbrella Rank: 5448
1 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 16196
s4.histats.com — Cisco Umbrella Rank: 13665 Failed
10 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 contracostatimes.com
www.contracostatimes.com
9 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
644 B
1 statically.io
cdn.statically.io — Cisco Umbrella Rank: 14940
590 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
40 KB
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 8410 Failed
56 KB
0 jsdelivr.net Failed
cdn.jsdelivr.net Failed
174 21
Domain Requested by
60 tse1.mm.bing.net www.contracostatimes.com
uads.coky.cc
15 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com uads.coky.cc
pagead2.googlesyndication.com
wizid.blogspot.com
tpc.googlesyndication.com
www.googletagservices.com
10 cdnjs.cloudflare.com www.contracostatimes.com
wizid.blogspot.com
uads.coky.cc
7 static.criteo.net ads.eu.criteo.com
7 uads.coky.cc 1 redirects www.contracostatimes.com
uads.coky.cc
wizid.blogspot.com
6 www.gstatic.com googleads.g.doubleclick.net
6 3.bp.blogspot.com wizid.blogspot.com
6 www.google.com 2 redirects uads.coky.cc
wizid.blogspot.com
tpc.googlesyndication.com
3 fonts.googleapis.com googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
3 wizid.blogspot.com www.google.com
wizid.blogspot.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 4.bp.blogspot.com wizid.blogspot.com
2 1.bp.blogspot.com wizid.blogspot.com
2 s10.histats.com www.contracostatimes.com
wizid.blogspot.com
2 www.contracostatimes.com 1 redirects
1 pix.eu.criteo.net ads.eu.criteo.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 www.google.de wizid.blogspot.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.statically.io uads.coky.cc
1 www.googletagmanager.com uads.coky.cc
1 www.blogger.com wizid.blogspot.com
1 s4.histats.com s10.histats.com
0 cdn.jsdelivr.net Failed wizid.blogspot.com
174 33

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.coky.cc
E1		 2022-05-16 -
2022-08-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
statically.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-18 -
2023-03-22		 a year crt.sh
histats.com
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-18 -
2022-08-13		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-22 -
2022-08-24		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://wizid.blogspot.com/
Frame ID: 1EA4F2DD7ADDEF33C3A3B0ACE938CF0C
Requests: 121 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html
Frame ID: 0465237731586A6806F7144F9899D1A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&adk=1812271804&adf=3025194257&lmt=1655088524&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwizid.blogspot.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449945&bpp=3&bdt=273&idt=142&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3004609200651&frm=20&pv=2&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157
Frame ID: 1E81E091A2D0123F91E44D8230F727E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&h=280&slotname=9971020852&adk=391616158&adf=428091284&pi=t.ma~as.9971020852&w=1110&fwrn=4&fwrnh=100&lmt=1655088524&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwizid.blogspot.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449948&bpp=2&bdt=276&idt=160&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004609200651&frm=20&pv=1&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGFO4GPP0a&p=https%3A//wizid.blogspot.com&dtd=164
Frame ID: 752B9558C65C744ACEC34B1D2D490FD2
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Frame ID: 2116A36FEA1369641ECD64A47198C2DB
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1493639BB95AE2AF02E1ABF6D2675093
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Frame ID: D77906BF683085D9ADC51E747D1FB3F8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7DA56E94C34FCCF5206BBB23F2B0BB45
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9BF45900DF46FF12E4D0567C1F5E805A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 11E913EE04AB25DF6ECAACC9D7CE10F0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4825F5A1A29892511E65298B5C56CB92
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0598663F0139573F16EA7B427D06042E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Best Tips And References

Page URL History Show full URLs

  1. http://www.contracostatimes.com/news/ci_24819771/document-appeal-describes-jahi-mcmaths-post-surgical-bleeding HTTP 307
    http://www.contracostatimes.com/ Page URL
  2. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXu5eFrNX4... Page URL
  3. https://wizid.blogspot.com/ Page URL
  4. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXu5eFrNX4... Page URL
  5. https://wizid.blogspot.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

174
Requests

96 %
HTTPS

76 %
IPv6

21
Domains

33
Subdomains

30
IPs

6
Countries

2670 kB
Transfer

4697 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.contracostatimes.com/news/ci_24819771/document-appeal-describes-jahi-mcmaths-post-surgical-bleeding HTTP 307
    http://www.contracostatimes.com/ Page URL
  2. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXu5eFrNX4AhUKNxoKHT_3D88QFnoECAcQAQ&url=https%3A%2F%2Fwizid.blogspot.com%2F%23uads%3DaHR0cDovL3d3dy5jb250cmFjb3N0YXRpbWVzLmNvbS98c3BsaXR8Y2EtcHViLTA2ODU0NzA2NTgzOTUwNTh8c3BsaXR8aHR0cHM6Ly93aXppZC5ibG9nc3BvdC5jb20v&usg=AOvVaw0BCNEGrAiG3QUYDxVCKO9- Page URL
  3. https://wizid.blogspot.com/ Page URL
  4. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXu5eFrNX4AhUKNxoKHT_3D88QFnoECAcQAQ&url=https%3A%2F%2Fwizid.blogspot.com%2F&usg=AOvVaw0BCNEGrAiG3QUYDxVCKO9- Page URL
  5. https://wizid.blogspot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.contracostatimes.com/news/ci_24819771/document-appeal-describes-jahi-mcmaths-post-surgical-bleeding HTTP 307
  • http://www.contracostatimes.com/
Request Chain 2
  • http://uads.coky.cc/client.js HTTP 301
  • https://uads.coky.cc/client.js
Request Chain 163
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 165
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

174 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.contracostatimes.com/
Redirect Chain
  • http://www.contracostatimes.com/news/ci_24819771/document-appeal-describes-jahi-mcmaths-post-surgical-bleeding
  • http://www.contracostatimes.com/
33 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.contracostatimes.com/
Protocol
HTTP/1.1
Server
151.101.193.53 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d9a2ff752d16b592e526d3dadd6f23d346d9dcb65f6e6943cdc754d56c9c708b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
7880
Content-Type
text/html; charset=UTF-8
Date
Thu, 30 Jun 2022 20:37:27 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
LiteSpeed
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-hhn4072-HHN
X-Timer
S1656621448.613732,VS0,VE250

Redirect headers

Accept-Ranges
bytes
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 30 Jun 2022 20:37:27 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
http://www.contracostatimes.com/
Pragma
no-cache
Server
LiteSpeed
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-hhn4072-HHN
X-Timer
S1656621448.562469,VS0,VE33
jquery.slim.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.contracostatimes.com/
Origin
http://www.contracostatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
837395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22329
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-11ab4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KW8nBV8grTacDeAF4BW%2Fyo3YUgw%2BjMAUfBEws5RkXKjqkbHd6WEVtFxQilTLaaJHJhEUW%2B2iiuSWc4v9%2Ba%2FTkSE8Y8d%2F%2FcECOX8J9LEiMOn6c%2B%2FHiRiL3%2FjSTO0dkz6UeptYAxcCDNkWJl8CnCwUCGje"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7239b33198649244-FRA
expires
Tue, 20 Jun 2023 20:37:27 GMT
client.js
uads.coky.cc/
Redirect Chain
  • http://uads.coky.cc/client.js
  • https://uads.coky.cc/client.js
446 B
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uads.coky.cc/client.js
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Server
2606:4700:3032::ac43:d5f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0728a87e77d539c59fcfec9bbfcf91e61fe2874e9720bb51995718bf7ee93a3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 20:37:28 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-litespeed-cache
hit
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrHJjFhwm2JC2RER2zP%2BH0P5qm7ISb3v%2B7tumAQlYJX8ZxuQyyPdUZEI0PH24LVvv14f7awA%2FxmDCW9DyhM2L3sZio%2FUGK94YO%2B7wk9NnSI%2BkFQG9ra6LuR%2BTVRtwg2bH3bhU%2BK%2F5U55EyY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, max-age=300
cf-ray
7239b3336bc59188-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Date
Thu, 30 Jun 2022 20:37:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bu4SnAaMcKBe3v8nnLaqvcuHbIdQ2eB1Xq5P7jiYetK5W9O3JiQY3v4pkY50lJwfHzoUsqJ%2Bi23i67hr8Qzy96Ore0j6ZjOfvACGzhqrLK72ji5qKblUNvUyYgQiqF3opUPy97MkdqC0qUk%3D"}],"group":"cf-nel","max_age":604800}
Location
https://uads.coky.cc/client.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7239b332e8209247-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Thu, 30 Jun 2022 21:37:28 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/css/ 		158 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/css/bootstrap.min.css
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
http://www.contracostatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3199523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17725
timing-allow-origin
*
last-modified
Thu, 28 Oct 2021 16:03:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"617ac9de-453d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCbDvpQAh91dcjZ5zwDAnZOMJBa99dCo8gaTG95JYAyvfN6gWXQRsoV%2BwudXZLI%2BuDKs44Qix%2Fi5D%2Bzr%2B5UXc0et693%2Fie2sNfIj%2Fao1Ku7OLB3jY%2BfipEEal54A3PCZqTXMZH81UoPDReyeHh%2BFwBUr"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7239b33198619244-FRA
expires
Tue, 20 Jun 2023 20:37:27 GMT
th
tse1.mm.bing.net/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20romance%20anime%20on%20funimation%202021
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b7abf9b040181bca1fc39d58b5cb249b5d45b5fd542cc06fe20304b256ea3423

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8F73C2308E0A4BDEB6B13D652DC29CB1 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
15900
th
tse1.mm.bing.net/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20fitness%20nashua%20holiday%20hours
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0ea3817468ffdc3ca87d6abfb10b36576a42c0ed9800fd409647152f90acbe32

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AFB8348686514887B1476F78C2297FDD Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
60045
th
tse1.mm.bing.net/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20salt%20nic%20juice%20canada
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2655afc8707926b8c93e6d0752a09807668a3c3e6400ad831d61950c8787db94

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A553230CAA53435F8D84445AED1F7878 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
32198
th
tse1.mm.bing.net/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20multivitamin%20canada%20reddit
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f234a85cf580a4a2018b0ee3257f067cdb4e00d836ba1ab7620fd65c716a03f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4196E9AE2B1B4C08AE01ED45D12B4131 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
41448
th
tse1.mm.bing.net/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20friend%20tik%20tok%20dance
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5daca703e67e607bae5df9f5a6cccb7e9dda8aa2376ecd7c366c4a51e030f0b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 96B84098F8674A8B82985FE9DD57DB66 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
47319
th
tse1.mm.bing.net/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20mattress%20for%20fibromyalgia%20uk
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B5F323BAACDA4CEDBBF48AD100044BBE Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
19460
th
tse1.mm.bing.net/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20mattress%20topper%20for%20shoulder%20pain
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7a88e445b4d0a6d5fcde80468365af00d5996de692f6ff14e6ac72d8e200a554

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A8581BDC7C2D4A84AFEFCF178A1A3BF6 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
16224
th
tse1.mm.bing.net/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20shows%20on%20netflix%202021
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6DD23DD71E9341A89B11EA900AF3C5B9 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
24882
th
tse1.mm.bing.net/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20buy%20hours%20richmond
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
18091af95ac15ae6494cf1e5823d2ef8ba22b7b8048e6fd23474acf5b982adf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 25D7CEDA9C1D47D89CB538DAC11ACB79 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
14747
th
tse1.mm.bing.net/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20seafood%20market%20in%20santa%20monica
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 943A1413192F49C0BE2A327CB10147BB Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
31177
th
tse1.mm.bing.net/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20mattress%20under%20500%20king
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B16D36ED193D49FB858A959F7840BA70 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
22368
th
tse1.mm.bing.net/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20slots%20to%20play%20in%20vegas%202022
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F9D25115DC414CEAA65FEC435B43014F Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
56537
th
tse1.mm.bing.net/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=mythbusters%20best%20season%20reddit
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 49BB2736215048169C55098247B483C3 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
51262
th
tse1.mm.bing.net/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20cyber%20monday%20deals%202021
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ebd991569344f4acd94d28be029bad6019dc6cb9253343d9ca7b6fdf304150a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B8FEFC9C7E5B4E73B2E7451D0C2F9CCA Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
14354
th
tse1.mm.bing.net/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=america%27s%20best%20pics%20and%20videos%20app
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A7DB9D5C0D61451D908A85EADCCFFE7A Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
45158
th
tse1.mm.bing.net/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20dynasty%20warriors%20game%20psp
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CB2FD9DACD51449FB0B2F1B6FDFE441D Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
37572
th
tse1.mm.bing.net/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=boston%20best%20rate%20movers%20reviews
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 666E051033634FEB96264211D8808BB4 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
11088
th
tse1.mm.bing.net/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20military%20branch%20to%20join%20reserves
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2F9AE18E810E49B2B8AC3A7328BDA8D0 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
40288
th
tse1.mm.bing.net/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20digimon%20game%20ps4
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F3FB57347AA144F3BACC19090A0F9067 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
33578
th
tse1.mm.bing.net/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20tablet%20for%20photo%20editing%202022
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 28E347D2F2C34ACDB1EEFA6A56D9C00A Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
29136
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20cyber%20monday%20deals%202020&w=50&h=50&c=7
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 250A653643F141EEBA4D2D7BB7B1BE5C Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1912
th
tse1.mm.bing.net/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20credit%20cards%202022%20uk&w=50&h=50&c=7
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BC2722B855FF42358F0810446AFDFA26 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1397
th
tse1.mm.bing.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20canadian%20travel%20credit%20card%20reddit&w=50&h=50&c=7
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 337913D6A7ED41239A7DDD0F5490CB0F Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1460
th
tse1.mm.bing.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20netflix%20series%20of%20all%20time&w=50&h=50&c=7
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 77B75E124F264B00AFFB9F02BFEF0DF4 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1477
th
tse1.mm.bing.net/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20probiotic%20for%20women%20over%2050&w=50&h=50&c=7
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 19AE36E4280B458E966FF38BB3C6BF12 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1171
th
tse1.mm.bing.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20brandy%20brand%20for%20eggnog&w=50&h=50&c=7
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 823A525185524E859998E81DD9C4322F Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1448
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20offensive%20linemen%20in%202022%20nfl%20draft&w=50&h=50&c=7
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 306754E6560A4B788F41F783390ECDA0 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1711
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20laptops%20for%20architects%20under%201000&w=50&h=50&c=7
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4717877B43464BED96E1F29089CB92B6 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1548
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20white%20elephant%20gifts%20reddit&w=50&h=50&c=7
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C0BCDB450E5E42BFB96471594565B45E Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1538
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20mobile%20games%20reddit%202020&w=50&h=50&c=7
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BC60FB96AA3F491289EE692E75C39117 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:28Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1741
bootstrap.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/js/ 		81 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/js/bootstrap.bundle.min.js
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
http://www.contracostatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4816682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19418
timing-allow-origin
*
last-modified
Thu, 28 Oct 2021 16:03:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"617ac9de-4bda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiLfZbhlw7Rewj3KkHXFev2w%2Bngm9aQdt%2BzdsMZl3neQTCwIMc%2FPTW2Lo9%2BwIN3eX1QqQI%2FQJCipyhXEWsgCe49xDF1yuGG4j2VPULqk5qkvMn7Rk3N2t3CUMfqB0J8TxEUinUoKIGv7ptNaFJZjeBg%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7239b331d8c29244-FRA
expires
Tue, 20 Jun 2023 20:37:27 GMT
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.contracostatimes.com/
Origin
http://www.contracostatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10578732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3150
timing-allow-origin
*
last-modified
Sat, 02 Jan 2021 18:12:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ff0b799-1ed1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVwnH5x13qoGNONz7h%2FaNR8nskx1JqG%2FWKXV7UCTYGyulVb6SjW2MZ%2FWGNsaozGK3c5jxfXt1RFu7ytlwVP3EeWz9U0XRahgyoy8h1naik%2FJy96AnS57lUCAuMMNFmT1T1u7oyKgN%2Bpk6%2Fb0XipLRbbg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7239b3321df29b57-FRA
expires
Tue, 20 Jun 2023 20:37:28 GMT
ping
uads.coky.cc/uads/ 		376 B
985 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uads.coky.cc/uads/ping?x=http%3A%2F%2Fwww.contracostatimes.com%2F
Requested by
Host: uads.coky.cc
URL: http://uads.coky.cc/client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d5f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache
hit
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naxm0IIGuK3ZpcgWzgUrKM5RRpr5tzVpUOBBV3m0PCl9LERMXT4HJGj0GZkbJRDRvhd6OvMXrWw%2B9bZDPaJ1FAJ9rXm0NJonVblu%2Fz9yQDshdJ%2Bppk6t6cAJx1dFJIJf1izFNLMCMIUkLKk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=60
cf-ray
7239b3341a0b9b2e-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
truncated
/ 		134 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93ee19994358156fbbe3bcbb748f51b8d5bd6199ff589f8955eaacfa59d5cb2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: www.contracostatimes.com
URL: http://www.contracostatimes.com/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.contracostatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
W/"-375139978"
x-cacheable
Matched cache
vary
Accept-Encoding
x-iplb-instance
40743
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
x-iplb-request-id
D972DA18:931A_2E69C9F0:0050_62BE0988_22336:2725
content-length
4547
x-request-id
263128321
url
www.google.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXu5eFrNX4AhUKNxoKHT_3D88QFnoECAcQAQ&url=https%3A%2F%2Fwizid.blogspot.com%2F%23uads%3DaHR0cDovL3d3dy5jb250cmFjb3N0YXRpbWVzLmNvbS98c3BsaXR8Y2EtcHViLTA2ODU0NzA2NTgzOTUwNTh8c3BsaXR8aHR0cHM6Ly93aXppZC5ibG9nc3BvdC5jb20v&usg=AOvVaw0BCNEGrAiG3QUYDxVCKO9-
Requested by
Host: uads.coky.cc
URL: http://uads.coky.cc/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
http://www.contracostatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in
unload
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
592
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 20:37:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
0.php
s4.histats.com/stats/ 		0
0
/
wizid.blogspot.com/ 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wizid.blogspot.com/
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXu5eFrNX4AhUKNxoKHT_3D88QFnoECAcQAQ&url=https%3A%2F%2Fwizid.blogspot.com%2F%23uads%3DaHR0cDovL3d3dy5jb250cmFjb3N0YXRpbWVzLmNvbS98c3BsaXR8Y2EtcHViLTA2ODU0NzA2NTgzOTUwNTh8c3BsaXR8aHR0cHM6Ly93aXppZC5ibG9nc3BvdC5jb20v&usg=AOvVaw0BCNEGrAiG3QUYDxVCKO9-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3725ff986eff6e61bed566ed4cd055aee01e0902b13fd852d7d30835768999dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
11083
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 20:37:29 GMT
etag
W/"62155aff4144ad4cc1544fc8392339a186c66cf2ea8776200acc1715b1c0000c"
expires
Thu, 30 Jun 2022 20:37:29 GMT
last-modified
Mon, 13 Jun 2022 02:48:44 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
srv.js
uads.coky.cc/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uads.coky.cc/srv.js
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d5f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1acbd36bbba03af9369f64e309d241418e57198662539cfa7cb3df74287657f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-litespeed-cache
hit
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vW%2BTfr2IL%2Bh9AD%2F4kjnajQupvx70nBgJ887GrDm7p%2F2xxjcfNlPpMtXHYKasDMJjVMvxtpKCY1AwnXLEkRzif%2FA6U9YXdxzPt4DuY90OXZbm1EN4Jr391zvBnYvDGxDxhX7UWHB1sTPTU6A%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, max-age=300
cf-ray
7239b33a4b8b9a1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
telaga-putri-tujuh-warna-bengkulu.jpg
3.bp.blogspot.com/-O9wEKYRLtWc/VNYKFke0Z3I/AAAAAAAAEFw/jPEqENHy85w/s1600/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-O9wEKYRLtWc/VNYKFke0Z3I/AAAAAAAAEFw/jPEqENHy85w/s1600/telaga-putri-tujuh-warna-bengkulu.jpg
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a0d38cc25e1ec8e4355d58483b03a049645da1114bd5b559f29306eaac23e823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="telaga-putri-tujuh-warna-bengkulu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24651
x-xss-protection
0
server
fife
etag
"v105d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 28 Nov 2021 10:51:54 GMT
danau-dendam-tak-sudah-bengkulu.jpg
1.bp.blogspot.com/-4svXIGB67fY/VNTDeSd6oEI/AAAAAAAAEFg/CP9BaKv0OP4/s1600/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-4svXIGB67fY/VNTDeSd6oEI/AAAAAAAAEFg/CP9BaKv0OP4/s1600/danau-dendam-tak-sudah-bengkulu.jpg
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0b81f7fa05d9af300818274c515e05d9274b1373a180bb0fefc3d07b7a9d32b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="danau-dendam-tak-sudah-bengkulu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31518
x-xss-protection
0
server
fife
etag
"v1059"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 01 Jun 2022 14:29:47 GMT
danau-mas-harun-bastari-bengkulu.jpg
4.bp.blogspot.com/-7dSnuz8BuFU/VNSyVzEe_OI/AAAAAAAAEFQ/pTqBC0yybxw/s1600/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-7dSnuz8BuFU/VNSyVzEe_OI/AAAAAAAAEFQ/pTqBC0yybxw/s1600/danau-mas-harun-bastari-bengkulu.jpg
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="danau-mas-harun-bastari-bengkulu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46047
x-xss-protection
0
server
fife
etag
"v1055"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 30 Jun 2022 18:30:40 GMT
danau-tes-bengkulu.jpg
3.bp.blogspot.com/-Iu9pN5yv530/VNNgyngYzKI/AAAAAAAAEFA/9yRCFQHDx9c/s1600/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-Iu9pN5yv530/VNNgyngYzKI/AAAAAAAAEFA/9yRCFQHDx9c/s1600/danau-tes-bengkulu.jpg
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="danau-tes-bengkulu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47356
x-xss-protection
0
server
fife
etag
"v1051"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 30 Jun 2022 18:30:40 GMT
pulau-enggano-bengkulu.jpg
3.bp.blogspot.com/-H6vQqHPO5sc/VNLbORGcDqI/AAAAAAAAEEw/qHymK3C2RGY/s1600/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-H6vQqHPO5sc/VNLbORGcDqI/AAAAAAAAEEw/qHymK3C2RGY/s1600/pulau-enggano-bengkulu.jpg
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="pulau-enggano-bengkulu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36998
x-xss-protection
0
server
fife
etag
"v104d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 Jun 2022 09:08:00 GMT
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://wizid.blogspot.com/
Origin
https://wizid.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10578733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3150
timing-allow-origin
*
last-modified
Sat, 02 Jan 2021 18:12:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ff0b799-1ed1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ej%2F%2FMBibPovVv9cHyRm4VTVEfTZF1jSA5Ieb4V61FkrVv9ZGe4XMzx%2BlVwKbU7T4A2tHJgpR1pOnPvxxWh3R9vSxnT3AvrqzLNhf3tTnj2RBVZ2jhRyvipEZzKZJWINBq9lzGL38Lm7BfgRJUaRkLJux"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7239b33a69dc9b57-FRA
expires
Tue, 20 Jun 2023 20:37:29 GMT
cookienotice.js
wizid.blogspot.com/js/ 		0
0
1997315711-widgets.js
www.blogger.com/static/v1/widgets/ 		0
0
pre
uads.coky.cc/uads/ 		361 B
934 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uads.coky.cc/uads/pre?token=aHR0cDovL3d3dy5jb250cmFjb3N0YXRpbWVzLmNvbS98c3BsaXR8Y2EtcHViLTA2ODU0NzA2NTgzOTUwNTh8c3BsaXR8aHR0cHM6Ly93aXppZC5ibG9nc3BvdC5jb20v
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d5f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache
hit
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qOVAHNCoLJMHmfOXYNOzCkWY9c9ugLvgTlO3HIRDNgkEbsNbsMpUKmshIxWgFWEWQlwbH10HUjIY2cOM4hkSs7fp0R4We9pGowlbfKNssfEt2dc3M%2B9WTG5b%2BmujGS%2FLo3TcRdbRXAgiuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=60
cf-ray
7239b33aaca89b2e-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
url
www.google.com/ 		926 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXu5eFrNX4AhUKNxoKHT_3D88QFnoECAcQAQ&url=https%3A%2F%2Fwizid.blogspot.com%2F&usg=AOvVaw0BCNEGrAiG3QUYDxVCKO9-
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://wizid.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in
unload
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
466
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 20:37:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
Primary Request /
wizid.blogspot.com/ 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wizid.blogspot.com/
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXu5eFrNX4AhUKNxoKHT_3D88QFnoECAcQAQ&url=https%3A%2F%2Fwizid.blogspot.com%2F&usg=AOvVaw0BCNEGrAiG3QUYDxVCKO9-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3725ff986eff6e61bed566ed4cd055aee01e0902b13fd852d7d30835768999dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
11083
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 20:37:29 GMT
etag
W/"62155aff4144ad4cc1544fc8392339a186c66cf2ea8776200acc1715b1c0000c"
expires
Thu, 30 Jun 2022 20:37:29 GMT
last-modified
Mon, 13 Jun 2022 02:48:44 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
srv.js
uads.coky.cc/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uads.coky.cc/srv.js
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d5f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1acbd36bbba03af9369f64e309d241418e57198662539cfa7cb3df74287657f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-litespeed-cache
hit
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIX90WaMrjNV%2BAWL9QGIzMqegXfZiI4%2FxTUw0WeuVE%2BnJ%2FwQKbAtfBBAB5ln445Ps4HG9C7TDttIFUuQu2U%2F26KNHltUFInOF1%2Fzx%2FEewza8d752L4c57x4zdr3a6bFdMJHlxW57eUzuZWA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, max-age=300
cf-ray
7239b33c8ee89a1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
telaga-putri-tujuh-warna-bengkulu.jpg
3.bp.blogspot.com/-O9wEKYRLtWc/VNYKFke0Z3I/AAAAAAAAEFw/jPEqENHy85w/s1600/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-O9wEKYRLtWc/VNYKFke0Z3I/AAAAAAAAEFw/jPEqENHy85w/s1600/telaga-putri-tujuh-warna-bengkulu.jpg
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a0d38cc25e1ec8e4355d58483b03a049645da1114bd5b559f29306eaac23e823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="telaga-putri-tujuh-warna-bengkulu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24651
x-xss-protection
0
server
fife
etag
"v105d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 28 Nov 2021 10:51:54 GMT
danau-dendam-tak-sudah-bengkulu.jpg
1.bp.blogspot.com/-4svXIGB67fY/VNTDeSd6oEI/AAAAAAAAEFg/CP9BaKv0OP4/s1600/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-4svXIGB67fY/VNTDeSd6oEI/AAAAAAAAEFg/CP9BaKv0OP4/s1600/danau-dendam-tak-sudah-bengkulu.jpg
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0b81f7fa05d9af300818274c515e05d9274b1373a180bb0fefc3d07b7a9d32b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="danau-dendam-tak-sudah-bengkulu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31518
x-xss-protection
0
server
fife
etag
"v1059"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 01 Jun 2022 14:29:47 GMT
danau-mas-harun-bastari-bengkulu.jpg
4.bp.blogspot.com/-7dSnuz8BuFU/VNSyVzEe_OI/AAAAAAAAEFQ/pTqBC0yybxw/s1600/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-7dSnuz8BuFU/VNSyVzEe_OI/AAAAAAAAEFQ/pTqBC0yybxw/s1600/danau-mas-harun-bastari-bengkulu.jpg
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4a14b228a5c09913b38b1b15a813622f8eef2b59e6a1962f1186bd219c0728ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="danau-mas-harun-bastari-bengkulu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46047
x-xss-protection
0
server
fife
etag
"v1055"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 30 Jun 2022 18:30:40 GMT
danau-tes-bengkulu.jpg
3.bp.blogspot.com/-Iu9pN5yv530/VNNgyngYzKI/AAAAAAAAEFA/9yRCFQHDx9c/s1600/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-Iu9pN5yv530/VNNgyngYzKI/AAAAAAAAEFA/9yRCFQHDx9c/s1600/danau-tes-bengkulu.jpg
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
803663cbc08d315f59c591c1f1da02e540bf92ee9b3e038e792c6a944248399c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="danau-tes-bengkulu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47356
x-xss-protection
0
server
fife
etag
"v1051"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 30 Jun 2022 18:30:40 GMT
pulau-enggano-bengkulu.jpg
3.bp.blogspot.com/-H6vQqHPO5sc/VNLbORGcDqI/AAAAAAAAEEw/qHymK3C2RGY/s1600/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-H6vQqHPO5sc/VNLbORGcDqI/AAAAAAAAEEw/qHymK3C2RGY/s1600/pulau-enggano-bengkulu.jpg
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cf953eee0c9147406b17bfe41f4803752be197665c0af11239b591572cffa212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="pulau-enggano-bengkulu.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36998
x-xss-protection
0
server
fife
etag
"v104d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 Jun 2022 09:08:00 GMT
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://wizid.blogspot.com/
Origin
https://wizid.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10578733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3150
timing-allow-origin
*
last-modified
Sat, 02 Jan 2021 18:12:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ff0b799-1ed1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tfo2bLe1vlZ9C48zkqVXCLXB0ll32kir%2BeWVGt84l2izCzvpyJynTw6g6Op9DT7pEdQ0pFYBJoJY840y1FtdCkP3rouNs6DKV7kfyS8AntbjWRmNYKSVvNkMm4Kj2xLGM6mqmLCOLNBqlc7MpWJkms2X"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7239b33cad4d9b57-FRA
expires
Tue, 20 Jun 2023 20:37:29 GMT
cookienotice.js
wizid.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wizid.blogspot.com/js/cookienotice.js
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 19:02:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92126
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2026
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 18:11:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 06 Jul 2022 19:02:03 GMT
1997315711-widgets.js
www.blogger.com/static/v1/widgets/ 		155 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1997315711-widgets.js
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
878fb3c4eb3893b38e99429b943c94539e79981282e36350ce50e3a5dd69a51d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57161
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 02:52:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 30 Jun 2023 20:08:48 GMT
json
uads.coky.cc/uads/ 		52 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uads.coky.cc/uads/json?token=aHR0cDovL3d3dy5jb250cmFjb3N0YXRpbWVzLmNvbS98c3BsaXR8Y2EtcHViLTA2ODU0NzA2NTgzOTUwNTh8c3BsaXR8aHR0cHM6Ly93aXppZC5ibG9nc3BvdC5jb20v
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d5f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b674db4b1a960d1e25b2fdadfa62098588e683bb435ae249e5056eab6318e83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache
hit
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uML64RIiEpQloy6dPPtpRrkrNESxwFyp4KnRR8QSnUStqxfxr9NpNFPVVFNAnxkvM%2FvziVZPh9rMRXU7Pebgb9KmbRsQ8tnNejVXNlPEU2kq0R1%2B3AXSGQLJFPzNZTOs5y7mzpL7WMR1o1w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=60
cf-ray
7239b33ccfd99b2e-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery.slim.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://wizid.blogspot.com/
Origin
https://wizid.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10871217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22329
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-11ab4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45x2ScihJScFIlaEs0dFP%2BOjzU2p%2FZdSDWkN8GgNiAwLN4CXfaDaWEm4ZhmLu1cHsqvJAKAVZZ2JT7zIU3DWB%2Ffsi6P9Hq42hlsT68fd5Fvc6FXSBwu5c6%2B2uU7CcIKHe8sTvOiw9H9dXTZwHqgSGbyw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7239b33d4e529b57-FRA
expires
Tue, 20 Jun 2023 20:37:29 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/css/ 		158 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/css/bootstrap.min.css
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://wizid.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1207499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17725
timing-allow-origin
*
last-modified
Thu, 28 Oct 2021 16:03:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"617ac9de-453d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vb8v9%2Bz8tpdt2UblluImYaZky8aA8%2BppLksOj%2BNspwMi6ya%2Fpaio7C27Szf5issHk47zelnB0RMK1LVb%2FGth7ENlvJ%2BFe5Qg3GzFVrfR12OIAlF3kJDRgSEWEzMVfxc6GEXfXTLNAKoJtjoxwvVaDiR6"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7239b33d4e549b57-FRA
expires
Tue, 20 Jun 2023 20:37:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0685470658395058
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
effc7ef03cedfd15dd4a3619e0fe85c9199551731d44beb9941400de102b8645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wizid.blogspot.com/
Origin
https://wizid.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56477
x-xss-protection
0
server
cafe
etag
11247533542385567548
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 30 Jun 2022 20:37:29 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109741217-1
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f9cdfa80e9110277db641ce1f15e167abdcfc854088814b665b412be8845301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40365
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 19:50:18 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Jun 2022 20:37:29 GMT
th
tse1.mm.bing.net/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20romance%20anime%20on%20funimation%202021
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b7abf9b040181bca1fc39d58b5cb249b5d45b5fd542cc06fe20304b256ea3423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 261F4D47E87A4654B4E508F21F43845C Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
15900
th
tse1.mm.bing.net/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20fitness%20nashua%20holiday%20hours
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0ea3817468ffdc3ca87d6abfb10b36576a42c0ed9800fd409647152f90acbe32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A7EF6D63BC3C43C9B9ACCDA506523190 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
60045
th
tse1.mm.bing.net/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20salt%20nic%20juice%20canada
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2655afc8707926b8c93e6d0752a09807668a3c3e6400ad831d61950c8787db94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 70DE17AFD2014139A917459B8EC75C6E Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
32198
th
tse1.mm.bing.net/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20multivitamin%20canada%20reddit
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f234a85cf580a4a2018b0ee3257f067cdb4e00d836ba1ab7620fd65c716a03f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FBEEAA3A949D4CE78D2E9D2EF710D4ED Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
41448
th
tse1.mm.bing.net/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20friend%20tik%20tok%20dance
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5daca703e67e607bae5df9f5a6cccb7e9dda8aa2376ecd7c366c4a51e030f0b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BC1939532A1740D9A0ECC3D0BE649918 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
47319
th
tse1.mm.bing.net/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20mattress%20for%20fibromyalgia%20uk
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
889c0c7126a4f34b528404a8113a2a23d2c79919f222ffaaa96489af936741d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8B9C96CD662E4D499C454D938FDD22A0 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
19460
th
tse1.mm.bing.net/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20mattress%20topper%20for%20shoulder%20pain
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7a88e445b4d0a6d5fcde80468365af00d5996de692f6ff14e6ac72d8e200a554

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 01AE28DF406347ACA14DEF78EF46D718 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
16224
th
tse1.mm.bing.net/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20shows%20on%20netflix%202021
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
21a0d88306dd1d9816347846aacc89263b3f7ef3ff0b96ed6f604b07e7db8137

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8F8D6F3DBE3942648CD24927A6B10ECD Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
24882
th
tse1.mm.bing.net/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20buy%20hours%20richmond
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
18091af95ac15ae6494cf1e5823d2ef8ba22b7b8048e6fd23474acf5b982adf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F049A0CA21F34528A0E45454BD584A40 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
14747
th
tse1.mm.bing.net/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20seafood%20market%20in%20santa%20monica
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
03bf96bf9343a7b5eb3484b7a17371aacd28361c329fb6a5610a9eb7b75aa370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2C24D5D8E97D4026B1684343E6F220B6 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
31177
th
tse1.mm.bing.net/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20mattress%20under%20500%20king
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
87a293aeea91ddb675bc5243bc76c1db7e7bf6b92f9cab45b297667fc835f460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 398B1A150D69480BB1AFA5D2F57DAFC6 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
22368
th
tse1.mm.bing.net/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20slots%20to%20play%20in%20vegas%202022
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
412fcadb9ea8f6e6c8535faecac7e447baaf3285c82f7ee9d8bb4a70a96fe2de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 38506B6454434594AC8E487930EF5D71 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
56537
th
tse1.mm.bing.net/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=mythbusters%20best%20season%20reddit
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
14919fee867d13366b9b3fdb0d32f8748dabda15e7a0ccbdcea8b46d0e1a7af4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6C2CCB2A0E564B86B78088568EF5CA2E Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
51262
th
tse1.mm.bing.net/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20cyber%20monday%20deals%202021
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ebd991569344f4acd94d28be029bad6019dc6cb9253343d9ca7b6fdf304150a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D8956495B7DB4852A1FF6D044C84F66C Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
14354
th
tse1.mm.bing.net/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=america%27s%20best%20pics%20and%20videos%20app
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7106cc17c4285b8342911b4705b2f73bd77a1a9a02320bedc3e345101736861a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D9E8FCC4A33844B6B5865BEFD646199F Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
45158
th
tse1.mm.bing.net/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20dynasty%20warriors%20game%20psp
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a7a4388dc6c12ea2091eb6d7f784b2bd53f37e57c77cf383235b7502e328f627

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 720FABB45F7F42E685C6C90F35EFF23B Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
37572
th
tse1.mm.bing.net/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=boston%20best%20rate%20movers%20reviews
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba0e78d3f61b879f516626ca9516609457ee73bb878b54e4c322e5ac1a03f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F7BC85863C594B73B6F460193BE87574 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
11088
th
tse1.mm.bing.net/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20military%20branch%20to%20join%20reserves
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
91f9b48efe87a53c8cbf1b61accbfa2e8fe0bb7a6ee3bec83d3a54d866908627

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9BDB3AE64BE74D5888F0870C1204A144 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
40288
th
tse1.mm.bing.net/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20digimon%20game%20ps4
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6e9fa607bfbe57515377e3e1b6f8e9e22a74d0e01b3e92fae46c41da74188c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 64771B4D82824D86B141ED960BC0A9C4 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
33578
th
tse1.mm.bing.net/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20tablet%20for%20photo%20editing%202022
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b71746e3c91e01367daab7990874362a08a017ee8b3052d8b954d21756ea4e61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B648086F72414072B4E7399A6D5A724B Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
29136
th
tse1.mm.bing.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=cheapest%20place%20to%20get%20botox%20near%20me&w=50&h=50&c=7
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a47044105a196b0878312c57a44d97e444615dc1578f668431bf2df5d7fe8d05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D32237C889A4497399D50E5B367BFFF6 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1411
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20air%20fryer%20recipes%20healthy&w=50&h=50&c=7
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0ab0baad0d8479f980dfbfb1fbbaf46a7499c122467df9e3bc6119bc8b6e3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5A41C92173A449F8B3D33468CE82CF8C Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1696
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20dinner%20restaurants%20in%20redmond%20oregon&w=50&h=50&c=7
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fd7a631338ba9aa23414791d0161d90660865750d7933a9253379c2bd46d25a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 59DFFD16F4714D13ACF4A9036D2C3182 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1662
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=yugioh%20duel%20links%20best%20deck%202022&w=50&h=50&c=7
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26db17a5266b5f395fad3e1c6a80a4adf9dbfecf4505e40eb4b8aa4fb22e81fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A2D4FD309EBB4ACDA2548CB43998B1BF Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1829
th
tse1.mm.bing.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=america%27s%20best%20federal%20way%20wa&w=50&h=50&c=7
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e813bd3a45cb8e42fc33d7a043d5d9a50c1ca3edc8fa7977c2eeae0d94c8764

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1D833AC1F42443C5A9A34F31EE584208 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1435
th
tse1.mm.bing.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=top%205%20factoring%20companies%20for%20truckers&w=50&h=50&c=7
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
53eacf122e5142533872e46e7200ac8947100e3a5f2f39444ec3e46a36fec3f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DD38EAF12F014EF9BB49C39E6EF5EBD5 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1534
th
tse1.mm.bing.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20supplements%20for%20weight%20loss%20and%20muscle%20gain%202020&w=50&h=50&c=7
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5bdb471499372aba9fd41b3633af96b6b7c2c210388c0d90bea93f3ecf885d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4478CFDF74104BE2A8474CA7FFB58A62 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1488
th
tse1.mm.bing.net/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20choice%20plumbing%20%26%20heating%20philadelphia%20pa&w=50&h=50&c=7
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d976ee69cabd1abdf096c4e5687a88d8f0aac5bd9f07db8aad06513b3012c4c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2D9C882C4C744BCCA644C6C9CF0EAAB1 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
1081
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=best%20digimon%20game%20ps4&w=50&h=50&c=7
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ad3378869a6bb62b39476c457009e3cbcdec0c8e8735d3b32c9059542141823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5789EE9875AE498EA8A5C44248EEC508 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
1560
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=invest%20like%20the%20best%20crypto&w=50&h=50&c=7
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eaa46ef4008c53298298e0b22a94ec7b5a477633a55b47bbf037d9bd62ab328f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7C9042FD93A644F1A569693B31C58BE0 Ref B: FRAEDGE1515 Ref C: 2022-06-30T20:37:29Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
1544
bootstrap.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/js/ 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/js/bootstrap.bundle.min.js
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://wizid.blogspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5391249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19418
timing-allow-origin
*
last-modified
Thu, 28 Oct 2021 16:03:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"617ac9de-4bda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFwtd1EuyWesAWEi3SWVC%2BbCkYsqmjcWSN9yKXRxkYBizTK8IYXHImjPuUEPSJhH6N5zHhHM7xs25tUilra3lwotoVJADhObcw4c2Uf8TOyq1zZYVBd0%2FNsmsp6gT9gWh7FGRrxjejG5wlM1ZtDTCTAA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7239b33d5e629b57-FRA
expires
Tue, 20 Jun 2023 20:37:29 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://wizid.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1796631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQ0ySKcM4%2BckzxHvcd1x7XwdAvf2roOBuKTBYzSMXdNnAGlhxAOUTFsQyPDD0plGtrRhGNz6IGuAJEIFpqCeTTGemFnVoOU5X062Oz1SDvRfUn26Yjxcc2wKwzmzX3nCisJuvHjT1y4tUXT7Nk4ATw%2FF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7239b33d7b0a692b-FRA
expires
Tue, 20 Jun 2023 20:37:29 GMT
ovo_footer.js
cdn.statically.io/gh/vyant/ovo/c7b0b6f6/ 		252 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.statically.io/gh/vyant/ovo/c7b0b6f6/ovo_footer.js
Requested by
Host: uads.coky.cc
URL: https://uads.coky.cc/srv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
444eb052047c8fee84aca4a444286c77829b4058ac10f5bb62544577592197ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wizid.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 30 Jun 2022 20:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518290
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
184
x-served-by
cache-sjc10043-SJC, cache-hhn4032-HHN
server
statically
etag
W/"e14cb118fef6894c8afa7495ce44a059d46b3d6cffe2082b2ac7413c138f5fb7"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
access-control-expose-headers
*
uclear.js
cdn.jsdelivr.net/gh/vyantagc/vyantagc@master/ 		0
0
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:36:31 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
431423560
truncated
/ 		134 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93ee19994358156fbbe3bcbb748f51b8d5bd6199ff589f8955eaacfa59d5cb2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109741217-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5560
date
Thu, 30 Jun 2022 19:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 30 Jun 2022 21:04:49 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0685470658395058
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a8b8418cfe26a02edbc7ed321ee2cb142642c040618c489031cf0e23e35262f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122454
x-xss-protection
0
server
cafe
etag
16030136123013176502
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 30 Jun 2022 20:37:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/ Frame 0465 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0685470658395058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wizid.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 16:49:20 GMT
etag
10429905676100781186
expires
Thu, 14 Jul 2022 16:49:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4516773&@f16&@g1&@h1&@i1&@j1656621449966&@k0&@l1&@mBest%20Tips%20And%20References&@n0&@ohttps%3A%2F%2Fwww.google.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-179553598&@b3:1656621450&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwizid.blogspot.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.13.63 Terrebonne, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns504751.ip-192-99-13.net
Software
/
Resource Hash
652f5a634e943bb5dee398bcb28c69e8c5f17bd9e46e1777f3e1ccf15e1d0da2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 20:37:30 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2006989323&t=pageview&_s=1&dl=https%3A%2F%2Fwizid.blogspot.com%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Best%20Tips%20And%20References&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1275102079&gjid=1244800995&cid=2138926274.1656621450&tid=UA-109741217-1&_gid=250122871.1656621450&_r=1&gtm=2ou6t0&z=17365331
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wizid.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 20:37:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wizid.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		216 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=wizid.blogspot.com&callback=_gfp_s_&client=ca-pub-0685470658395058
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9d1cf4621000c5193aeacfb2ee88cbc479a4042ddfb57dffbdbf693dae0bc41d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wizid.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wizid.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwizid.blogspot.com%2F&tn=NAV&cls=navbar%20navbar-expand-md%20navbar-dark%20bg-dark%20fixed-top%20py-3&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 20:37:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1E81 		212 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&adk=1812271804&adf=3025194257&lmt=1655088524&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwizid.blogspot.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449945&bpp=3&bdt=273&idt=142&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3004609200651&frm=20&pv=2&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
302d44dcddb9c7e0b0fe97b631b08002dc42272fe2d7159764da836534c690bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wizid.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46347
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 20:37:30 GMT
expires
Thu, 30 Jun 2022 20:37:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-109741217-1&cid=2138926274.1656621450&jid=1275102079&gjid=1244800995&_gid=250122871.1656621450&_u=YEBAAUAAAAAAAC~&z=1157744262
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wizid.blogspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 30 Jun 2022 20:37:30 GMT
content-type
text/plain
access-control-allow-origin
https://wizid.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 752B 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&h=280&slotname=9971020852&adk=391616158&adf=428091284&pi=t.ma~as.9971020852&w=1110&fwrn=4&fwrnh=100&lmt=1655088524&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwizid.blogspot.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449948&bpp=2&bdt=276&idt=160&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004609200651&frm=20&pv=1&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGFO4GPP0a&p=https%3A//wizid.blogspot.com&dtd=164
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac2e6df5364e6c233b0edade6e1c479b7355ba06c7c72334947f03f5481c6953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wizid.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9497
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 20:37:30 GMT
expires
Thu, 30 Jun 2022 20:37:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-109741217-1&cid=2138926274.1656621450&jid=1275102079&_u=YEBAAUAAAAAAAC~&z=250971907
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 20:37:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-109741217-1&cid=2138926274.1656621450&jid=1275102079&_u=YEBAAUAAAAAAAC~&z=250971907
Requested by
Host: wizid.blogspot.com
URL: https://wizid.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 20:37:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 752B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&h=280&slotname=9971020852&adk=391616158&adf=428091284&pi=t.ma~as.9971020852&w=1110&fwrn=4&fwrnh=100&lmt=1655088524&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwizid.blogspot.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449948&bpp=2&bdt=276&idt=160&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004609200651&frm=20&pv=1&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGFO4GPP0a&p=https%3A//wizid.blogspot.com&dtd=164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 20:32:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 752B 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&h=280&slotname=9971020852&adk=391616158&adf=428091284&pi=t.ma~as.9971020852&w=1110&fwrn=4&fwrnh=100&lmt=1655088524&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwizid.blogspot.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449948&bpp=2&bdt=276&idt=160&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004609200651&frm=20&pv=1&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGFO4GPP0a&p=https%3A//wizid.blogspot.com&dtd=164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 20:37:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 752B 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&h=280&slotname=9971020852&adk=391616158&adf=428091284&pi=t.ma~as.9971020852&w=1110&fwrn=4&fwrnh=100&lmt=1655088524&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwizid.blogspot.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449948&bpp=2&bdt=276&idt=160&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004609200651&frm=20&pv=1&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGFO4GPP0a&p=https%3A//wizid.blogspot.com&dtd=164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:25:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 20:25:52 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 752B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHLFmigm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMQBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PerP-qCq_Ii2ghy4h46_dk7qgOvq3yQpraCkXjJGDEN23om0QtNJYAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMDY4NTQ3MDY1ODM5NTA1OBgA&sigh=WhywF1vbvgs&uach_m=[UACH]&cid=CAQSGwCNIrLMRS6yWblzvEuSPUvLVvqYYAluppAztxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&h=280&slotname=9971020852&adk=391616158&adf=428091284&pi=t.ma~as.9971020852&w=1110&fwrn=4&fwrnh=100&lmt=1655088524&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwizid.blogspot.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449948&bpp=2&bdt=276&idt=160&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004609200651&frm=20&pv=1&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGFO4GPP0a&p=https%3A//wizid.blogspot.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&h=280&slotname=9971020852&adk=391616158&adf=428091284&pi=t.ma~as.9971020852&w=1110&fwrn=4&fwrnh=100&lmt=1655088524&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwizid.blogspot.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449948&bpp=2&bdt=276&idt=160&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004609200651&frm=20&pv=1&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGFO4GPP0a&p=https%3A//wizid.blogspot.com&dtd=164
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 30 Jun 2022 20:37:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 30 Jun 2022 20:37:30 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 752B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKmKE8z6RNYImAKdg2ICAgAAAB5iu6hwUUq-EIoJvmKj3A8lQbqAteC63AASAAA&wp=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&h=280&slotname=9971020852&adk=391616158&adf=428091284&pi=t.ma~as.9971020852&w=1110&fwrn=4&fwrnh=100&lmt=1655088524&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwizid.blogspot.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449948&bpp=2&bdt=276&idt=160&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004609200651&frm=20&pv=1&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGFO4GPP0a&p=https%3A//wizid.blogspot.com&dtd=164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
server
Kestrel
server-processing-duration-in-ticks
211777
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2116 		106 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&h=280&slotname=9971020852&adk=391616158&adf=428091284&pi=t.ma~as.9971020852&w=1110&fwrn=4&fwrnh=100&lmt=1655088524&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwizid.blogspot.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449948&bpp=2&bdt=276&idt=160&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004609200651&frm=20&pv=1&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGFO4GPP0a&p=https%3A//wizid.blogspot.com&dtd=164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2be830fd7b3f78d5e856e8c7202e37f2fd9fa8b98ac44dc261ff12f1b138fd34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 20:37:30 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=SeCtIuiiX-BJ-TQ2RSqc3tZbbbmX7BlJUWXbVDSVgOLzXHExyZ6LfO93tEBTWCZnk-78Q0Utlt45uEDLsXjuugIfDZ6UAHFLMaiv3Rrpr_0IAzVAHtBCGqB462QA0Csy7T0xoSbyEFDgnHfj7yGGfvjuC35UzdFBKRycPz-DI83GqCpI8QRXE6alIYVschVCr5_5Xsxv4byiWsmblcdOnRo6QSzi2X-hcPKZcVpCI6tbEqCV4koIQhx24rKuLWvXBjv4fA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
29121212
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 752B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e6197942195f21587782376ab29061819cb2764943e4d5c305d63aff1e0cac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2116 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Jun 2023 20:37:30 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2116 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Jun 2023 20:37:30 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2116 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 25 Jun 2023 20:37:30 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2116 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 25 Jun 2023 20:37:30 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 2116 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ILfJeIpAgMIv9Il0uKfHC7VKr5fATqYyGgYoaElmC3g01nWb1aSZuZGFbytSBIUFc6MEFQIzlmqIAmH2MN7x0feRjKuH66CqwZfWOWhaw2K4VA7TNad9KxEF7-Gx2AOMPhv4FFzO_j5M_f5blVbSL8dOUaK26F0gdRZ1jShBoQfBUMxT1dVoET9dqtmLJFRDJLVyz5-3sa8GaOplBZG-6l9nq3fV276JYZN8lsEjb6aI7HuSLS0R6ib4h_UPICXwxAzvC6T6usYd5GjiWx7YJ851TjfuBUWUQ6pm_JdORYDjG2zMqgs4XOoJcKA0Fl-G06Aud6mamxE_G9ZBI-rhWKPLhrAj-ls9mk6gAJ3XsO3CTQqpk-QR_WH1A2klMfNGzUhILksxWg1UNp9RSHD8NRZhiwml9RpKogKHmA-f1hfYNUADv-r7_qsidzx_Tv-Q3bF8nw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 20:37:30 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2889109
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 2116 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Jun 2023 20:37:30 GMT
img
pix.eu.criteo.net/img/ Frame 2116 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=94347&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F94347%2F220401%2Fff743ebad72d45c0bd788d51f9ad847e_stw_logo_ohne_zusatz_black_750x900.png&v=3&w=444&s=iQuOzjGChDvVwhUWiOq-aPOz
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a676abc3f6e162e24ac54d278c08916e85cd5c9e2ad751bc23390fcc1132dba6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28641118
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
53332
expires
Sun, 28 May 2023 08:29:29 GMT
all
csm.eu.criteo.net/ Frame 2116 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SeCtIuiiX-BJ-TQ2RSqc3tZbbbmX7BlJUWXbVDSVgOLzXHExyZ6LfO93tEBTWCZnk-78Q0Utlt45uEDLsXjuugIfDZ6UAHFLMaiv3Rrpr_0IAzVAHtBCGqB462QA0Csy7T0xoSbyEFDgnHfj7yGGfvjuC35UzdFBKRycPz-DI83GqCpI8QRXE6alIYVschVCr5_5Xsxv4byiWsmblcdOnRo6QSzi2X-hcPKZcVpCI6tbEqCV4koIQhx24rKuLWvXBjv4fA&sds=2&rev=81891&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 30 Jun 2022 20:37:30 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2116 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Jun 2023 20:37:30 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2116 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Jun 2023 20:37:30 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/reactive_library_fy2019.js?bust=31068289
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e98c85a4d5857cf36fbed998f6f96fcc43836304f8e7a04382f10cb4100fb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54415
x-xss-protection
0
server
cafe
etag
5020263175737615658
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Jun 2022 20:37:30 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wizid.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wizid.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 20:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/ Frame 1493 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wizid.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6474
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 18:49:36 GMT
etag
10429905676100781186
expires
Thu, 14 Jul 2022 18:49:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/ Frame D779 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wizid.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6474
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 18:49:36 GMT
etag
10429905676100781186
expires
Thu, 14 Jul 2022 18:49:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 1493 		4 KB
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 20:12:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 30 Jun 2022 20:37:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Jun 2022 20:37:31 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1493 		205 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:22:50 GMT
x-content-type-options
nosniff
age
881
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 30 Jun 2023 20:22:50 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1493 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 19:31:49 GMT
x-content-type-options
nosniff
age
3942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 30 Jun 2023 19:31:49 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/ Frame 1493 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8263
x-xss-protection
0
server
cafe
etag
17157773748623750166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 20:35:53 GMT
fa287546e1d5bd0678894d5c227e456c.js
www.gstatic.com/mysidia/ Frame D779 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 09:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4351
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 00:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 09:05:41 GMT
db2e47a9a3671f527cf86ca9ac22fc67.js
www.gstatic.com/mysidia/ Frame D779 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/db2e47a9a3671f527cf86ca9ac22fc67.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 09:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4277
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 00:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 09:05:41 GMT
css
fonts.googleapis.com/ Frame D779 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 20:17:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 30 Jun 2022 20:37:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Jun 2022 20:37:31 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame D779 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 20:30:08 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame D779 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:35:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 20:35:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame D779 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 20:36:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D779 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 20:37:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame D779 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 20:34:21 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame D779 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 09:09:14 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17671283046441085688/ Frame D779 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17671283046441085688/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e6bf04beffbf67d4aec818a80b21b7bbd4f85f46ddfbbd10314b27a10c05bdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 01:52:41 GMT
x-content-type-options
nosniff
age
499490
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6278
x-xss-protection
0
last-modified
Sat, 06 Jul 2019 19:44:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Jun 2023 01:52:41 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D779 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4jPCigm-YqKICsibgQesqZO4B-P19f5pxang8OcP49Cuso8wEAEg2OzfKmCVgqGCsAegAZ26zZoDyAEBqQIuf_rk15ImPqgDAaoE1gFP0Eq1ZoBYaFEv5D5g7l16SJo17_uwVuWjaVpeDv2hHWbLdSZWG_yVXETKDj6sdfK5a2h5DtVyVR1Yi6j3bo6kXPBPW2_EeK4xkLEB34KRFQp1k7kJEkyiPA6UHOIOc5TCh_3i_vgA1Fg_FISnaqul6cTWSafzLjmtmpYKT4LnJ2oK4SjZWmLW8lDfCEGMgqwpl9zM8__6g9gJ6ZEC3W9PI6xep2X646TgR6Zx6rfhrUcyTIwNNVMcwo_0aOyPaKGNwOafJ5soEUjGiPXVnpxZkjXsF7S6wASG3Zew9wOSBQQIBBgBkgUECAUYBIAHy8WyZagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPbRC9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTA2ODU0NzA2NTgzOTUwNTgYAA&sigh=2jjcVjDYCuo&uach_m=[UACH]&template_id=5001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 30 Jun 2022 20:37:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7DA5 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 20:08:25 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D779 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
408caa43e3914d687265101ba13104e156801b3eff83822ec3767f4b58bcf718

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 9BF4 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 20:09:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 30 Jun 2022 20:37:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Jun 2022 20:37:31 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 9BF4 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 20:30:08 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/ Frame 9BF4 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:35:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 20:35:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 9BF4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 20:36:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9BF4 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 20:37:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/ Frame 9BF4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220628/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Jul 2022 20:34:21 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame 9BF4 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 09:09:14 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7DA5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 20:37:31 GMT
expires
Thu, 30 Jun 2022 20:37:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 20:37:31 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 11E9 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 20:08:25 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 11E9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 20:37:31 GMT
expires
Thu, 30 Jun 2022 20:37:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 20:37:31 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220628&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6644cc084e52fd42168675d0895e354f34bf56ea82042e72bd274a12cff3613d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jun 2022 20:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10722
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0685470658395058&plah=wizid.blogspot.com&bust=31068289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 20:37:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4825 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wizid.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4374
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 19:24:37 GMT
expires
Fri, 30 Jun 2023 19:24:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0598 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a0e4f8a0f1af49ccf1f57b23594efe3dd500c1f8ec6910735f456adb378e6121
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DqiK7jV_7C6PHR9tAH4_ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wizid.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-DqiK7jV_7C6PHR9tAH4_ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 20:37:31 GMT
expires
Thu, 30 Jun 2022 20:37:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame 4825 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 12:33:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
29066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Jun 2023 12:33:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0598 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220628&jk=3045008868441046&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 752B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9gJ88SEYbgp6LyAMKUGDo3WYTZgyS6FbmaskaaSM-H2PfE9gXdXQJdGTp3PqoKai8CGU_zHDptdR8PHsyg-Dgbr1e&sig=Cg0ArKJSzNG3-fe7aMgPEAE&id=lidar2&mcvt=1010&p=0,0,280,1110&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=391616158&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656621450113&rpt=475&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 20:37:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 4825 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5g4Wdw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 20:37:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.eu.criteo.net/ Frame 2116 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SeCtIuiiX-BJ-TQ2RSqc3tZbbbmX7BlJUWXbVDSVgOLzXHExyZ6LfO93tEBTWCZnk-78Q0Utlt45uEDLsXjuugIfDZ6UAHFLMaiv3Rrpr_0IAzVAHtBCGqB462QA0Csy7T0xoSbyEFDgnHfj7yGGfvjuC35UzdFBKRycPz-DI83GqCpI8QRXE6alIYVschVCr5_5Xsxv4byiWsmblcdOnRo6QSzi2X-hcPKZcVpCI6tbEqCV4koIQhx24rKuLWvXBjv4fA&sds=2&rev=81891&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr4JigACqbwIFVZdAAjKYrWqfz1Iq5Ew7c14hw&u=%7CCf2nh%2FEwzOY8HjJUKnHvseqqK5ZBFTRgdfLxljQAcLA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86y_qkV63e1pMvJI3uK-gKjjZvNSXnqx3Z-EIwpwN2r7SEtluInoXC0yAcxdm3LkOgQSGqvLRVaYcWZgUc7SYhQrI6G4MsVi6BCNvzLub9-IIryQUc0wyBkHXYUfzZYc6OjejjUMfFWR46r3NiheQ57uIj2kx-TYDhIj91XVy-rk2RE1v5_iwHXf8q7FplfKB8Ou-5Yzjbk_rSrEDoO1ZVgn1bF4E37OnCCgvkX5tNdhI59eRjuSI9sHu7DLowKr4AqYVBWrOPJT_7Oh3HOYCgVyMtdoOhYh-UeXve0ELiFmYujlwMYQSkPLbr1mh2Vi0K5fLPVOw2XwPYo_ccKSBrmJskBdDpr8BAd5ci8XCKcetxXiPSEAUhLSLqtwDTK3XLs8PDuid6_R0OYqCEr7JH24&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0YD2igm-YrzTCt2s1fAP4pSjyA3JntKxXNX24taTAcCNtwEQASAAYJWCoYKwB4IBF2NhLXB1Yi0wNjg1NDcwNjU4Mzk1MDU4oAHVttLqA8gBCakC5n2rhO-PsT6oAwGqBMcBT9AC50owQ_hvwotWXDX37H9U7NVdC_ZWK6IiZHYWSyhrflfrXZtCQtD03x_w_nHFOu1tajYvAlkpAQ12Fgyf6ILvRQZEZMbugUrYpneMBu9iTfAVhRnv7QeUQ2AdXdrcgGPRrcJOCvzc5mlrmUmMbwsNAt_jLSPsvJzpI4CKyrZlWWr0PHQCcQ-suqJDqXg1PGOK4X-mKQwgkcu86PfpPcsQLH2-ybfu9r3qwH_DoxelHXa-vjQ2WUVv6o4T92Kje49emoZY2IAGtIHIh5HshuPlAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11ywPGNdcIyPsViknWn-q4fISihA%26client%3Dca-pub-0685470658395058%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 30 Jun 2022 20:37:30 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220628&jk=3045008868441046&bg=!AQKlAkbNAAaLlKKnq5Q7ACkAdvg8WtEox5SfglVGMl3weT9Wy24-r4-PRAa7_qkG1xkQCmjbxSUaygIAAABYUgAAAAJoAQeZAuUDBWJdczLVdy0TBgB5YbRuncI4NyOs5XSvu2a0v8aYZIJfuXlJ38L028WGz4pu3zwk4dDCeaXbwdBzr5cboxvSu8HjG0r9k-gz6LEZMlzVNrbpn1TRu9Q9FXfEIk6pspCh4msxKR4IqxEHEwJ6B9xuSmOYyRh5zmw7-xttck5Jnw24uiTB4aAMaIkp9ljX2V7P0YGWT6GgbB391FgOMROSOqgd8PaBNeKZlbDqrehlqHX3I4MWXNtm7AzzPMqJgmM1d7t7ctILwxRNSiGvihriTho2WOBxL2dZw9An_8uw3TJprorPN8r5rMQtu6k21ZZSGhKtjijKVi6OhjY74veFqmxulbis76nA7JpdAqZJYg6KsyGw6aBiXv2cM-eHhQdyafSE3dTGLT2E0Mvdj51NiKGIyTWwl6hXTYZpIz_ZW6pmEhebytC2XgoBjLCuR5Iug0wXXpBts0GOlRuIc7VyyTr6JOIy4UkxO-J9LitHFcqVORqDlRBNHGb5XAs9R7yzO8RCE4kUMbpZpG391poXfHNWcagN1Fw41Zn8P5jiVJgTromJchyu8zFcCjHDLaMmPHopft8rCmNPcAtCMwrEVk02tB_BVfRrNEF5B9KuLr0qN95iiJUXGdM3Sk7p8DaiAB0RA57MI5I38CjS6XJUrLQeSvS_PqH28XsjuiJZXQVWhPqohlTrCcRW4FPs6ooXkUJjHif3wN5NvvMNwsNCxYtcdYGUArHI2LjK4TmgxOtbfQ3XB4-y0zULPMF13ddvYhJtEyyJaWhyFO_nCOwCfLipJ1FYs5LFvTbMOmchi6rjIWK-ASU6KsbBFJNzjAxUZVIJxcsA5mE_Cv_gzF24pPFP071LBgWX99Pq4oQOgmeTaa9gPSmihwhtT5mLvclY84kG-DQ9SVWQT_-_XMwMNL2i_7O54fRNm5OpzZZjzBTbxgOA_7uV9ZHq63wi44lfHkD102p3RkROV1C-csGc74kE7ok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wizid.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame D779 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJO9PXTBtPoAGUOYAJh1T5H7kc3EMBikxso2_1dC-A3j9UcLgs1zo0O2FRaWwAwm5Rj-He4T14wRvfXl3HkNVF2iKhTNdv3JLv5mplkc605jkavRKFG0Jv6FHSRv2Ofx9T4poaDQ&sai=AMfl-YSWXk3h7UXB6zubZhO9DzVsY5ZBCvLI0nqh0hz8s6tAuqJR8hM-9PWWrFSKM3N6up1MZPt6OExyyoTL&sig=Cg0ArKJSzFwZ7aIPNHX8EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,766,1000,1116,1199&tos=83,683,234,116,83&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656621450915&rpt=183&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jun 2022 20:37:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s4.histats.com
URL
https://s4.histats.com/stats/0.php?4516773&@f16&@g1&@h1&@i1&@j1656621448924&@k0&@l1&@mBest%20Tips%20And%20References&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:96897438&@b3:1656621449&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.contracostatimes.com%2F&@w
Domain
wizid.blogspot.com
URL
https://wizid.blogspot.com/js/cookienotice.js
Domain
www.blogger.com
URL
https://www.blogger.com/static/v1/widgets/1997315711-widgets.js
Domain
cdn.jsdelivr.net
URL
http://cdn.jsdelivr.net/gh/vyantagc/vyantagc@master/uclear.js

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| pre_uads string| ovo_res string| endpoint string| u_content undefined| token string| api_url object| lazySizes function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices function| $ function| jQuery object| adsbygoogle function| gtag object| dataLayer object| bootstrap string| current boolean| g_confirm string| go_ads string| is_cli string| is_uads object| _Hasync object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| chfh function| chfh2 string| _HST_cntval object| Histats object| gaplugins object| gaGlobal object| gaData object| _HistatsCounterGraphics_0_setValues function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| GoogleGcLKhOms

23 Cookies

Domain/Path Name / Value
www.contracostatimes.com/ Name: ci_session
Value: jrr1rs71eeauatmd2s3isu2615pa2rpu
www.contracostatimes.com/ Name: HstCfa4516773
Value: 1656621448924
www.contracostatimes.com/ Name: HstCla4516773
Value: 1656621448924
www.contracostatimes.com/ Name: HstCmu4516773
Value: 1656621448924
www.contracostatimes.com/ Name: HstPn4516773
Value: 1
www.contracostatimes.com/ Name: HstPt4516773
Value: 1
www.contracostatimes.com/ Name: HstCnv4516773
Value: 1
www.contracostatimes.com/ Name: HstCns4516773
Value: 1
.google.com/ Name: __Secure-ENID
Value: 5.SE=bekqkN7IYS_ED8cwjGmYWORsqPXFnVGRcUapjRLdtEiyBFTs9gN35vsi_68nIO0QLzSXyXAG5K2RqjRG7TDGQblM_NGSjzSkMC9EretFdDoi9K0V7_ZONi571A7Q9U-UZDaSNRsV3gH82ZQFjzZm7hUNupiYMBjANIiQ2dbknXk
.google.com/ Name: CONSENT
Value: PENDING+280
wizid.blogspot.com/ Name: HstCfa4516773
Value: 1656621449966
wizid.blogspot.com/ Name: HstCla4516773
Value: 1656621449966
wizid.blogspot.com/ Name: HstCmu4516773
Value: 1656621449966
wizid.blogspot.com/ Name: HstPn4516773
Value: 1
wizid.blogspot.com/ Name: HstPt4516773
Value: 1
wizid.blogspot.com/ Name: HstCnv4516773
Value: 1
wizid.blogspot.com/ Name: HstCns4516773
Value: 1
wizid.blogspot.com/ Name: c_ref_4516773
Value: https%3A%2F%2Fwww.google.com%2F
.wizid.blogspot.com/ Name: _ga
Value: GA1.3.2138926274.1656621450
.wizid.blogspot.com/ Name: _gid
Value: GA1.3.250122871.1656621450
.wizid.blogspot.com/ Name: _gat_gtag_UA_109741217_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUleKeAtnG64QXv4Mdl3QjVRs2Dbe_U4pCxGsX24EdVUhb7n5S9YbZIokQtKEqA
.doubleclick.net/ Name: DSID
Value: NO_DATA

14 Console Messages

Source Level URL
Text
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://cdn.jsdelivr.net/gh/vyantagc/vyantagc@master/uclear.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/js/bootstrap.bundle.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.statically.io/gh/vyant/ovo/c7b0b6f6/ovo_footer.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://cdn.jsdelivr.net/gh/vyantagc/vyantagc@master/uclear.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/js/bootstrap.bundle.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://uads.coky.cc/srv.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.statically.io/gh/vyant/ovo/c7b0b6f6/ovo_footer.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://wizid.blogspot.com/
Message:
Mixed Content: The page at 'https://wizid.blogspot.com/' was loaded over HTTPS, but requested an insecure script 'http://cdn.jsdelivr.net/gh/vyantagc/vyantagc@master/uclear.js'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0685470658395058&output=html&h=280&slotname=9971020852&adk=391616158&adf=428091284&pi=t.ma~as.9971020852&w=1110&fwrn=4&fwrnh=100&lmt=1655088524&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwizid.blogspot.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656621449948&bpp=2&bdt=276&idt=160&shv=r20220628&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3004609200651&frm=20&pv=1&ga_vid=2138926274.1656621450&ga_sid=1656621450&ga_hid=2006989323&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068289%2C42531605%2C42531608&oid=2&pvsid=3045008868441046&tmod=790196467&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGFO4GPP0a&p=https%3A//wizid.blogspot.com&dtd=164
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cdn.jsdelivr.net
cdn.statically.io
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
s10.histats.com
s4.histats.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tse1.mm.bing.net
uads.coky.cc
wizid.blogspot.com
www.blogger.com
www.contracostatimes.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cdn.jsdelivr.net
s4.histats.com
wizid.blogspot.com
www.blogger.com
142.250.185.98
151.101.193.53
178.250.2.135
178.250.2.148
178.250.2.150
192.99.13.63
2606:4700:3032::ac43:d5f5
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2009
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9a
2a00:1450:400e:800::200a
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a04:4e42:200::347
46.105.201.240
03bf96bf9343a7b5eb3484b7a17371aacd28361c329fb6a5610a9eb7b75aa370
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0728a87e77d539c59fcfec9bbfcf91e61fe2874e9720bb51995718bf7ee93a3b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b674db4b1a960d1e25b2fdadfa62098588e683bb435ae249e5056eab6318e83
0b81f7fa05d9af300818274c515e05d9274b1373a180bb0fefc3d07b7a9d32b3
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
0ea3817468ffdc3ca87d6abfb10b36576a42c0ed9800fd409647152f90acbe32
14919fee867d13366b9b3fdb0d32f8748dabda15e7a0ccbdcea8b46d0e1a7af4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18091af95ac15ae6494cf1e5823d2ef8ba22b7b8048e6fd23474acf5b982adf3
1acbd36bbba03af9369f64e309d241418e57198662539cfa7cb3df74287657f9
1ad3378869a6bb62b39476c457009e3cbcdec0c8e8735d3b32c9059542141823
1e98c85a4d5857cf36fbed998f6f96fcc43836304f8e7a04382f10cb4100fb6e
21a0d88306dd1d9816347846aacc89263b3f7ef3ff0b96ed6f604b07e7db8137
2655afc8707926b8c93e6d0752a09807668a3c3e6400ad831d61950c8787db94
26db17a5266b5f395fad3e1c6a80a4adf9dbfecf4505e40eb4b8aa4fb22e81fb
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2be830fd7b3f78d5e856e8c7202e37f2fd9fa8b98ac44dc261ff12f1b138fd34
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
302d44dcddb9c7e0b0fe97b631b08002dc42272fe2d7159764da836534c690bd
3725ff986eff6e61bed566ed4cd055aee01e0902b13fd852d7d30835768999dd
408caa43e3914d687265101ba13104e156801b3eff83822ec3767f4b58bcf718
412fcadb9ea8f6e6c8535faecac7e447baaf3285c82f7ee9d8bb4a70a96fe2de
444eb052047c8fee84aca4a444286c77829b4058ac10f5bb62544577592197ff
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
4a14b228a5c09913b38b1b15a813622f8eef2b59e6a1962f1186bd219c0728ab
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f234a85cf580a4a2018b0ee3257f067cdb4e00d836ba1ab7620fd65c716a03f
53eacf122e5142533872e46e7200ac8947100e3a5f2f39444ec3e46a36fec3f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5daca703e67e607bae5df9f5a6cccb7e9dda8aa2376ecd7c366c4a51e030f0b5
5e813bd3a45cb8e42fc33d7a043d5d9a50c1ca3edc8fa7977c2eeae0d94c8764
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
652f5a634e943bb5dee398bcb28c69e8c5f17bd9e46e1777f3e1ccf15e1d0da2
6644cc084e52fd42168675d0895e354f34bf56ea82042e72bd274a12cff3613d
6f9cdfa80e9110277db641ce1f15e167abdcfc854088814b665b412be8845301
7106cc17c4285b8342911b4705b2f73bd77a1a9a02320bedc3e345101736861a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7a88e445b4d0a6d5fcde80468365af00d5996de692f6ff14e6ac72d8e200a554
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
7e6197942195f21587782376ab29061819cb2764943e4d5c305d63aff1e0cac9
803663cbc08d315f59c591c1f1da02e540bf92ee9b3e038e792c6a944248399c
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
878fb3c4eb3893b38e99429b943c94539e79981282e36350ce50e3a5dd69a51d
87a293aeea91ddb675bc5243bc76c1db7e7bf6b92f9cab45b297667fc835f460
889c0c7126a4f34b528404a8113a2a23d2c79919f222ffaaa96489af936741d2
8a8b8418cfe26a02edbc7ed321ee2cb142642c040618c489031cf0e23e35262f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91f9b48efe87a53c8cbf1b61accbfa2e8fe0bb7a6ee3bec83d3a54d866908627
93ee19994358156fbbe3bcbb748f51b8d5bd6199ff589f8955eaacfa59d5cb2c
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9d1cf4621000c5193aeacfb2ee88cbc479a4042ddfb57dffbdbf693dae0bc41d
9e6bf04beffbf67d4aec818a80b21b7bbd4f85f46ddfbbd10314b27a10c05bdc
a0d38cc25e1ec8e4355d58483b03a049645da1114bd5b559f29306eaac23e823
a0e4f8a0f1af49ccf1f57b23594efe3dd500c1f8ec6910735f456adb378e6121
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a47044105a196b0878312c57a44d97e444615dc1578f668431bf2df5d7fe8d05
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a676abc3f6e162e24ac54d278c08916e85cd5c9e2ad751bc23390fcc1132dba6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7a4388dc6c12ea2091eb6d7f784b2bd53f37e57c77cf383235b7502e328f627
ac2e6df5364e6c233b0edade6e1c479b7355ba06c7c72334947f03f5481c6953
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
b6e9fa607bfbe57515377e3e1b6f8e9e22a74d0e01b3e92fae46c41da74188c4
b71746e3c91e01367daab7990874362a08a017ee8b3052d8b954d21756ea4e61
b7abf9b040181bca1fc39d58b5cb249b5d45b5fd542cc06fe20304b256ea3423
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
ba0e78d3f61b879f516626ca9516609457ee73bb878b54e4c322e5ac1a03f1df
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
c0ab0baad0d8479f980dfbfb1fbbaf46a7499c122467df9e3bc6119bc8b6e3ac
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cf953eee0c9147406b17bfe41f4803752be197665c0af11239b591572cffa212
d976ee69cabd1abdf096c4e5687a88d8f0aac5bd9f07db8aad06513b3012c4c4
d9a2ff752d16b592e526d3dadd6f23d346d9dcb65f6e6943cdc754d56c9c708b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
eaa46ef4008c53298298e0b22a94ec7b5a477633a55b47bbf037d9bd62ab328f
ebd991569344f4acd94d28be029bad6019dc6cb9253343d9ca7b6fdf304150a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effc7ef03cedfd15dd4a3619e0fe85c9199551731d44beb9941400de102b8645
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5bdb471499372aba9fd41b3633af96b6b7c2c210388c0d90bea93f3ecf885d6
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
fd7a631338ba9aa23414791d0161d90660865750d7933a9253379c2bd46d25a7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e