urlscan.io logo urlscan.io
SecurityTrails logo

www.aaa-replica.com Open in urlscan Pro
167.160.19.218  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://aaa-replica.com/
Effective URL: http://www.aaa-replica.com/
Submission: On March 31 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 17 domains to perform 81 HTTP transactions. The main IP is 167.160.19.218, located in Turkey and belongs to SAYFANET, TR. The main domain is www.aaa-replica.com.
This is the only time www.aaa-replica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    167.160.19.218 (Turkey)

ASN59447 (SAYFANET, TR)
aaa-replica.com
www.aaa-replica.com
3    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
13    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
6    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
1    2a05:d01c:1d8:8101:f6ab:342:7837:ce6e (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
Domain Requested by
24 www.aaa-replica.com www.aaa-replica.com
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 pagead2.googlesyndication.com www.aaa-replica.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 cm.g.doubleclick.net 1 redirects www.aaa-replica.com
googleads.g.doubleclick.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 fonts.gstatic.com fonts.googleapis.com
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 fonts.googleapis.com www.aaa-replica.com
googleads.g.doubleclick.net
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 www.gstatic.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 www.google.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 aaa-replica.com 1 redirects
0 s4.cnzz.com Failed www.aaa-replica.com
81 22

This site contains links to these domains. Also see Links.

Domain
superbthemes.com
Subject Issuer Validity Valid
www.aaa-replica.com
R3		 2021-03-01 -
2021-05-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh

This page contains 9 frames:

Primary Page: http://www.aaa-replica.com/
Frame ID: 40E3D6DBBB15C61AE740E3AEE8550F15
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html
Frame ID: 547B3338C7853B07E5E1147F042058F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Frame ID: E47B1A8495700FD4F543703101E999D1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&adk=1812271804&adf=3025194257&lmt=1617198885&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.aaa-replica.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617198884984&bpp=3&bdt=13365&idt=76&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=80
Frame ID: 228793E4E1E8D27A954CF9D55A75BD47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Frame ID: 335B9555795CB72813B0394C563FFA9D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B53F53DBF5D0480465B3C991672A2E15
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Frame ID: B6AFE7415500D01CE4F39A8A29301EF0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Frame ID: 1F9F2DCC8ADFD005D8271CD728874452
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2062C723EC0D471547B7A4D1E1E6F8E8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://aaa-replica.com/ HTTP 301
    http://www.aaa-replica.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

81
Requests

75 %
HTTPS

60 %
IPv6

17
Domains

22
Subdomains

17
IPs

4
Countries

1876 kB
Transfer

2750 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aaa-replica.com/ HTTP 301
    http://www.aaa-replica.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGVjycDFZKe6o9xon1vQEE8&google_cver=1&google_push=AQvitUKBXEp_V5kUmQAf77rjDqFkkreAAGHeCFgtI8w6ZCXmgEyu5Zm1o7szTSHJBoqHw__zcwK15Vd4X02E7Bm36gHK9edBYkc HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGVjycDFZKe6o9xon1vQEE8&google_cver=1&google_push=AQvitUKBXEp_V5kUmQAf77rjDqFkkreAAGHeCFgtI8w6ZCXmgEyu5Zm1o7szTSHJBoqHw__zcwK15Vd4X02E7Bm36gHK9edBYkc&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKBXEp_V5kUmQAf77rjDqFkkreAAGHeCFgtI8w6ZCXmgEyu5Zm1o7szTSHJBoqHw__zcwK15Vd4X02E7Bm36gHK9edBYkc&google_hm=Ew92nkrox8IQI-4h1I5DUw==
Request Chain 72
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP3iMUJLzzTT4avlATeZT-E&google_cver=1&google_push=AQvitULbQKgXs_WIJ3abU4u9Nm9x4jLpNs-TLN1jdXqNwCTa1VKfB4QRcVua9ksZKezIxUYuHNJoAxVJCinjUvQcxmY0C3r1VVY HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP3iMUJLzzTT4avlATeZT-E&google_cver=1&google_push=AQvitULbQKgXs_WIJ3abU4u9Nm9x4jLpNs-TLN1jdXqNwCTa1VKfB4QRcVua9ksZKezIxUYuHNJoAxVJCinjUvQcxmY0C3r1VVY&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qz6rdgvpR7OdkIdbqcl9QQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULbQKgXs_WIJ3abU4u9Nm9x4jLpNs-TLN1jdXqNwCTa1VKfB4QRcVua9ksZKezIxUYuHNJoAxVJCinjUvQcxmY0C3r1VVY
Request Chain 73
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOF2_bKdKjF8HTiywobOFik&google_cver=1&google_push=AQvitUKw7hI2lhi5N5M3r9xJufle1dyTdcEW4algAJKTFz4A6zN7dASfscjKHyU_k_pfoAY21v27LkkSWj69MulUicfGuUbXE4k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YSUdNUU0tMUQtODBZQw==&google_push=AQvitUKw7hI2lhi5N5M3r9xJufle1dyTdcEW4algAJKTFz4A6zN7dASfscjKHyU_k_pfoAY21v27LkkSWj69MulUicfGuUbXE4k
Request Chain 74
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDVCm9fzKlQ67rIMJE8lN2o&google_cver=1&google_push=AQvitUJe10-V3r0Di0wwr7BiZDFnEls4JNgroIztkB8dIkG3UGiTAWeRizdHYTK_tdwijqeV3VThu40iIFW6vAbpjET2f0ICWMo HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDVCm9fzKlQ67rIMJE8lN2o&google_push=AQvitUJe10-V3r0Di0wwr7BiZDFnEls4JNgroIztkB8dIkG3UGiTAWeRizdHYTK_tdwijqeV3VThu40iIFW6vAbpjET2f0ICWMo&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGR_Jpt_9Y25b-2_HiUPHwAABKEAAAAB&google_gid=CAESEDVCm9fzKlQ67rIMJE8lN2o&google_push=AQvitUJe10-V3r0Di0wwr7BiZDFnEls4JNgroIztkB8dIkG3UGiTAWeRizdHYTK_tdwijqeV3VThu40iIFW6vAbpjET2f0ICWMo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGR_Jpt_9Y25b-2_HiUPHwAABKEAAAAB&google_gid=CAESEDVCm9fzKlQ67rIMJE8lN2o&google_push=AQvitUJe10-V3r0Di0wwr7BiZDFnEls4JNgroIztkB8dIkG3UGiTAWeRizdHYTK_tdwijqeV3VThu40iIFW6vAbpjET2f0ICWMo&google_cver=1&google_tc=

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.aaa-replica.com/
Redirect Chain
  • http://aaa-replica.com/
  • http://www.aaa-replica.com/
38 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
57a2fce122407d240812924f59a8046a2107736dc4c5c3aa0993a00ae283ddd2

Request headers

Host
www.aaa-replica.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:30 GMT
Server
Apache
Link
<https://www.aaa-replica.com/wp-json/>; rel="https://api.w.org/"
Upgrade
h2
Connection
Upgrade, close
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8533
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 31 Mar 2021 13:54:29 GMT
Server
Apache
X-Redirect-By
WordPress
Upgrade
h2
Connection
Upgrade, close
Location
http://www.aaa-replica.com/
Content-Length
0
Content-Type
text/html; charset=UTF-8
style.min.css
www.aaa-replica.com/wp-includes/css/dist/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
29778a6252b89c79ad8a313692c3f4b8ff5e300c463858732f28da488dd2cc05

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 08:43:56 GMT
Server
Apache
ETag
"e358-5bd2aaae32f42-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
8704
front_end_style.css
www.aaa-replica.com/wp-content/plugins/captcha/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-content/plugins/captcha/css/front_end_style.css
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
c4cd126b21a4a71df6b2eb9210d37eca993c879b5fff2eb5808741c5b3069d03

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Jul 2018 08:28:10 GMT
Server
Apache
ETag
"724-56ffffa493a80-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
724
dashicons.min.css
www.aaa-replica.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-includes/css/dashicons.min.css
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
8273f0538929ede9599e3cfea8142a252a7d0cb6dbacb230bf188490dde79d4b

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Dec 2020 02:29:25 GMT
Server
Apache
ETag
"e682-5b5fed3eb58a1-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
35726
desktop_style.css
www.aaa-replica.com/wp-content/plugins/captcha/css/ 		2 KB
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-content/plugins/captcha/css/desktop_style.css
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
7694092db9514c6643c47d692e5ac7bc1c924c3aa712c8ae4504a5cdd6cfb420

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Jul 2018 08:28:10 GMT
Server
Apache
ETag
"6d3-56ffffa493a80-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
410
style.css
www.aaa-replica.com/wp-content/themes/feather-magazine/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-content/themes/feather-magazine/style.css
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
996c6490404752612e085f239dab71325093f65e04c52d40da9e465b81c510bf

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:31 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Feb 2021 13:46:50 GMT
Server
Apache
ETag
"e3a5-5bb4c19e98464-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
11992
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0e81d6413b629d6b3b3dd51a5ae6ee567205ddb19eac77f0dffb6dfeb8fb41a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
http://www.aaa-replica.com
Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 31 Mar 2021 13:54:31 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Wed, 31 Mar 2021 13:54:31 GMT
jquery.min.js
www.aaa-replica.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Dec 2020 02:29:25 GMT
Server
Apache
ETag
"15d98-5b5fed3ed120a-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
30916
jquery-migrate.min.js
www.aaa-replica.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Dec 2020 02:29:25 GMT
Server
Apache
ETag
"2bd8-5b5fed3ed0e22-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
4169
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d93c95e25afaaf997806b76f0c5b5b1a9b8982e0de2bccc95c6f191159eb361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 31 Mar 2021 13:54:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
5725807886032881674
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
49670
X-XSS-Protection
0
Expires
Wed, 31 Mar 2021 13:54:32 GMT
style.css
www.aaa-replica.com/wp-content/plugins/wp-auto-affiliate-links/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-content/plugins/wp-auto-affiliate-links/css/style.css
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
c9281fac8a54235faf79a5011acf4e5a3a5f7cb844a9f3dfc93988ca9cbf77f0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Mar 2021 04:08:23 GMT
Server
Apache
ETag
"af5-5bddbddfa8b4b-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
867
api.js
www.aaa-replica.com/wp-content/plugins/wp-auto-affiliate-links/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-content/plugins/wp-auto-affiliate-links/js/api.js
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
ffb6413073471b3f4efaceb98948ca193e95b9ea01f6e137f72912e860340eca

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Mar 2021 04:08:23 GMT
Server
Apache
ETag
"2e90-5bddbddfa9aeb-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2957
customscripts.js
www.aaa-replica.com/wp-content/themes/feather-magazine/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-content/themes/feather-magazine/js/customscripts.js
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
e88e60105843a6dbb9b707d510ae4e5793dd30aeaf6a84465b57050d08432ba6

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:32 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Feb 2021 13:46:50 GMT
Server
Apache
ETag
"e5b-5bb4c19e970dc-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
1037
wp-embed.min.js
www.aaa-replica.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-includes/js/wp-embed.min.js
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Feb 2021 04:05:02 GMT
Server
Apache
ETag
"592-5ba7aced69040-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
765
wp-emoji-release.min.js
www.aaa-replica.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Feb 2021 04:05:02 GMT
Server
Apache
ETag
"3795-5ba7aced69040-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
4662
z_stat.php
s4.cnzz.com/ 		0
0
Rolex-Sky-Dweller-326238-1.jpg
www.aaa-replica.com/wp-content/uploads/2020/11/ 		166 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaa-replica.com/wp-content/uploads/2020/11/Rolex-Sky-Dweller-326238-1.jpg
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
7ff3aee72661c4d67a9721d5a66c17d3c3175a93ca17f9b767b1e28024cafd02

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
last-modified
Sat, 28 Nov 2020 07:45:14 GMT
server
Apache
accept-ranges
bytes
etag
"29949-5b525f5256192"
content-length
170313
content-type
image/jpeg
516-.jpg
www.aaa-replica.com/wp-content/uploads/2019/02/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaa-replica.com/wp-content/uploads/2019/02/516-.jpg
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
cef45fcd288804c5d4dfb3027723ab532fd49355ce9636f65a8c3a598b9c1e50

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
last-modified
Mon, 18 Feb 2019 08:25:11 GMT
server
Apache
accept-ranges
bytes
etag
"b0ba-58226dcf587c0"
content-length
45242
content-type
image/jpeg
384-.jpg
www.aaa-replica.com/wp-content/uploads/2019/01/ 		223 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaa-replica.com/wp-content/uploads/2019/01/384-.jpg
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
a8711be484a6b234cb39108cf53464ba37eafe3fc929221fe12ba3dd0f528ac6

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
last-modified
Wed, 09 Jan 2019 01:52:28 GMT
server
Apache
accept-ranges
bytes
etag
"37cb5-57efcb6d7af00"
content-length
228533
content-type
image/jpeg
703-.jpg
www.aaa-replica.com/wp-content/uploads/2018/12/ 		188 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaa-replica.com/wp-content/uploads/2018/12/703-.jpg
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
3fce71321def4169c4f24e18b5178e05f003fc3ebf9efa789a5128e20376f5f8

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
last-modified
Mon, 03 Dec 2018 08:52:49 GMT
server
Apache
accept-ranges
bytes
etag
"2f18c-57c1a4600ba40"
content-length
192908
content-type
image/jpeg
698-.jpg
www.aaa-replica.com/wp-content/uploads/2018/12/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaa-replica.com/wp-content/uploads/2018/12/698-.jpg
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
4fb82d6b4ee0798fdc62349311b060cce5e06c009a1e14b28decb887fa77ad9a

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
last-modified
Mon, 03 Dec 2018 08:34:42 GMT
server
Apache
accept-ranges
bytes
etag
"17ea3-57c1a05366c80"
content-length
97955
content-type
image/jpeg
218-.jpg
www.aaa-replica.com/wp-content/uploads/2018/11/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaa-replica.com/wp-content/uploads/2018/11/218-.jpg
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
889f90a9cada9734940f9fcf4f34bbb5fe04ff239061cf253c695849e9307915

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
last-modified
Thu, 15 Nov 2018 02:29:21 GMT
server
Apache
accept-ranges
bytes
etag
"10e6d-57aaad179c240"
content-length
69229
content-type
image/jpeg
206-.jpg
www.aaa-replica.com/wp-content/uploads/2018/11/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaa-replica.com/wp-content/uploads/2018/11/206-.jpg
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
2130830214ba3133253eba0a8248e50a2f8d7355c855800846660b0519d27624

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
last-modified
Thu, 15 Nov 2018 02:03:30 GMT
server
Apache
accept-ranges
bytes
etag
"e170-57aaa75076080"
content-length
57712
content-type
image/jpeg
rolex-lady-datejust-champagne-roman-dial-diamond-bezel-automatic-watch-279383crj-1.jpg
www.aaa-replica.com/wp-content/uploads/2018/05/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaa-replica.com/wp-content/uploads/2018/05/rolex-lady-datejust-champagne-roman-dial-diamond-bezel-automatic-watch-279383crj-1.jpg
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
b269f451d5ffbb17daee204dcde9d2836747d437ec16a452cf1601fe86cd8c12

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
last-modified
Mon, 02 Jul 2018 09:32:43 GMT
server
Apache
accept-ranges
bytes
etag
"13f9c-57000e12284c0"
content-length
81820
content-type
image/jpeg
rolex-lady-datejust-pearlmaster-chocolate-brown-dial-18k-everose-gold-automatic-ladies-watch-80315brrdpm-1.jpg
www.aaa-replica.com/wp-content/uploads/2018/05/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaa-replica.com/wp-content/uploads/2018/05/rolex-lady-datejust-pearlmaster-chocolate-brown-dial-18k-everose-gold-automatic-ladies-watch-80315brrdpm-1.jpg
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
8450cce93bd2748dd004f654a1605f45900f78a144bbe25abf79b2c92aa13a36

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
last-modified
Mon, 02 Jul 2018 09:33:08 GMT
server
Apache
accept-ranges
bytes
etag
"186e1-57000e29ffd00"
content-length
100065
content-type
image/jpeg
rolex-lady-datejust-silver-diamond-dial-ladies-18kt-yellow-gold-president-watch-279178srdp-1.jpg
www.aaa-replica.com/wp-content/uploads/2018/05/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaa-replica.com/wp-content/uploads/2018/05/rolex-lady-datejust-silver-diamond-dial-ladies-18kt-yellow-gold-president-watch-279178srdp-1.jpg
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
141ee54d606a83777791e931739bfe54c317653e84e1e1884bacafceb026b44e

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
last-modified
Mon, 02 Jul 2018 09:33:22 GMT
server
Apache
accept-ranges
bytes
etag
"17b7a-57000e3759c80"
content-length
97146
content-type
image/jpeg
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.aaa-replica.com
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 26 Mar 2021 02:07:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:18:36 GMT
Server
sffe
Age
474445
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
15736
X-XSS-Protection
0
Expires
Sat, 26 Mar 2022 02:07:19 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.aaa-replica.com
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 30 Mar 2021 15:37:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:19:00 GMT
Server
sffe
Age
80226
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
15816
X-XSS-Protection
0
Expires
Wed, 30 Mar 2022 15:37:38 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.aaa-replica.com
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 05:57:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:18:37 GMT
Server
sffe
Age
547037
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
15872
X-XSS-Protection
0
Expires
Fri, 25 Mar 2022 05:57:27 GMT
feather-magazine.woff2
www.aaa-replica.com/wp-content/themes/feather-magazine/fonts/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.aaa-replica.com/wp-content/themes/feather-magazine/fonts/feather-magazine.woff2
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/wp-content/themes/feather-magazine/style.css
Protocol
HTTP/1.1
Server
167.160.19.218 , Turkey, ASN59447 (SAYFANET, TR),
Reverse DNS
Software
Apache /
Resource Hash
2da5a94a8b1254f1600d968926d67d66ff7a04558e5de58fc24118b44e8c3c2b

Request headers

Origin
http://www.aaa-replica.com
Referer
http://www.aaa-replica.com/wp-content/themes/feather-magazine/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 13:54:45 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Feb 2021 13:46:50 GMT
Server
Apache
ETag
"20e0-5bb4c19e9596c-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
font/woff2
Content-Length
8439
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/ 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86619
x-xss-protection
0
server
cafe
etag
10759459106970592627
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Mar 2021 13:54:44 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/ Frame 547B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210322/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.aaa-replica.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.aaa-replica.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 31 Mar 2021 02:55:27 GMT
expires
Wed, 14 Apr 2021 02:55:27 GMT
content-type
text/html; charset=UTF-8
etag
14488317231655078900
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4661
x-xss-protection
0
age
39558
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		205 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.aaa-replica.com&callback=_gfp_s_&client=ca-pub-2048057987418261
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
88a1ca099e09ef85f99c716ad265d084b642aa527a2d200e84921cf0aabf72a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.aaa-replica.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 13:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.aaa-replica.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 13:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E47B 		65 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
594651550394d5b74fba348f6a33a109715b164c348b16762ec9b94c01b8e1a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.aaa-replica.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.aaa-replica.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 31 Mar 2021 13:54:45 GMT
server
cafe
content-length
21876
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 31-Mar-2021 14:09:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 31 Mar 2021 13:54:45 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017733465819"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28245
x-xss-protection
0
expires
Wed, 31 Mar 2021 13:54:45 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2287 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&adk=1812271804&adf=3025194257&lmt=1617198885&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.aaa-replica.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617198884984&bpp=3&bdt=13365&idt=76&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=80
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f7210edbbfa3848275520400e2167ab2e296552f3c3fa67290644a534a76a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2048057987418261&output=html&adk=1812271804&adf=3025194257&lmt=1617198885&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.aaa-replica.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617198884984&bpp=3&bdt=13365&idt=76&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=80
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.aaa-replica.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.aaa-replica.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 31 Mar 2021 13:54:45 GMT
server
cafe
content-length
793
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 31-Mar-2021 14:09:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 31 Mar 2021 13:54:45 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.aaa-replica.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 13:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.aaa-replica.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 13:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 335B 		66 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a30d9265771ff55b8a03dd07183bdb46c81e217a8ed6e24a977b3cb8f6ddb7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.aaa-replica.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.aaa-replica.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 31 Mar 2021 13:54:45 GMT
server
cafe
content-length
23785
x-xss-protection
0
set-cookie
IDE=AHWqTUmg8_r3CNlF0OD7QKLEhlHUvWpxoXvJhLmFUBnPudmMxubfEbdd03GoBiuZ6Lc; expires=Mon, 25-Apr-2022 13:54:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 31 Mar 2021 13:54:45 GMT
cache-control
private
css
fonts.googleapis.com/ Frame E47B 		3 KB
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Mar 2021 12:28:28 GMT
server
ESF
date
Wed, 31 Mar 2021 13:54:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Mar 2021 13:54:45 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame E47B 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Apr 2021 13:52:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame E47B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:46:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7120
x-xss-protection
0
server
cafe
etag
14491782869175424788
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Apr 2021 13:46:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame E47B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Apr 2021 13:47:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E47B 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017751739567"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
expires
Wed, 31 Mar 2021 13:54:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame E47B 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:51:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5520
x-xss-protection
0
server
cafe
etag
4598867394938533942
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Apr 2021 13:51:48 GMT
0d74ed574692e0488c8a49b73918ea59.js
www.gstatic.com/mysidia/ Frame E47B 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 05:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Mar 2021 05:14:52 GMT
server
sffe
age
547064
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10398
x-xss-protection
0
expires
Wed, 23 Jun 2021 05:57:01 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3687292161723475546/ Frame E47B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3687292161723475546/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c6ab117d65dcd961ae0c749be52e0318a898c3eaa92fb606b4b673d4cd5b24c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 06:20:26 GMT
x-content-type-options
nosniff
age
459259
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12035
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 17:25:21 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Mar 2022 06:20:26 GMT
truncated
/ Frame E47B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame E47B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CP9twJX9kYJ2CBomnzAau27TwB8PBgsthtJ_qitUN9cTk4KMiEAEghoWuIGCViriCyAegAYapn9MByAEJqQLLhP_1HLOzPqgDAcgDywSqBLsBT9B0xo0keK5Ghg1LCtrVknsVNofnQIKBR6BHRW7phlr4TVh1YfB4t4a-IP5CEoGMToaDOyUt2fpz684YpE7zkJwmLpbnOLACbL6pFGVj4eo-pGwzCWC0lLWGmHEc_vDozRSJASuX-OKEnAoY3H0z_dOZPT6JcTq9rElaWmnpeVAkf-LnK2Yy0vzv6f2tBsRonn5ha3GvoxJsDZFjuHhnmSwXa2dhmesIPetXxL0nYV9wg7mSSqRRs7efCMAE9a_YsLUDkgUECAQYAZIFBAgFGASgBi6AB-LW4KwCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIvJPdIICQiA4YAQEAEYH4AKAcgLAdgTDYgUAdAVAYAXAbIXGgoYCAASFHB1Yi0yMDQ4MDU3OTg3NDE4MjYx&sigh=BCRBKPLIH8U&template_id=5000&tpd=AGWhJmv-RZqxD6ZJXVj6hYMxqjcq4R3cXpjBEcXLbiPfFSFxwg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 31 Mar 2021 13:54:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ Frame 335B 		4 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4df0547b55f54db46b6551ea0eb3380f65ea77748d4bec005867b8369c2a397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Mar 2021 12:23:45 GMT
server
ESF
date
Wed, 31 Mar 2021 13:54:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Mar 2021 13:54:45 GMT
truncated
/ Frame E47B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c9d47e833ccc90f1d7619eef93dbe538a49375d116e2b05a30b599f35f4123c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 335B 		1 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Apr 2021 13:52:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame 335B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:46:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7120
x-xss-protection
0
server
cafe
etag
14491782869175424788
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Apr 2021 13:46:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 335B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Apr 2021 13:47:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 335B 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017751739567"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
expires
Wed, 31 Mar 2021 13:54:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 335B 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:51:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5520
x-xss-protection
0
server
cafe
etag
4598867394938533942
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Apr 2021 13:51:48 GMT
l
www.google.com/ads/measurement/ Frame 335B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRrm36AEXo8JdOfKwTpLtRk_xf2-sVYuq5cdKOvQCa4Ie5WYgowsajrg9A9L1RY_aEIgowDRuCiCsoI6oIFcbp1PGzUw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0d74ed574692e0488c8a49b73918ea59.js
www.gstatic.com/mysidia/ Frame 335B 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 05:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Mar 2021 05:14:52 GMT
server
sffe
age
547064
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10398
x-xss-protection
0
expires
Wed, 23 Jun 2021 05:57:01 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame E47B 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 12:53:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
90078
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Wed, 30 Mar 2022 12:53:27 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame E47B 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 05:29:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
462291
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Sat, 26 Mar 2022 05:29:54 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/191622125411244270/ Frame 335B 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/191622125411244270/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c3805e3305203e2fc9f112f4ca85c2f32889ea3a2d6eab86f2d9e831e4f25eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:42:04 GMT
x-content-type-options
nosniff
age
7961
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133952
x-xss-protection
0
last-modified
Fri, 27 Nov 2020 12:53:57 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Mar 2022 11:42:04 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1578662527487098275/ Frame 335B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1578662527487098275/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dda937796e140aa9ccf74ce705b1a57cbf67d19128c462a77662ff24a8e4d9a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 02:36:09 GMT
x-content-type-options
nosniff
age
472716
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1534
x-xss-protection
0
last-modified
Thu, 21 Jan 2021 08:52:57 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Mar 2022 02:36:09 GMT
truncated
/ Frame 335B 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame 335B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUqldJX9kYOPoDc2M-waHiIzIApL1xItihe250u0M7PHZsJYOEAEghoWuIGCViriCyAegAYbX170DyAEJqQLLhP_1HLOzPqgDAcgDywSqBLkBT9A7q5D9foM8jX1gX77UgPvfbJIHjm-DbLmjdizmHFbvnqOTH8-qKiT9T-7T5-NpU_D35s8r1yXOEn9FLTiGWKWz5iw7BuW0b9xoGvAmqbefVouOEbII6cChY5dyWtjBsflvOdJhbEuDNfkHnol5szGzpscUV6t-XQVHT-yWAfk5UPCMeswuibrhSPagkg3RRywlDH7OA0q9G5c6gpLn_p3jUAPWpiuin6hurypHbzzvX2QJJIf3HfrABIvV-MG9A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfiqKhCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEI6dH9IICQiA4YAQEAEYH4AKAcgLAdgTDYgUAbIXGgoYCAASFHB1Yi0yMDQ4MDU3OTg3NDE4MjYx&sigh=r_74w2eqw4M&template_id=484&tpd=AGWhJmuhZUMAqYdUidwmJuamVAA_CLGOmOebIon2VqRbnADESA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 31 Mar 2021 13:54:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B53F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 30 Mar 2021 16:59:40 GMT
expires
Wed, 31 Mar 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
75305
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 335B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c77b3091ceb56eb968fb568748100991b3888046c50b1758f36c3208b32f8674

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
pagead2.googlesyndication.com/bg/ Frame B6AF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=600&slotname=1094478233&adk=1673745910&adf=1304185073&pi=t.ma~as.1094478233&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617198884954&bpp=23&bdt=13334&idt=79&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1159964165039&frm=20&pv=2&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HCOcfvk8gY&p=http%3A//www.aaa-replica.com&dtd=97
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 21:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
60135
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5666
x-xss-protection
0
expires
Wed, 30 Mar 2022 21:12:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 335B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 15:37:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
80233
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Wed, 30 Mar 2022 15:37:32 GMT
dpixel
cms.quantserve.com/ Frame B53F 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIiet_X4pDEPbzURO5XMF8s&google_cver=1&google_push=AQvitUK0oLga0dTZWpY9L8pU-NPyWmFr3fYlFj7u0f8Gc0G8ACaV5jd_JZjFiAmXytg7HxQD_gDzy1N6yud2pUy2Y9LBFrhilDs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 13:54:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame B53F 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECGO-PDcSZ17QB4FGi6rRn8&google_push=AQvitUIoADZ3GrORpwsOp3S1tudea2DR7XbfkTN5Hq_eUpt3BTriXQLWscVsIJvlItmRddam52OoUarHxKSCjkF1FKBsR7nbMIg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 13:54:46 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B53F
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGVjycDFZKe6o9xon1vQEE8&google_cver=1&google_push=AQvitUKBXEp_V5kUmQAf77rjDqFkkreAAGHeCFgtI8w6ZCXmgEyu5Zm1o7szTSHJBoqHw__zcwK15Vd4X02E7Bm36gHK9edBYkc
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGVjycDFZKe6o9xon1vQEE8&google_cver=1&google_push=AQvitUKBXEp_V5kUmQAf77rjDqFkkreAAGHeCFgtI8w6ZCXmgEyu5Zm1o7szTSHJBoqHw__zcwK15Vd4X02E7Bm36gHK9edBYkc&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKBXEp_V5kUmQAf77rjDqFkkreAAGHeCFgtI8w6ZCXmgEyu5Zm1o7szTSHJBoqHw__zcwK15Vd4X02E7Bm36gHK9edBYkc&google_hm=Ew92nkrox8IQI-4h1I5DUw==
170 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKBXEp_V5kUmQAf77rjDqFkkreAAGHeCFgtI8w6ZCXmgEyu5Zm1o7szTSHJBoqHw__zcwK15Vd4X02E7Bm36gHK9edBYkc&google_hm=Ew92nkrox8IQI-4h1I5DUw==
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 13:54:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 13:54:46 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKBXEp_V5kUmQAf77rjDqFkkreAAGHeCFgtI8w6ZCXmgEyu5Zm1o7szTSHJBoqHw__zcwK15Vd4X02E7Bm36gHK9edBYkc&google_hm=Ew92nkrox8IQI-4h1I5DUw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
tqpvjo3j17q0sf21cltvgd372s1rmp4r
pixel
cm.g.doubleclick.net/ Frame B53F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qz6rdgvpR7OdkIdbqcl9QQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qz6rdgvpR7OdkIdbqcl9QQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULbQKgXs_WIJ3abU4u9Nm9x4jLpNs-TLN1jdXqNwCTa1VKfB4QRcVua9ksZKezIxUYuHNJoAxVJCinjUvQcxmY0C3r1VVY
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 13:54:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qz6rdgvpR7OdkIdbqcl9QQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULbQKgXs_WIJ3abU4u9Nm9x4jLpNs-TLN1jdXqNwCTa1VKfB4QRcVua9ksZKezIxUYuHNJoAxVJCinjUvQcxmY0C3r1VVY
Date
Wed, 31 Mar 2021 13:54:44 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B53F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOF2_bKdKjF8HTiywobOFik&google_cver=1&google_push=AQvitUKw7hI2lhi5N5M3r9xJufle1dyTdcEW4algAJKTFz4A6zN7dASfscjKHyU_k_pfoAY21v2...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YSUdNUU0tMUQtODBZQw==&google_push=AQvitUKw7hI2lhi5N5M3r9xJufle1dyTdcEW4algAJKTFz4A6zN7dASfscjKHyU_k_pfoAY21v27LkkSWj69MulUicfGuUbXE4k
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YSUdNUU0tMUQtODBZQw==&google_push=AQvitUKw7hI2lhi5N5M3r9xJufle1dyTdcEW4algAJKTFz4A6zN7dASfscjKHyU_k_pfoAY21v27LkkSWj69MulUicfGuUbXE4k
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 13:54:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YSUdNUU0tMUQtODBZQw==&google_push=AQvitUKw7hI2lhi5N5M3r9xJufle1dyTdcEW4algAJKTFz4A6zN7dASfscjKHyU_k_pfoAY21v27LkkSWj69MulUicfGuUbXE4k
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame B53F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDVCm9fzKlQ67rIMJE8lN2o&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDVCm9fzKlQ67rIMJE8lN2o&google_push=AQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGR_Jpt_9Y25b-2_HiUPHwAABKEAAAAB&google_gid=CAESEDVCm9fzKlQ67rIMJE8lN2o&google_push=AQvitUJe10-V3r0Di0wwr7BiZDFnEls4JNgroIztkB8dIkG3UGi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGR_Jpt_9Y25b-2_HiUPHwAABKEAAAAB&google_gid=CAESEDVCm9fzKlQ67rIMJE8lN2o&google_push=AQvitUJe10-V3r0Di0wwr7BiZDFnEls4JNgroIztkB8dIkG3UGi...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGR_Jpt_9Y25b-2_HiUPHwAABKEAAAAB&google_gid=CAESEDVCm9fzKlQ67rIMJE8lN2o&google_push=AQvitUJe10-V3r0Di0wwr7BiZDFnEls4JNgroIztkB8dIkG3UGiTAWeRizdHYTK_tdwijqeV3VThu40iIFW6vAbpjET2f0ICWMo&google_cver=1&google_tc=
Requested by
Host: www.aaa-replica.com
URL: http://www.aaa-replica.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 13:54:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 13:54:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGR_Jpt_9Y25b-2_HiUPHwAABKEAAAAB&google_gid=CAESEDVCm9fzKlQ67rIMJE8lN2o&google_push=AQvitUJe10-V3r0Di0wwr7BiZDFnEls4JNgroIztkB8dIkG3UGiTAWeRizdHYTK_tdwijqeV3VThu40iIFW6vAbpjET2f0ICWMo&google_cver=1&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
487
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk
ag.innovid.com/ Frame B53F 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEISsAGRFvCfiRVyoLcUn0WQ&google_cver=1&google_push=AQvitUL2XpUGH5uPK0yCNewk2690h-CRBX5j09bXoly4weVqNRc__UxcV298wnwKK8FBdYQmlvUad28kS_A1f_llL2ynzXG5pZ4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:f6ab:342:7837:ce6e London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 13:54:46 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame B53F 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwTGvzQ2JWEMBm04TLIOJBFu42AyIZFK2gNM80GSJ8VFutueKyr2WW7Jk2lbVjTHOBDx5Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:46 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
pagead2.googlesyndication.com/bg/ Frame 1F9F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2048057987418261&output=html&h=240&adk=3461008605&adf=2404881321&pi=t.aa~a.3654940567~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1617198885&rafmt=1&to=qs&pwprc=5800217201&psa=0&format=300x240&url=http%3A%2F%2Fwww.aaa-replica.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1617198885188&bpp=2&bdt=13568&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd76a13ca26e7f5f8-22bd4a41eeba00a3%3AT%3D1617198885%3ART%3D1617198885%3AS%3DALNI_Ma9P-eNrSes_SxtprLKO8WpYOo0bQ&prev_fmts=300x600%2C0x0&nras=2&correlator=1159964165039&frm=20&pv=1&ga_vid=48668810.1617198885&ga_sid=1617198885&ga_hid=162297394&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2349360849011800&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=G5B0XyplF3&p=http%3A//www.aaa-replica.com&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 21:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
60136
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5666
x-xss-protection
0
expires
Wed, 30 Mar 2022 21:12:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210322&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbb882fe9a4c5bcb1be5ee77fe7f0c816f5b06dd9a5e99ba68af49600e7e5bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 13:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6549
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2048057987418261&plah=www.aaa-replica.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 31 Mar 2021 13:54:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2062 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.aaa-replica.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.aaa-replica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 31 Mar 2021 13:09:08 GMT
expires
Thu, 31 Mar 2022 13:09:08 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2738
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
pagead2.googlesyndication.com/bg/ Frame 2062 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 21:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
60136
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5666
x-xss-protection
0
expires
Wed, 30 Mar 2022 21:12:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210322&jk=2349360849011800&bg=!EBOlE1fNAAbUo7L91KM7ACkAdvg8Wiq8lnljhGB7mpMPAM12rd4OQuAEOH451vOR2ksIm8rLwF7JEAIAAAB4UgAAAA1oAQcKAHHMn6fabsGkpmIcpk8imYAkhY6IlPyIochlTjxN6eDGFUxcOshYdwCiWvbwOjQ7QqXDC3Ery4C-NGpPX4HmKg0YpgF3N-S1Ub8NXPxnA3zpEDBiSc-90G5IpMWrlCCXsUVszb8nyD8tyROor-aJDV7p6JkBy7fQnqxNTZywLsIeLnoAVfQPv_sKAzcZ1E9lB4vbY4sVHjlzT5ZJt0i7J5EvDCc13y6Ecje0wDfcp6xLJEru2RWmzaZMtKLDtU0b6YSEdc-jiTMm98ROQF8zC0ZDfhxZ8qKNrDE4epSaee-LYqjju2yfmx1oW9aaC2gxEC_UmiDrzvfS-lkGFxcxJmcRYLxNTC6_5ECrjwMGFkAQtDV_UKCTvWd201QuWPCDochHd2_7DHOJrX1O4HVmS2Le_MNC66LOxzFTm0wQ8TUhrKIaFVSjxZXjakCTFmWSIU_dq-YpSD6EPOaGA_3lNhar-xh0nUXnqbhTU8DpTaMKBE_o1MWoIJtTlNGyBs2ToC2h7A3HfctEpe1clkJ3H1yoZuSCaI2kE9baQDsdTD8gCUZDrMXNptNZalA_Yw8IE5E7ZjXeJT4tFr_9-u-7KWKWaZRpHj5U7MNjZq6NSU5s96CDxWC4dIffPrLpFeRYMt2lO-pzl_BR1XM64GF0DbiOdi5AfwoeE8PeDHSoarPK440jgcNwmgaSFGucUs24z801mvvLRMPFIBfm9lEKnOHm-QA4oo0Qvjbi8Mom1vPRQJUYP4kWXR7Qba9J8lSh4w
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.aaa-replica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 13:54:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E47B 		42 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFVlkLPZbUedhcF3gtkL2s79-PYIZuWXN7_dmqeGQ6X4aFGPN0IcSaSjprERSnUSxd4Ry_urtChbPqz2Qq6k7lYoybpT4ELK7DIqXE3nDsQhiC4wg3jMie6X6T0A&sai=AMfl-YQrx46rm04k7C1QQixflB0w0jIys2rKZTgttFb2jz8N8s3ZfONz3mERfqaoV9N8p-JMLZFZvptsWytM&sig=Cg0ArKJSzBQFw-Il3BZPEAE&id=osdim&mcvt=1001&p=268,1025,868,1325&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210329&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1673745910&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617198885056&dlt=580&rpt=65&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 13:54:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s4.cnzz.com
URL
http://s4.cnzz.com/z_stat.php?id=1258178047

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery string| cnzz_protocol object| twemoji object| wp object| _$ string| a object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| aal_amazon_obj function| text_truncate function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
console-api log URL: http://www.aaa-replica.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aaa-replica.com
adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
s4.cnzz.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.aaa-replica.com
www.google.com
www.googletagservices.com
www.gstatic.com
s4.cnzz.com
142.250.185.162
142.250.186.98
167.160.19.218
185.64.190.78
2.18.234.21
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a05:d01c:1d8:8101:f6ab:342:7837:ce6e
34.98.67.61
35.227.252.103
69.173.144.138
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0f7210edbbfa3848275520400e2167ab2e296552f3c3fa67290644a534a76a5a
11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4
141ee54d606a83777791e931739bfe54c317653e84e1e1884bacafceb026b44e
1c6ab117d65dcd961ae0c749be52e0318a898c3eaa92fb606b4b673d4cd5b24c
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
2130830214ba3133253eba0a8248e50a2f8d7355c855800846660b0519d27624
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
29778a6252b89c79ad8a313692c3f4b8ff5e300c463858732f28da488dd2cc05
2da5a94a8b1254f1600d968926d67d66ff7a04558e5de58fc24118b44e8c3c2b
3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2
3c9d47e833ccc90f1d7619eef93dbe538a49375d116e2b05a30b599f35f4123c
3d93c95e25afaaf997806b76f0c5b5b1a9b8982e0de2bccc95c6f191159eb361
3fce71321def4169c4f24e18b5178e05f003fc3ebf9efa789a5128e20376f5f8
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb82d6b4ee0798fdc62349311b060cce5e06c009a1e14b28decb887fa77ad9a
57a2fce122407d240812924f59a8046a2107736dc4c5c3aa0993a00ae283ddd2
594651550394d5b74fba348f6a33a109715b164c348b16762ec9b94c01b8e1a8
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7694092db9514c6643c47d692e5ac7bc1c924c3aa712c8ae4504a5cdd6cfb420
7ff3aee72661c4d67a9721d5a66c17d3c3175a93ca17f9b767b1e28024cafd02
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
8273f0538929ede9599e3cfea8142a252a7d0cb6dbacb230bf188490dde79d4b
8450cce93bd2748dd004f654a1605f45900f78a144bbe25abf79b2c92aa13a36
889f90a9cada9734940f9fcf4f34bbb5fe04ff239061cf253c695849e9307915
88a1ca099e09ef85f99c716ad265d084b642aa527a2d200e84921cf0aabf72a5
8c3805e3305203e2fc9f112f4ca85c2f32889ea3a2d6eab86f2d9e831e4f25eb
8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
996c6490404752612e085f239dab71325093f65e04c52d40da9e465b81c510bf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a30d9265771ff55b8a03dd07183bdb46c81e217a8ed6e24a977b3cb8f6ddb7ee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8711be484a6b234cb39108cf53464ba37eafe3fc929221fe12ba3dd0f528ac6
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
b269f451d5ffbb17daee204dcde9d2836747d437ec16a452cf1601fe86cd8c12
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
bbb882fe9a4c5bcb1be5ee77fe7f0c816f5b06dd9a5e99ba68af49600e7e5bfb
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c4cd126b21a4a71df6b2eb9210d37eca993c879b5fff2eb5808741c5b3069d03
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c77b3091ceb56eb968fb568748100991b3888046c50b1758f36c3208b32f8674
c9281fac8a54235faf79a5011acf4e5a3a5f7cb844a9f3dfc93988ca9cbf77f0
cef45fcd288804c5d4dfb3027723ab532fd49355ce9636f65a8c3a598b9c1e50
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dda937796e140aa9ccf74ce705b1a57cbf67d19128c462a77662ff24a8e4d9a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88e60105843a6dbb9b707d510ae4e5793dd30aeaf6a84465b57050d08432ba6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e81d6413b629d6b3b3dd51a5ae6ee567205ddb19eac77f0dffb6dfeb8fb41a
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f4df0547b55f54db46b6551ea0eb3380f65ea77748d4bec005867b8369c2a397
ffb6413073471b3f4efaceb98948ca193e95b9ea01f6e137f72912e860340eca