www.testlericoz.com Open in urlscan Pro
178.211.49.211 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://testlericoz.com/
Effective URL:
https://www.testlericoz.com/
Submission: On August 02 via api (August 2nd 2022, 8:47:37 am UTC) from US — Scanned from DE

Summary HTTP 158 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 21 domains to perform 158 HTTP transactions. The main IP is 178.211.49.211, located in Turkey and belongs to RADORE, TR. The main domain is www.testlericoz.com. The Cisco Umbrella rank of the primary domain is 920820.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 2nd 2021. Valid for: a year.

This is the only time www.testlericoz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	178.211.49.211 178.211.49.211	42926 (RADORE) (RADORE)
17	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
8	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	34.102.243.38 34.102.243.38	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3 4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
13	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:e00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
10	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
158	33

22 178.211.49.211 (Turkey) 1 redirects

ASN42926 (RADORE, TR)
PTR: server-178.211.49.211.as42926.net

testlericoz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.testlericoz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.243.102.34.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:e00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	416 KB
23	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 69 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 260 cm.g.doubleclick.net — Cisco Umbrella Rank: 288 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 362	302 KB
22	testlericoz.com 1 redirects testlericoz.com — Cisco Umbrella Rank: 903469 www.testlericoz.com — Cisco Umbrella Rank: 920820	249 KB
19	criteo.net static.criteo.net — Cisco Umbrella Rank: 764 pix.eu.criteo.net — Cisco Umbrella Rank: 6060 csm.eu.criteo.net — Cisco Umbrella Rank: 6210	58 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 342	96 KB
8	virgul.com static.virgul.com — Cisco Umbrella Rank: 113664 ng.virgul.com — Cisco Umbrella Rank: 80466 ng2.virgul.com — Cisco Umbrella Rank: 92522	205 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	65 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 20	1 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8477	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 845 r.casalemedia.com — Cisco Umbrella Rank: 921	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	172 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 410 fonts.googleapis.com — Cisco Umbrella Rank: 110	34 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 9792 ads.eu.criteo.com — Cisco Umbrella Rank: 6158 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8465	58 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 4926	1 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 360	42 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2184	71 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2131	689 B
1	tapad.com pandg.tapad.com — Cisco Umbrella Rank: 2710	253 B
1	pghub.io pghub.io — Cisco Umbrella Rank: 2529	4 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 955	646 B
158	21

	Domain	Requested by
21	www.testlericoz.com	www.testlericoz.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com
17	pagead2.googlesyndication.com	www.testlericoz.com pagead2.googlesyndication.com fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	s0.2mdn.net	www.testlericoz.com s0.2mdn.net
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com www.testlericoz.com googleads.g.doubleclick.net
10	pix.eu.criteo.net	ads.eu.criteo.com
7	static.criteo.net	ads.eu.criteo.com
6	www.gstatic.com	googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.google.com	2 redirects fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com tpc.googlesyndication.com
4	www.googletagservices.com	fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net
4	static.virgul.com	www.testlericoz.com static.virgul.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	ng.virgul.com	static.virgul.com www.testlericoz.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
2	mc.yandex.ru	1 redirects www.testlericoz.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	googleads4.g.doubleclick.net	www.testlericoz.com
2	fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ng2.virgul.com	www.testlericoz.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	r.casalemedia.com	1 redirects
1	pandg.tapad.com	pghub.io
1	pghub.io	static.virgul.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	www.testlericoz.com
1	testlericoz.com	1 redirects
158	37

This site contains links to these domains. Also see Links.

Domain
play.google.com

Subject Issuer	Validity	Valid
testlericoz.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-02` - `2022-08-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-04` - `2022-11-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-02-17`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-02` - `2022-11-01`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.testlericoz.com/
Frame ID: 573BA299503C4943A883EDD36D8A95D4
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html
Frame ID: 7DCE8364A07763C9847DB5E1D7894256
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&adk=1812271804&adf=3025194257&lmt=1659430051&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.testlericoz.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051017&bpp=5&bdt=204&idt=128&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3530461826269&frm=20&pv=2&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=148
Frame ID: D820C81A903EC1B67ACA3348AADCF2A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&h=280&slotname=4574882407&adk=2287156735&adf=2539641327&pi=t.ma~as.4574882407&w=1090&fwrn=4&fwrnh=100&lmt=1659430051&rafmt=1&psa=0&format=1090x280&url=https%3A%2F%2Fwww.testlericoz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051022&bpp=2&bdt=209&idt=152&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3530461826269&frm=20&pv=1&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6lffyIH64u&p=https%3A//www.testlericoz.com&dtd=156
Frame ID: BC3D961891D7D8E5D2A2EDC002CC6246
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&h=280&slotname=8213662947&adk=2402764973&adf=1820528888&pi=t.ma~as.8213662947&w=357&fwrn=4&fwrnh=100&lmt=1659430051&rafmt=1&psa=0&format=357x280&url=https%3A%2F%2Fwww.testlericoz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051026&bpp=1&bdt=213&idt=156&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=3530461826269&frm=20&pv=1&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VnPyD7jDKi&p=https%3A//www.testlericoz.com&dtd=159
Frame ID: AEB89CC90511C7DA95B0E451661BFCC6
Requests: 8 HTTP requests in this frame

Frame: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 242379F75E5A6F9B25022B99B9CE5B83
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fwww.testlericoz.com%2F&owner=P%26G&bp_id=noktacommedya&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 385887C0536565A0734D2B2A6A3CC3A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1
Frame ID: B5E2D5131499516E0A0A83F2C9253436
Requests: 5 HTTP requests in this frame

Frame: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E57C66C11331EA8E8075B596982959EA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYls6SmgEwAQ&v=APEucNXYZqqR8sgJT69ULfgtvrHr6mdCVj8OOXSax_svZWDCrWIiM9mxeIhTTkQfDKpLV-rAVYR9vDCvLDlL6Wq4p0FPzR3jp7ZJbwpnKVqivVs5nOc7YHEubuYwTSEiE15NY06eOs9hyC7TKYYazaNzY5etNW0HsnxkbLCsH5HWSwko9jX9VGc
Frame ID: 565FA5FA1B43802A99380EE482B9E930
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C737454F0D84555B5013CC5D09EA536B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 826BE6FC6E52EFBD99EBBA9C58017397
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YujknQAEO-oKmoYSAADurjCP5SicmmTNtWkC6Q&u=%7CLeZGo2aIPjm55fY8exsf7flyTJ0wE7tVRcNoagpWh4o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSUctWjNy2ThrEDvX0n7nbZ07Z4mFU6xADwGeYWK93ZxxfUg2Zm2xAm2rSGFbweGyvApbT4C9FIibne3RHAQvGaGI64il8oMx_WNtO7Ujut8AAYj4P-Q417YUWrEQyidhbBDmwelbUK38oAFaT4e--NhBYFhFGefqzEg2L2B7JUeW1FNnb5u4dEG00lR1YCoLwoi8WWfALv_1__cN82-dHyqCX0Oh9CJ-M4uZzVQ5UuS4aslhh40X0P35DA4BdzCRB3ZGJAge9nDkSE2g-RY4QsYaud_tEUUEfcxTwJ1h_N2k4amq3xIZov-xAXcyxh9VIu0_Cc8eGx1vzmRGbZ52zaYZcZSOPI9vrcGejOp5IsQcwWXPmAeJu2HTrzD_M_0i1cG415qJhmtJUrQRus0rq0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNtVvneToYur3EJKM6gSu3YPQDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMDY2ODEyMjQ3NDc2Mzc4N6AB1bbS6gPIAQmpAkVeSNkbPLE-qAMBqgTEAU_QXc-2dVP3WCtGHJMAYJqYziYToXNDqXefIZ8Zmj-XKmu1g3KgzFnTSE1VeGpWBPHmXjLFf1XkJZEkiP5QEp08-O6YOo5ASZWIshKwDW_OnbkIhYpMTdyhcb4C3wg9vHmJHtEvXOfsQTZNSO6Zfm5olJ5u8JErg8D4w6gR5_H075jRAQP_3w6G5fuqV1eabLYxQnFKp1uz8oh9yyuHeQHO2qUnfeuLVjaQTs_lc2YiYdkexWnS4uH6Ygd-pfu85UEzJjeABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3AclVBO5njqA2GGj7ffJ3X6p0Yjg%26client%3Dca-pub-0668122474763787%26adurl%3D
Frame ID: CCD1810D73F54147163B81845BC8FDBD
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 89EF1AFA2BC1B401869A41A28CE375B8
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
Frame ID: 217C6EF78832350EF536CA51D193D280
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js
Frame ID: 37D246DCBEC62DEA69E0BAFD5179D880
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3CA758105876BCCF69EC517B4756FD8F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js
Frame ID: 7300CEBF05D49D2C0780DC70BCBF8F29
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B5EBF24B026C03AF489A049A344D1198
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DDAE2EF437476E11F8E661B22DD5A8E3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Testleri Çöz - Yeni Müfredat Testler

Page URL History Show full URLs

http://testlericoz.com/ HTTP 301
https://www.testlericoz.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

158
Requests

83 %
HTTPS

58 %
IPv6

21
Domains

37
Subdomains

33
IPs

6
Countries

1779 kB
Transfer

4616 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=net.appbeta.testlericoz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://testlericoz.com/ HTTP 301
https://www.testlericoz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8gS0z0OY0R-BGVdt7Ly5o&google_cver=1

Request Chain 84

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YujknowJ5Ghz3XfYx79UWQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8gS0z0OY0R-BGVdt7Ly5o&google_cver=1

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMr5hOj4E4LoNoaBLi04KVE&google_cver=1

Request Chain 86

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE5MzYzNjc2MjAwMTAwNTg0Ng%3D%3D

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 155

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9718.7cVNCAIwkQpM89Fl1d3cj_rQM78V3EhKbyRNthooNXBua4xmAzRoBeozw4SuziPG.1X2YfBVm4b2HnOXRnattknSEVeE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9718.VqqZgJU1itVcD2AizKfCyqjcpC7s9Hx_XGt2ahzObIP7XVFt9SKEMW37zG-trFbzCkDZdWbsP4HhkPD8gIrsIw%2C%2C.E0p-4q8uwLPvm1jgpSOpajcoe2U%2C

Request Chain 158

https://mc.yandex.com/watch/21154147?wmode=7&page-url=https%3A%2F%2Fwww.testlericoz.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A1509317137286%3Ahid%3A1072762770%3Az%3A0%3Ai%3A20220802084733%3Aet%3A1659430053%3Ac%3A1%3Arn%3A1623820%3Arqn%3A1%3Au%3A1659430053345449815%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659430049924%3Ads%3A307%2C265%2C62%2C2%2C245%2C0%2C%2C161%2C0%2C2675%2C2675%2C2%2C1045%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659430054%3At%3ATestleri%20%C3%87%C3%B6z%20-%20Yeni%20M%C3%BCfredat%20Testler&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/21154147/1?wmode=7&page-url=https%3A%2F%2Fwww.testlericoz.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A1509317137286%3Ahid%3A1072762770%3Az%3A0%3Ai%3A20220802084733%3Aet%3A1659430053%3Ac%3A1%3Arn%3A1623820%3Arqn%3A1%3Au%3A1659430053345449815%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659430049924%3Ads%3A307%2C265%2C62%2C2%2C245%2C0%2C%2C161%2C0%2C2675%2C2675%2C2%2C1045%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659430054%3At%3ATestleri%20%C3%87%C3%B6z%20-%20Yeni%20M%C3%BCfredat%20Testler&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

158 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.testlericoz.com/
Redirect Chain

http://testlericoz.com/
https://www.testlericoz.com/

44 KB
8 KB

636ms
62ms

Document
text/html

178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 4b65cdce85b852d6806a9fae043c7105cde5d7c73e20c6afa634ab036d493055

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 02 Aug 2022 08:47:24 GMT
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 02 Aug 2022 08:47:24 GMT
Location: https://www.testlericoz.com/
Server: nginx

GET
H2 200 7u4ij.css
www.testlericoz.com/wp-content/cache/wpfc-minified/l252ozg0/ 7 KB
2 KB 54ms
50ms Stylesheet
text/css 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/l252ozg0/7u4ij.css
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: e71bb1427b992069918dfb37acd5fd69b4a4c7d8d89e7a65cb4150c2757502a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:24 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 07:35:23 GMT
server: nginx
etag: W/"62e8d3bb-1c1f"
content-type: text/css
cache-control: max-age=604800
expires: Tue, 09 Aug 2022 08:47:24 GMT

GET
H2 200 7u4ij.css
www.testlericoz.com/wp-content/cache/wpfc-minified/7vp90shs/ 19 KB
3 KB 55ms
50ms Stylesheet
text/css 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/7vp90shs/7u4ij.css
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 96d2f08963d4dc71e5210ee7fcd3a45a5562e55ebe413a363c5eaffefa8b966b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:24 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 07:35:23 GMT
server: nginx
etag: W/"62e8d3bb-4dfe"
content-type: text/css
cache-control: max-age=604800
expires: Tue, 09 Aug 2022 08:47:24 GMT

GET
H2 200 7u4ij.css
www.testlericoz.com/wp-content/cache/wpfc-minified/fj4zr19/ 18 KB
5 KB 55ms
50ms Stylesheet
text/css 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/fj4zr19/7u4ij.css
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: ab070e344fbeffbde02740af8f2ddebcc2a27be10e41c78a776ab7976f75824f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:24 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 07:35:23 GMT
server: nginx
etag: W/"62e8d3bb-49d5"
content-type: text/css
cache-control: max-age=604800
expires: Tue, 09 Aug 2022 08:47:24 GMT

GET
H2 200 7u4ij.css
www.testlericoz.com/wp-content/cache/wpfc-minified/8i1ihs4i/ 28 KB
5 KB 55ms
51ms Stylesheet
text/css 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8i1ihs4i/7u4ij.css
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: f957fca8c1f0b47604870a9b38edc45f1638388f78c3dcf0c80d33d186e9e063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:24 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 07:35:23 GMT
server: nginx
etag: W/"62e8d3bb-6f9e"
content-type: text/css
cache-control: max-age=604800
expires: Tue, 09 Aug 2022 08:47:24 GMT

GET
H2 200 7u4ij.css
www.testlericoz.com/wp-content/cache/wpfc-minified/labbvvxg/ 3 KB
1 KB 55ms
52ms Stylesheet
text/css 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/labbvvxg/7u4ij.css
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 5420dad3e0819cfa0c41b7314c8d885fc69c6ed2241fa0bc981e6c5ba80fabde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:24 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 07:35:23 GMT
server: nginx
etag: W/"62e8d3bb-ca8"
content-type: text/css
cache-control: max-age=604800
expires: Tue, 09 Aug 2022 08:47:24 GMT

GET
H2 200 7u4ij.css
www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/ 10 KB
2 KB 101ms
98ms Stylesheet
text/css 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/7u4ij.css
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 2b389424cd446960d3078464e4dffda112ffd553dd5e20e135e936aed5a4dd62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:24 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 07:35:23 GMT
server: nginx
etag: W/"62e8d3bb-299f"
content-type: text/css
cache-control: max-age=604800
expires: Tue, 09 Aug 2022 08:47:24 GMT

GET
H2 200 7u4ij.css
www.testlericoz.com/wp-content/cache/wpfc-minified/g3xulhk0/ 3 KB
1 KB 101ms
99ms Stylesheet
text/css 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/g3xulhk0/7u4ij.css
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 79d2d2c6b0b8a0a6755f4ca808bf89f9d7a94b0c6a06a9463bfb6516b3d7989c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:24 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 07:35:23 GMT
server: nginx
etag: W/"62e8d3bb-d2d"
content-type: text/css
cache-control: max-age=604800
expires: Tue, 09 Aug 2022 08:47:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
56 KB 80ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0668122474763787

Requested by

Host: www.testlericoz.com
URL: https://www.testlericoz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8843613a4b957f7b9604069c40f858abe00b8d0fff3e7c91436aaeb8cc50f238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.testlericoz.com/
Origin: https://www.testlericoz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56928
x-xss-protection: 0
server: cafe
etag: 15542600207834290270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 08:47:24 GMT

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ 62 KB
22 KB 176ms
54ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=testlericoz
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: de6136b62b0e9af54a0f3c0853c4ffa071cb1f0d8ede51cc9724f360517f4b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 08:26:35 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 logo.png
www.testlericoz.com/wp-images/ 3 KB
3 KB 65ms
64ms Image
image/png 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.testlericoz.com/wp-images/logo.png
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: e000b4ee7c3e0a7df2e7b1f888fddad72384bfc22e7c188fd88121c3716352f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Thu, 25 Nov 2021 15:30:38 GMT
server: nginx
etag: "619fac1e-c8e"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3214
expires: Tue, 09 Aug 2022 08:47:25 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.testlericoz.com
URL: https://www.testlericoz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 08:18:10 GMT

GET
H2 200 script.js Show response
www.testlericoz.com/wp-content/plugins/mtouch-quiz/ 34 KB
7 KB 63ms
61ms Script
application/javascript 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/plugins/mtouch-quiz/script.js?ver=3.1.3
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 81cc9998a2b921c0df75a0abdff187c7653c8ec08c6546bdeae267875ed078f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:24 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:36:45 GMT
server: nginx
etag: W/"619fad8d-896c"
content-type: application/javascript
cache-control: max-age=604800
expires: Tue, 09 Aug 2022 08:47:24 GMT

GET
H2 200 owl.carousel.min.js Show response
www.testlericoz.com/wp-content/themes/test/assets/js/ 43 KB
14 KB 64ms
62ms Script
application/javascript 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/themes/test/assets/js/owl.carousel.min.js?ver=20151215
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 8d1f2a9077d62394a7584b7749c0f0f4827733df915ea4a5a7df98117b63ae9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:24 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:57:02 GMT
server: nginx
etag: W/"619fb24e-adf5"
content-type: application/javascript
cache-control: max-age=604800
expires: Tue, 09 Aug 2022 08:47:24 GMT

GET
H2 200 theme.js Show response
www.testlericoz.com/wp-content/themes/test/assets/js/ 727 B
495 B 65ms
63ms Script
application/javascript 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/themes/test/assets/js/theme.js?ver=20151215
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 773475aca661d998e94a51108c220c017c65f254b5c014b9d55d94817eaf23c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:57:02 GMT
server: nginx
etag: W/"619fb24e-2d7"
content-type: application/javascript
cache-control: max-age=604800
expires: Tue, 09 Aug 2022 08:47:25 GMT

GET
H2 200 passive.js Show response
www.testlericoz.com/wp-content/themes/test/assets/js/ 905 B
566 B 65ms
64ms Script
application/javascript 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/themes/test/assets/js/passive.js?ver=3.1.3
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: decd5fa918b316dce330166ed5bb259554286772de081a7be6775aef2b179450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:57:02 GMT
server: nginx
etag: W/"619fb24e-389"
content-type: application/javascript
cache-control: max-age=604800
expires: Tue, 09 Aug 2022 08:47:25 GMT

GET
H2 200 fa-solid-900.woff2
www.testlericoz.com/wp-content/themes/test/assets/fonts/ 72 KB
72 KB 51ms
51ms Font
font/woff2 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/themes/test/assets/fonts/fa-solid-900.woff2
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/7u4ij.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/7u4ij.css
Origin: https://www.testlericoz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Thu, 25 Nov 2021 15:56:55 GMT
server: nginx
accept-ranges: bytes
etag: "619fb247-1207c"
content-length: 73852
content-type: font/woff2

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
www.testlericoz.com/wp-content/themes/test/assets/fonts/ 11 KB
11 KB 101ms
100ms Font
font/woff2 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/themes/test/assets/fonts/jizaRExUiTo99u79D0KExcOPIDU.woff2
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/7u4ij.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f

Request headers

Referer: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/7u4ij.css
Origin: https://www.testlericoz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Thu, 25 Nov 2021 15:56:56 GMT
server: nginx
accept-ranges: bytes
etag: "619fb248-2c74"
content-length: 11380
content-type: font/woff2

GET
H2 200 jizaRExUiTo99u79D0yExcOPIDUg-g.woff2
www.testlericoz.com/wp-content/themes/test/assets/fonts/ 7 KB
7 KB 91ms
91ms Font
font/woff2 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/themes/test/assets/fonts/jizaRExUiTo99u79D0yExcOPIDUg-g.woff2
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/7u4ij.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 37b8e87c76f63fdd30214c4f93350b387076cba53d0c5cd52fd2059ee645ba41

Request headers

Referer: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/7u4ij.css
Origin: https://www.testlericoz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Thu, 25 Nov 2021 15:56:56 GMT
server: nginx
accept-ranges: bytes
etag: "619fb248-1c60"
content-length: 7264
content-type: font/woff2

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
www.testlericoz.com/wp-content/themes/test/assets/fonts/ 11 KB
11 KB 84ms
84ms Font
font/woff2 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/themes/test/assets/fonts/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/7u4ij.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf

Request headers

Referer: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/7u4ij.css
Origin: https://www.testlericoz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Thu, 25 Nov 2021 15:56:57 GMT
server: nginx
accept-ranges: bytes
etag: "619fb249-2cf0"
content-length: 11504
content-type: font/woff2

GET
H2 200 jizfRExUiTo99u79B_mh0OCtLR8a8zILig.woff2
www.testlericoz.com/wp-content/themes/test/assets/fonts/ 7 KB
7 KB 80ms
80ms Font
font/woff2 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.testlericoz.com/wp-content/themes/test/assets/fonts/jizfRExUiTo99u79B_mh0OCtLR8a8zILig.woff2
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/7u4ij.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: bfe6cf8ec00d0ff9673fef483a2fab0f9aeea6ea078eb9e42b4fbfc96777d1d6

Request headers

Referer: https://www.testlericoz.com/wp-content/cache/wpfc-minified/8aykiay2/7u4ij.css
Origin: https://www.testlericoz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Thu, 25 Nov 2021 15:56:57 GMT
server: nginx
accept-ranges: bytes
etag: "619fb249-1c78"
content-length: 7288
content-type: font/woff2

GET
H2 200 play-store.png
www.testlericoz.com/wp-images/ 3 KB
3 KB 59ms
58ms Image
image/png 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.testlericoz.com/wp-images/play-store.png
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: ddfc706afb70d371749fe833ef9c9b33804ca4c4c19cee1e3289884a2d23ff8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Thu, 30 Dec 2021 22:06:51 GMT
server: nginx
etag: "61ce2d7b-b27"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2855
expires: Tue, 09 Aug 2022 08:47:25 GMT

GET
H2 200 app-store.png
www.testlericoz.com/wp-images/ 3 KB
3 KB 59ms
59ms Image
image/png 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.testlericoz.com/wp-images/app-store.png
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: ebd959678a5caae9b9a3b84ae1dc1d9f53a725b6edb36a64f23ab0121dc70f9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Thu, 30 Dec 2021 22:06:50 GMT
server: nginx
etag: "61ce2d7a-a6d"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2669
expires: Tue, 09 Aug 2022 08:47:25 GMT

GET
H2 200 S%C4%B1nava-Haz%C4%B1rlanma-ve-H%C4%B1zl%C4%B1-Test-%C3%87%C3%B6zme-Teknikleri.jpg
www.testlericoz.com/wp-content/uploads/2017/10/ 81 KB
81 KB 50ms
50ms Image
image/jpeg 178.211.49.211
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.testlericoz.com/wp-content/uploads/2017/10/S%C4%B1nava-Haz%C4%B1rlanma-ve-H%C4%B1zl%C4%B1-Test-%C3%87%C3%B6zme-Teknikleri.jpg
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.211.49.211 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-178.211.49.211.as42926.net
Software: nginx /
Resource Hash: 2c2f3a3fba087ddfd3de1035785a84396768d691d510f656641b31da902c4221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Thu, 25 Nov 2021 15:45:23 GMT
server: nginx
etag: "619faf93-144e7"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 83175
expires: Tue, 09 Aug 2022 08:47:25 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/ 341 KB
121 KB 79ms
47ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0668122474763787&plah=www.testlericoz.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0668122474763787

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ec89dc563257b6593488dce5c4f253cfce0665feeb04c95795816fb1803adef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123398
x-xss-protection: 0
server: cafe
etag: 13064831610422688834
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 08:47:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/ Frame 7DCE 10 KB
5 KB 67ms
15ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0668122474763787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.testlericoz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 Aug 2022 19:35:51 GMT
etag: 8616628553774171045
expires: Mon, 15 Aug 2022 19:35:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 89ms
32ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=testlericoz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

e5de11498c78d14bc26154d9c041c62d7dd8891e144216e4308c6f0b3e71d370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28652
x-xss-protection: 0
server: sffe
etag: "1291 / 665 of 1000 / last-modified: 1659391563"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 02 Aug 2022 08:47:25 GMT

GET
H2 200 prebid7.6.0.js Show response
static.virgul.com/theme/mockups/outside/ 455 KB
166 KB 57ms
57ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.6.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=testlericoz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 677f81b84b0905cd558ddce3fd4b6bc7361a5ce7462af0ebb840e6967010ffc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 13:57:40 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 61ms
17ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=testlericoz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 02 Aug 2022 07:52:30 GMT
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront), 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 3295
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P6
content-encoding: gzip
x-amz-cf-id: tpFyBffwYDHt8XvhRxjFB_bbLUD2xJ-T9AOILxzbSVG1E-H6iLJSrQ==

GET
H2 200 pageview Show response
ng.virgul.com/ 15 KB
15 KB 252ms
65ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1659430051096&v=https%3A%2F%2Fwww.testlericoz.com%2F&r=testlericoz:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1&info=&ref=&rdmt=0.02702501562108317
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=testlericoz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0760f405c9896004ad0f5b2505e379348d83a7d92e79c20b6b88801b55346428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
server: openresty/1.15.8.3
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://www.testlericoz.com
access-control-allow-credentials: true
content-type: application/javascript
content-length: 15084
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 testlericoz.js Show response
static.virgul.com/theme/mockups/fallback/ 3 KB
859 B 54ms
53ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/testlericoz.js?dts=19206
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=testlericoz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a0b1dfaf37caa3dbfe6468493a1f3d5210304fd1d5b4243966089ec2893a8ac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 07:19:30 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ 120 B
283 B 52ms
52ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=testlericoz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Wed, 25 Dec 2019 09:23:27 GMT
server: openresty/1.15.8.3
accept-ranges: bytes
content-length: 120
content-type: application/javascript

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
646 B 65ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.testlericoz.com&callback=_gfp_s_&client=ca-pub-0668122474763787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0668122474763787&plah=www.testlericoz.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39753ba2450c6282487e78e0cddfba476231d490f9f82ae28dc7b4b703c9ca60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 91ms
24ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.testlericoz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 91ms
25ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.testlericoz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D820 193 KB
46 KB 430ms
397ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&adk=1812271804&adf=3025194257&lmt=1659430051&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.testlericoz.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051017&bpp=5&bdt=204&idt=128&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3530461826269&frm=20&pv=2&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=148

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbcba28ce1b2ea8d9830097a0731facbf3eea677ad8b157a770e2977c3ea16ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.testlericoz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 47479
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 08:47:25 GMT
expires: Tue, 02 Aug 2022 08:47:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC3D 95 KB
33 KB 587ms
566ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&h=280&slotname=4574882407&adk=2287156735&adf=2539641327&pi=t.ma~as.4574882407&w=1090&fwrn=4&fwrnh=100&lmt=1659430051&rafmt=1&psa=0&format=1090x280&url=https%3A%2F%2Fwww.testlericoz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051022&bpp=2&bdt=209&idt=152&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3530461826269&frm=20&pv=1&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6lffyIH64u&p=https%3A//www.testlericoz.com&dtd=156

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e86211fdbe0aafcd5afa764fb4f2dbc82b28e19e6c535ded21ec0faa881a185e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.testlericoz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33763
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 08:47:25 GMT
expires: Tue, 02 Aug 2022 08:47:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AEB8 25 KB
10 KB 609ms
595ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&h=280&slotname=8213662947&adk=2402764973&adf=1820528888&pi=t.ma~as.8213662947&w=357&fwrn=4&fwrnh=100&lmt=1659430051&rafmt=1&psa=0&format=357x280&url=https%3A%2F%2Fwww.testlericoz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051026&bpp=1&bdt=213&idt=156&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=3530461826269&frm=20&pv=1&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VnPyD7jDKi&p=https%3A//www.testlericoz.com&dtd=159

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

681d80c84cca1f6265b438cdd44c713af7173a7309d0780f551d0e1b3986d84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.testlericoz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10632
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 08:47:25 GMT
expires: Tue, 02 Aug 2022 08:47:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 117ms
116ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.testlericoz.com&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:24 GMT
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.testlericoz.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 0N9xbilEfvvVH6ugADCe2JEdqOc7LB83VqL48ZhEJLjAGaodimQVpQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 46ms
15ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 10153
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 23:14:57 GMT
server: AmazonS3
date: Tue, 02 Aug 2022 08:06:30 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: BE84leTTEa41DD_L4pS_vfieAcC3sMYnZ-rHm31MX8Ail5Cmb14SNA==

GET
H3 200 pubads_impl_2022072702.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
130 KB 50ms
17ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d2552b5a5b1d8d9b480866377443816318a135709b83b2e4009219d6dd082fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 04:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132574
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 20:59:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 02 Aug 2023 04:50:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 104 B
121 B 97ms
65ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.testlericoz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d01601dd06b9da219ee07b4f0884d68b50d138096724db7fb436386b026f3b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Tue, 02 Aug 2022 08:47:25 GMT

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 113ms
16ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=testlericoz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:02:08 GMT
content-encoding: gzip
age: 2717
x-guploader-uploadid: ADPycdsQJNeMjdZ3Hdea8M2WdDEFToc_EXbWJtvc9DKyg-zk37g_Y-THraJI7GXWsw6IaY21ZMMrsccGMDelJeilYcy3DpFuYTXB
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 9
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3690
last-modified: Tue, 05 Apr 2022 17:08:24 GMT
server: UploadServer
etag: "1f39af8c4109e6a95d6895228aab0692"
vary: Accept-Encoding
x-goog-hash: crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
x-goog-generation: 1649178504809914
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-meta-last-modified: 2022-07-11T15:04:42.732Z
x-goog-stored-content-length: 3690
accept-ranges: bytes
content-type: application/javascript
x-goog-meta-cache-control: public, max-age=230400

GET
H2 200 zoneview
ng.virgul.com/ 0
216 B 52ms
52ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1659430051355&v=https%3A%2F%2Fwww.testlericoz.com%2F&r=153975:testlericoz&userId=vnetf3bcbabd-cde8-4e8b-ab2a-a974d0da57e9&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.3616457531154684
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://www.testlericoz.com
date: Tue, 02 Aug 2022 08:47:25 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 57ms
25ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.testlericoz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 57ms
25ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.testlericoz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 317ms
316ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1698436462569302&correlator=3540829932884273&eid=31068631%2C31068367%2C44770639%2C42531608%2C31064019&output=ldjh&gdfp_req=1&vrg=2022072702&ptt=17&impl=fif&iu_parts=21728129623%3A22656422610%2Cweb_testlericoz_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x50%7C300x50%7C234x60%7C120x60%7C88x31&fluid=height&ifi=4&adks=3611076925&sfv=1-0-38&ecs=20220802&fsapi=false&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26viewable%3D2%26site%3Dtestlericoz%26mt%3D1659430051096%26pager%3D1%2540site_geneli%2540testlericoz%253Asite_geneli%26host%3Dwww.testlericoz.com%26url%3Dhttps%253A%252F%252Fwww.testlericoz.com%252F%26targetCtr%3D0%26pid%3Dvnetf3bcbabd-cde8-4e8b-ab2a-a974d0da57e9%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&ppid=vnetf3bcbabdcde84e8bab2aa974d0da57e9&sc=1&cookie=ID%3Dcf7c5f6dd7dd3743-22feb531e1cd00f2%3AT%3D1659430045%3ART%3D1659430045%3AS%3DALNI_MaDmCQ70KMKglVkkm0IJW6LN4_UJg&abxe=1&dt=1659430051374&lmt=1659430051&dlt=1659430050813&idt=508&adxs=640&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.testlericoz.com%2F&frm=20&vis=1&psz=970x-1&msz=1600x-1&fws=640&ohw=0&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

882b4673693f2b07b3c904416d7919a9e32f4b6dc1d00b6161b421cbc5cc4863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8108
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.testlericoz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2423 6 KB
4 KB 129ms
25ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.testlericoz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 08:47:25 GMT
expires: Wed, 02 Aug 2023 08:47:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag Show response
pandg.tapad.com/ Frame 3858 13 B
253 B 96ms
25ms Document
text/html 34.102.243.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fwww.testlericoz.com%2F&owner=P%26G&bp_id=noktacommedya&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.testlericoz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Tue, 02 Aug 2022 08:47:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/ 149 KB
53 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79d8f763cbd0d01dfc7e5e00770811a54ab54a39cba31804154d5178a9d19710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54351
x-xss-protection: 0
server: cafe
etag: 13808315634725886065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 08:47:25 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.testlericoz.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.testlericoz.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/ Frame B5E2 10 KB
4 KB 16ms
15ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.testlericoz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 Aug 2022 16:30:45 GMT
etag: 8616628553774171045
expires: Mon, 15 Aug 2022 16:30:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E57C 6 KB
3 KB 47ms
16ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.testlericoz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 08:47:25 GMT
expires: Wed, 02 Aug 2023 08:47:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame B5E2 4 KB
1 KB 63ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 08:00:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 02 Aug 2022 08:47:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Aug 2022 08:47:25 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B5E2 205 B
743 B 67ms
15ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 03:14:29 GMT
x-content-type-options: nosniff
age: 19976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 02 Aug 2023 03:14:29 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B5E2 604 B
695 B 67ms
15ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 02:21:39 GMT
x-content-type-options: nosniff
age: 23146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 02 Aug 2023 02:21:39 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/ Frame B5E2 23 KB
10 KB 68ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eab293839fb2aa5cfda5c6861bef235adf8127e9b7491caca48dc961a61d9b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9690
x-xss-protection: 0
server: cafe
etag: 12381306461416256465
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:46:29 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 565F 624 B
300 B 30ms
29ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYls6SmgEwAQ&v=APEucNXYZqqR8sgJT69ULfgtvrHr6mdCVj8OOXSax_svZWDCrWIiM9mxeIhTTkQfDKpLV-rAVYR9vDCvLDlL6Wq4p0FPzR3jp7ZJbwpnKVqivVs5nOc7YHEubuYwTSEiE15NY06eOs9hyC7TKYYazaNzY5etNW0HsnxkbLCsH5HWSwko9jX9VGc

Requested by

Host: fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com
URL: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 08:47:25 GMT
expires: Tue, 02 Aug 2022 08:47:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E57C 85 KB
34 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-dER5nj0S1P3_VW1iRc37P6XjaWomIa-9SOmikaszT7BKbjDEJAfmWZ_ZrPlDPstQ8Q0hJK_4fyrpMACOjvE3mLqvnA&cry=1&dbm_d=AKAmf-DId_H9scnUgsEOl5T10vtNMfmlD3c6CsvucmXZFgvf-MYv678qL4zInCaDv8JKZmV4K5kioRf1XKrBusAXvFGZ987Gm_rf8-Vg6evN1dPxwfiIrjypLLwupl9QHQn3z_WquJY9hnsu8X4gg_Uw_R9_tnbckqQv5Q7M7J4f4bo0bDe9CNijRedMrAmZvsfWXQD2f0SSveYl3Wlubc6AYroshplJBXWx5vUCzcHCgasKt3FQNPcBwFJUeFxSMOcFmV_VuXvDyNE4RvWDiGHf2KZzZ8OEo39DOkuW540LjeU7t0mJzSL5RKyFXglsSrDmeP5hs97qGdx9Xs8Osg0iJ0ntPjJ0uJb_HSTp6I5RwokAzyUDSUHYjsl-Uq1Er9jtd5RwF-XxbTmTvwlaoJnUCqEv6nPiA_WsNxWnzCU6g9x8GhUDjvMUH0sEz-4lFmNQAwSgkFS1xpNkPfLw3jcFcWmvngCwhd1IUYGN04K72jHFXCND62oW9zuZxOr0akQ9FUjODJ1vAfp2VlbM9TpfKjODmfuQYwYFVjkB0cyDxf_7Ma-J1PQgDJwqmSxvUknHKpJgDasPjRNLWCGUHVXdLWejKgrhSQq9Cfqx-eb71Y1QH2uJSHs3yHur-n0OwGMmZ_aa00sI5c7YqRr2bFJXul6MOrnULmgqZH_ENee3PSJOVlxgRAupiL7CU3oIHV1yiNYOEx_MOFTpLfXbKXDAl8gVm5TzgfzqJT_a4WTXnlNPvJ49vexI5GAp1huPAWsxLUQ2ZMEi4iCWFOKT26wP44EnSB1iBge_WSh4Ik6kqB1kznQjU40zmTy1Q3leoeZoN40g4y3aMyc-BX1ldAzV_Bvu1q1e8jWr_PBoI3MQCJm4OC7_DkX6DcrSUYJ1j5LLfeCMCuEEQtR_ujk4Es2GmAnqelL2H_-X9SJ4lEnwcknCR9g1-X_lluezy2SRnh9gCFDdfQcjyldFgPwjVTj-Xr6hrkrHEYAp8R1hiYrK9BLg2lb3xi1E8ViLyF1QtTeW5j47GjzreUVK2b5l7jIu9TbKyotww2f-hNuBua8ZoVCu-m_gbmlr4YjWlbstvIwZld_YMFYXfdSFq9fZkpOJLkDSlI5W9h9C2kKAbUXIjzlmIIUz8EIH7rwfNkusK_-FQohTSYoEYTx40ItryE0ielcxlHAVGKZZUhw9F4ihM0BQjohbH61fLnI-EO4Uf5SSJw1HBDtbGyFlJxWIk6A0dZWMpo7oHRQ6ELCgDpIt0UstVLJwwphiHuzFz3y1NJ1e9sccm6rqb8LlCDX0Ahp1JVgcM_VAEIF0nV-Wwnpioz75vna9uPWoO0GGsL-YCepYyp6Ri1lIV3bftUax2aPc-ickgnh_bi5OA5Uxb4qOcIOajBTCfEI22Ue5RkcnM6earbjgbRdx4VJxv-1Tg6bXPCzPYEIy928k1qgpN3UK6Xj7Wmi7ih8wHb7Snvnqj_KYuSV9i1mYOW-wlpMV4_ycJvXMIYRYJPGhMgQ0rZj8sggwgYl2reOOzVmt5Ia17LDL74QOWNDlTdPoHgfkaFgrDZ61KLGObw6a4T7r4yHA8cmWEpqIkxXH-ZSkgQ3xmD5x218e--ER2iALQl1oOy2-Tmu0jD-03YTEpREVbkp_G49qEb1s4RAIzxdSUd_qDZpJGyD4BNhw-NU2tiltNhDSCniYO35sLYT-vcdp2GuvW50M-MV_nYRFfMjRqIQDQRQ_jnWN66t8WRghkPXgsb06gj-Fyj1Ezh9hL6CYiLYU8osQhCENOd_4LpbVZhYhQxgUSMLYr0AHkxRnnPODAshTb-q_DsvZQElpCDrDFO-scUy3XZPrqarCS1IQN_Z3ydFRODDKoSGAQpN9Tcz5qFwvLW7yhMDzQvZESflkCekMOCjjn0d12i5LzTtNm_IGTEFLWiy_NIYnojBGBX-EveIBBcmMB6madZvjSBtXvn56WMdw3_j20tnnicFPEFELvM5wLB99qbaAn7ivPqMhcSBJj_KDx2OgJMAhFmKWfv79HFWBEYhx-8shUwvkUWWcVMzC5p94wBx724f41MakwfBBepQqS33l2Si8sTGILLRwtnghIWKM1AFXOReigqVUL3LkzReRl90FnVx6xIjTHu7Luzp3nN_3wM8_sJcGI4tTS3od39NRLjGCUG7Km8o79H50RNi_wBb51edXTFCcm_2GHJC_9j6VyBNpKUOnQmZ_0h9t1WqbUDUHSycOGqUOdYkUhIAW-1JtjoCm_KHo4XRxYph1QrCMKWhnXecXbbZPqxxiklITF1608gq8hZs_xtKVvCRFoDqzOUdjf5R89L2v4HkrRHkWG8ortboWge0nWGk4cxcrj2d_SE3BOItEARkhsjsN5haPcyv1bSybxXoahIfIGD9h3wonj8yQucoBHCD3MREAKXG_RACqgBQFyY-M_fel8mgQUzeyhUTLtxqVp2vUjlucGACwmSM-o91QT-iPohdv0KwwJYD854TUmKl5-ChGBbszPzJTwRb5cQt5tKHJSS2xin-KZAxKFgZrzaZgNH17wX3s36vsvoctwrIVyHqok4HEMn63zbWeImnc5fHkHwNyyuAOA6pM388JLth5agq8-3qr9f_bvAVoVHjyrDtbvBIggk3x0IDzk8B7-FSx4izE9ivg6ukWcpiveTLXjRdTDoOs28VPjLmENGjHlJffBytnnkUlZ5gwUufdUgqb3QR7_FPvWgL7nGH32M5rbSU8-IFcI7mvJ1BFNY9gun_foERJZGsIfZA2pKpIKIn9nvuyX0JHcNERsC76x6ohJd8ffuomImVLdVL7vhaBxnybEvJ_Z5j6kbmcoju4MH3uyOUEkprgngvzY-z23UL6pgeYrsDRULUTr-0K1P8ku5CjMCjVAb79gARGFqj9o1VBuX00G8QINO6OKHjxqtW6ih1fxnHsZhklngXLu6JNHUtaZoctosMTy8A8tZW54eAhwkPQ6sKXvhFZL05xJoCjUApXJUHwDkSjLq-AwKgDdCQCGA8HSb58HRNh-WR9krV3RPv9K5y0UpAvm-nnj1v3JSLs4nN9FbPFv5dTR5wSwCaDfpb4xbreb1k7G8IFWvXsNHl3PasNm-fiqCj_P-U8pWcD86Uc2Fk9atqTOZNgKye1tR-ctR37Mzocm4-suSvddS7i4461MdbyfP0Y2A-QUeWm6q2MipszOkQQTvX62lMe0gkXo8S8QqKXZaPU94sSXdX6iBfdqhCCAacmXdxNwig7DG0WBWRximTABLH-HndFOBrBb5t2u1Od0Kubq3IvWNoDrUq3uShI3KNsvbIuDDG3i2G7Sv2ZYrQV-WXi-J_eko8PNS-9MeYVwVmWwwuPlSFet7AVhtecNzzO0ADCEDJ4cxW-XkgTsV6SIbkTfXrt__11C9IOPP-OUWBWp-OV42Fhk2Ad5ZO8_n9jPGbB8AtAk6HyCsfTyN572lY1OGjQQc4Y&cid=CAASKORoycTUr3ILOClMv4SOuKkppSKSLxHVIDqM8RFCUdrhPlsu0mBYoVM&rfl=1%2Chttps%253A%252F%252Fwww.testlericoz.com%252F%240

Requested by

Host: www.testlericoz.com
URL: https://www.testlericoz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2eab6dfc74d8b8cdddf09a87f525cb19e1f09e954fcd1cdd6c058f20cf363e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35121
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E57C 42 B
63 B 52ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BtonJ7yO8Wtrhc5boppgBlggiwjlXreYlYIGnM6VInIDReRow3mNvHYstbVyQd6V91qkGWoLuEEbOLKKQtQo2nGX5IrvMi77O_xCIrzpLxVCui__A

Requested by

Host: fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com
URL: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame E57C 3 KB
1 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com
URL: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:35:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E57C 139 KB
43 KB 71ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com
URL: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43813
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659353321385471"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 Aug 2022 08:47:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame E57C 18 KB
8 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com
URL: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:34:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E57C 0
0 65ms
24ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPXUjhc0_qwtTnTgvFppsT6KPkbBz1P4dV-tLkBjakYcP_uz8Yc-rxDxEAeLFn__Qp4Rwv-FpK4SafgY0TqECtihL_Sw
Requested by: Host: fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com
URL: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 e9729a99e2ce9704c0788d1ab658d164.js Show response
www.gstatic.com/mysidia/ Frame BC3D 12 KB
5 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&h=280&slotname=4574882407&adk=2287156735&adf=2539641327&pi=t.ma~as.4574882407&w=1090&fwrn=4&fwrnh=100&lmt=1659430051&rafmt=1&psa=0&format=1090x280&url=https%3A%2F%2Fwww.testlericoz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051022&bpp=2&bdt=209&idt=152&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3530461826269&frm=20&pv=1&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6lffyIH64u&p=https%3A//www.testlericoz.com&dtd=156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4942
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 20:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 20:45:35 GMT

GET
H2 200 de03a69b80543f0fa8847e29147a30f0.js Show response
www.gstatic.com/mysidia/ Frame BC3D 11 KB
5 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4857
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 20:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 20:45:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BC3D 8 KB
966 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 06:57:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 02 Aug 2022 08:47:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Aug 2022 08:47:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame BC3D 2 KB
902 B 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:32:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/ Frame BC3D 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9504
x-xss-protection: 0
server: cafe
etag: 17733382080043146658
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:24:01 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame BC3D 3 KB
1 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:12:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame BC3D 18 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:34:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC3D 139 KB
43 KB 90ms
60ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43813
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659353321385471"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 Aug 2022 08:47:25 GMT

GET
H3 200 feee445475856395ba7fe4dbc8183291.js Show response
www.gstatic.com/mysidia/ Frame BC3D 31 KB
13 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/feee445475856395ba7fe4dbc8183291.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc59f9b5fce9cdc25d3dc8ca8011fe8bf3e07ca3d24440fa26b221c57ffd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 20:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 20:45:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C737 8 KB
893 B 58ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 06:51:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 02 Aug 2022 08:47:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Aug 2022 08:47:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame C737 2 KB
902 B 57ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:32:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/ Frame C737 23 KB
9 KB 58ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9504
x-xss-protection: 0
server: cafe
etag: 17733382080043146658
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:39:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame C737 3 KB
1 KB 62ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:12:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C737 139 KB
43 KB 53ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43813
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659353321385471"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 Aug 2022 08:47:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame C737 18 KB
7 KB 56ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:37:38 GMT

GET
H3 200 feee445475856395ba7fe4dbc8183291.js Show response
www.gstatic.com/mysidia/ Frame C737 31 KB
13 KB 54ms
18ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/feee445475856395ba7fe4dbc8183291.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc59f9b5fce9cdc25d3dc8ca8011fe8bf3e07ca3d24440fa26b221c57ffd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 20:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 20:45:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame AEB8 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&h=280&slotname=8213662947&adk=2402764973&adf=1820528888&pi=t.ma~as.8213662947&w=357&fwrn=4&fwrnh=100&lmt=1659430051&rafmt=1&psa=0&format=357x280&url=https%3A%2F%2Fwww.testlericoz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051026&bpp=1&bdt=213&idt=156&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=3530461826269&frm=20&pv=1&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VnPyD7jDKi&p=https%3A//www.testlericoz.com&dtd=159

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:12:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEB8 139 KB
43 KB 70ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43813
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659353321385471"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 Aug 2022 08:47:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame AEB8 18 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:37:38 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 565F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8gS0z0OY0R-BGVdt7Ly5o&google_cver=1

43 B
1 KB

109ms
81ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8gS0z0OY0R-BGVdt7Ly5o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYls6SmgEwAQ&v=APEucNXYZqqR8sgJT69ULfgtvrHr6mdCVj8OOXSax_svZWDCrWIiM9mxeIhTTkQfDKpLV-rAVYR9vDCvLDlL6Wq4p0FPzR3jp7ZJbwpnKVqivVs5nOc7YHEubuYwTSEiE15NY06eOs9hyC7TKYYazaNzY5etNW0HsnxkbLCsH5HWSwko9jX9VGc
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 73458c7bf99e0482-CDG
pragma: no-cache
date: Tue, 02 Aug 2022 08:47:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25Ub47Sy9wiIwtA9bdpZEK0B%2B0AcZSQfZuAe1L5bDwVMOMYVrofXhDptAcyW7YaFeex992h86xGbNaFIZuQpoP9vyUvBug8BRWKIrGp4bIgJzeWaYYWbfJ1Q%2B0THTTq4WSS25kON8BcePQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8gS0z0OY0R-BGVdt7Ly5o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 565F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YujknowJ5Ghz3XfYx79UWQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8gS0z0OY0R-BGVdt7Ly5o&google_cver=1

43 B
972 B

69ms
68ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8gS0z0OY0R-BGVdt7Ly5o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYls6SmgEwAQ&v=APEucNXYZqqR8sgJT69ULfgtvrHr6mdCVj8OOXSax_svZWDCrWIiM9mxeIhTTkQfDKpLV-rAVYR9vDCvLDlL6Wq4p0FPzR3jp7ZJbwpnKVqivVs5nOc7YHEubuYwTSEiE15NY06eOs9hyC7TKYYazaNzY5etNW0HsnxkbLCsH5HWSwko9jX9VGc
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 73458c7d4aed0482-CDG
pragma: no-cache
date: Tue, 02 Aug 2022 08:47:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVPc5eHcweJgFMFZd3LkLP3UfvCuMAShS4u9hwtNhKgU0kx0oJCb3SRLopQnRgL1dbNjlBRpCQ6Ds0Y41%2FrDgLwg7Cf7dTIydEzPB5zPgxRH8Qe%2FNDRZ6YEKI%2BjmFOuB7qj1uaV9ToPX8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8gS0z0OY0R-BGVdt7Ly5o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 565F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMr5hOj4E4LoNoaBLi04KVE&google_cver=1

43 B
1016 B

45ms
23ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMr5hOj4E4LoNoaBLi04KVE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYls6SmgEwAQ&v=APEucNXYZqqR8sgJT69ULfgtvrHr6mdCVj8OOXSax_svZWDCrWIiM9mxeIhTTkQfDKpLV-rAVYR9vDCvLDlL6Wq4p0FPzR3jp7ZJbwpnKVqivVs5nOc7YHEubuYwTSEiE15NY06eOs9hyC7TKYYazaNzY5etNW0HsnxkbLCsH5HWSwko9jX9VGc

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Aug 2022 08:47:26 GMT
X-Proxy-Origin: 146.70.117.84; 146.70.117.84; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5d48488d-a1f0-4790-b916-6f7cc3ca07e1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMr5hOj4E4LoNoaBLi04KVE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 565F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE5MzYzNjc2MjAwMTAwNTg0Ng%3D%3D

170 B
188 B

70ms
35ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE5MzYzNjc2MjAwMTAwNTg0Ng%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Aug 2022 08:47:26 GMT
X-Proxy-Origin: 146.70.117.84; 146.70.117.84; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 95d83ef5-e3b3-47d3-896d-6584d6407faa
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE5MzYzNjc2MjAwMTAwNTg0Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BC3D 0
0 63ms
62ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrmKUneToYuj7EJev7gTsp5qoBN_HuLFq8fKMu7kQvN-v1IwOEAEggOjqC2CV4pCCoAegAbzgmo8ByAEBqQJFXkjZGzyxPqgDAcgDwwSqBOUBT9Cjg5bEPy-2iSzzjNCOOeV-9zIPUdaAUu1hPFmTutri0GZRrx9K-cc1JYB7xHyfGqJWvzUWkI03_Xqw8b4e_Fm0D72dgRgrjh80dDi2yF0UIcXibtrn831SBXpcedcn2cB7B9u5PVuhVKL_YTuzYk5N4tQl2ML70uSwggo1ky2v3yf6hCBj5Ykfku7ONF42x8LdxmkC_NuPxoHJwT5AqD0C6hTPWK0tshBESr0KWBJk5fqz0sQmHogVmwf5N2uP5o1UBX_xN1W2JlDP0XOrkjybvLcVilcNh4nbYJYNLKiTUit8ScAE9vHH0fMDkgUECAQYAZIFBAgFGASgBmaAB6yf5fACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQxOAU0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMDY2ODEyMjQ3NDc2Mzc4NxgA&sigh=9ayToYAmLqc&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&h=280&slotname=4574882407&adk=2287156735&adf=2539641327&pi=t.ma~as.4574882407&w=1090&fwrn=4&fwrnh=100&lmt=1659430051&rafmt=1&psa=0&format=1090x280&url=https%3A%2F%2Fwww.testlericoz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051022&bpp=2&bdt=209&idt=152&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3530461826269&frm=20&pv=1&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6lffyIH64u&p=https%3A//www.testlericoz.com&dtd=156
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 02 Aug 2022 08:47:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 826B 143 B
163 B 16ms
15ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&h=280&slotname=4574882407&adk=2287156735&adf=2539641327&pi=t.ma~as.4574882407&w=1090&fwrn=4&fwrnh=100&lmt=1659430051&rafmt=1&psa=0&format=1090x280&url=https%3A%2F%2Fwww.testlericoz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051022&bpp=2&bdt=209&idt=152&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3530461826269&frm=20&pv=1&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6lffyIH64u&p=https%3A//www.testlericoz.com&dtd=156
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 02 Aug 2022 08:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E57C 106 KB
38 KB 86ms
16ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.testlericoz.com
URL: https://www.testlericoz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
Origin: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 12:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 Aug 2022 12:27:21 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/ Frame E57C 8 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-dER5nj0S1P3_VW1iRc37P6XjaWomIa-9SOmikaszT7BKbjDEJAfmWZ_ZrPlDPstQ8Q0hJK_4fyrpMACOjvE3mLqvnA&cry=1&dbm_d=AKAmf-DId_H9scnUgsEOl5T10vtNMfmlD3c6CsvucmXZFgvf-MYv678qL4zInCaDv8JKZmV4K5kioRf1XKrBusAXvFGZ987Gm_rf8-Vg6evN1dPxwfiIrjypLLwupl9QHQn3z_WquJY9hnsu8X4gg_Uw_R9_tnbckqQv5Q7M7J4f4bo0bDe9CNijRedMrAmZvsfWXQD2f0SSveYl3Wlubc6AYroshplJBXWx5vUCzcHCgasKt3FQNPcBwFJUeFxSMOcFmV_VuXvDyNE4RvWDiGHf2KZzZ8OEo39DOkuW540LjeU7t0mJzSL5RKyFXglsSrDmeP5hs97qGdx9Xs8Osg0iJ0ntPjJ0uJb_HSTp6I5RwokAzyUDSUHYjsl-Uq1Er9jtd5RwF-XxbTmTvwlaoJnUCqEv6nPiA_WsNxWnzCU6g9x8GhUDjvMUH0sEz-4lFmNQAwSgkFS1xpNkPfLw3jcFcWmvngCwhd1IUYGN04K72jHFXCND62oW9zuZxOr0akQ9FUjODJ1vAfp2VlbM9TpfKjODmfuQYwYFVjkB0cyDxf_7Ma-J1PQgDJwqmSxvUknHKpJgDasPjRNLWCGUHVXdLWejKgrhSQq9Cfqx-eb71Y1QH2uJSHs3yHur-n0OwGMmZ_aa00sI5c7YqRr2bFJXul6MOrnULmgqZH_ENee3PSJOVlxgRAupiL7CU3oIHV1yiNYOEx_MOFTpLfXbKXDAl8gVm5TzgfzqJT_a4WTXnlNPvJ49vexI5GAp1huPAWsxLUQ2ZMEi4iCWFOKT26wP44EnSB1iBge_WSh4Ik6kqB1kznQjU40zmTy1Q3leoeZoN40g4y3aMyc-BX1ldAzV_Bvu1q1e8jWr_PBoI3MQCJm4OC7_DkX6DcrSUYJ1j5LLfeCMCuEEQtR_ujk4Es2GmAnqelL2H_-X9SJ4lEnwcknCR9g1-X_lluezy2SRnh9gCFDdfQcjyldFgPwjVTj-Xr6hrkrHEYAp8R1hiYrK9BLg2lb3xi1E8ViLyF1QtTeW5j47GjzreUVK2b5l7jIu9TbKyotww2f-hNuBua8ZoVCu-m_gbmlr4YjWlbstvIwZld_YMFYXfdSFq9fZkpOJLkDSlI5W9h9C2kKAbUXIjzlmIIUz8EIH7rwfNkusK_-FQohTSYoEYTx40ItryE0ielcxlHAVGKZZUhw9F4ihM0BQjohbH61fLnI-EO4Uf5SSJw1HBDtbGyFlJxWIk6A0dZWMpo7oHRQ6ELCgDpIt0UstVLJwwphiHuzFz3y1NJ1e9sccm6rqb8LlCDX0Ahp1JVgcM_VAEIF0nV-Wwnpioz75vna9uPWoO0GGsL-YCepYyp6Ri1lIV3bftUax2aPc-ickgnh_bi5OA5Uxb4qOcIOajBTCfEI22Ue5RkcnM6earbjgbRdx4VJxv-1Tg6bXPCzPYEIy928k1qgpN3UK6Xj7Wmi7ih8wHb7Snvnqj_KYuSV9i1mYOW-wlpMV4_ycJvXMIYRYJPGhMgQ0rZj8sggwgYl2reOOzVmt5Ia17LDL74QOWNDlTdPoHgfkaFgrDZ61KLGObw6a4T7r4yHA8cmWEpqIkxXH-ZSkgQ3xmD5x218e--ER2iALQl1oOy2-Tmu0jD-03YTEpREVbkp_G49qEb1s4RAIzxdSUd_qDZpJGyD4BNhw-NU2tiltNhDSCniYO35sLYT-vcdp2GuvW50M-MV_nYRFfMjRqIQDQRQ_jnWN66t8WRghkPXgsb06gj-Fyj1Ezh9hL6CYiLYU8osQhCENOd_4LpbVZhYhQxgUSMLYr0AHkxRnnPODAshTb-q_DsvZQElpCDrDFO-scUy3XZPrqarCS1IQN_Z3ydFRODDKoSGAQpN9Tcz5qFwvLW7yhMDzQvZESflkCekMOCjjn0d12i5LzTtNm_IGTEFLWiy_NIYnojBGBX-EveIBBcmMB6madZvjSBtXvn56WMdw3_j20tnnicFPEFELvM5wLB99qbaAn7ivPqMhcSBJj_KDx2OgJMAhFmKWfv79HFWBEYhx-8shUwvkUWWcVMzC5p94wBx724f41MakwfBBepQqS33l2Si8sTGILLRwtnghIWKM1AFXOReigqVUL3LkzReRl90FnVx6xIjTHu7Luzp3nN_3wM8_sJcGI4tTS3od39NRLjGCUG7Km8o79H50RNi_wBb51edXTFCcm_2GHJC_9j6VyBNpKUOnQmZ_0h9t1WqbUDUHSycOGqUOdYkUhIAW-1JtjoCm_KHo4XRxYph1QrCMKWhnXecXbbZPqxxiklITF1608gq8hZs_xtKVvCRFoDqzOUdjf5R89L2v4HkrRHkWG8ortboWge0nWGk4cxcrj2d_SE3BOItEARkhsjsN5haPcyv1bSybxXoahIfIGD9h3wonj8yQucoBHCD3MREAKXG_RACqgBQFyY-M_fel8mgQUzeyhUTLtxqVp2vUjlucGACwmSM-o91QT-iPohdv0KwwJYD854TUmKl5-ChGBbszPzJTwRb5cQt5tKHJSS2xin-KZAxKFgZrzaZgNH17wX3s36vsvoctwrIVyHqok4HEMn63zbWeImnc5fHkHwNyyuAOA6pM388JLth5agq8-3qr9f_bvAVoVHjyrDtbvBIggk3x0IDzk8B7-FSx4izE9ivg6ukWcpiveTLXjRdTDoOs28VPjLmENGjHlJffBytnnkUlZ5gwUufdUgqb3QR7_FPvWgL7nGH32M5rbSU8-IFcI7mvJ1BFNY9gun_foERJZGsIfZA2pKpIKIn9nvuyX0JHcNERsC76x6ohJd8ffuomImVLdVL7vhaBxnybEvJ_Z5j6kbmcoju4MH3uyOUEkprgngvzY-z23UL6pgeYrsDRULUTr-0K1P8ku5CjMCjVAb79gARGFqj9o1VBuX00G8QINO6OKHjxqtW6ih1fxnHsZhklngXLu6JNHUtaZoctosMTy8A8tZW54eAhwkPQ6sKXvhFZL05xJoCjUApXJUHwDkSjLq-AwKgDdCQCGA8HSb58HRNh-WR9krV3RPv9K5y0UpAvm-nnj1v3JSLs4nN9FbPFv5dTR5wSwCaDfpb4xbreb1k7G8IFWvXsNHl3PasNm-fiqCj_P-U8pWcD86Uc2Fk9atqTOZNgKye1tR-ctR37Mzocm4-suSvddS7i4461MdbyfP0Y2A-QUeWm6q2MipszOkQQTvX62lMe0gkXo8S8QqKXZaPU94sSXdX6iBfdqhCCAacmXdxNwig7DG0WBWRximTABLH-HndFOBrBb5t2u1Od0Kubq3IvWNoDrUq3uShI3KNsvbIuDDG3i2G7Sv2ZYrQV-WXi-J_eko8PNS-9MeYVwVmWwwuPlSFet7AVhtecNzzO0ADCEDJ4cxW-XkgTsV6SIbkTfXrt__11C9IOPP-OUWBWp-OV42Fhk2Ad5ZO8_n9jPGbB8AtAk6HyCsfTyN572lY1OGjQQc4Y&cid=CAASKORoycTUr3ILOClMv4SOuKkppSKSLxHVIDqM8RFCUdrhPlsu0mBYoVM&rfl=1%2Chttps%253A%252F%252Fwww.testlericoz.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:45:52 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/ Frame E57C 30 KB
11 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a719dfbca2b4fc363e174b3f4e0f6ed16229e8bdcd22d6001d7d4411a8d86cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6430633989078232507
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 08:43:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AEB8 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjfaWneToYur3EJKM6gSu3YPQDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMDY2ODEyMjQ3NDc2Mzc4N6AB1bbS6gPIAQmpAkVeSNkbPLE-qAMBqgTBAU_QXc-2dVP3WCtGHJMAYJqYziYToXNDqXefIZ8Zmj-XKmu1g3KgzFnTSE1VeGpWBPHmXjLFf1XkJZEkiP5QEp08-O6YOo5ASZWIshKwDW_OnbkIhYpMTdyhcb4C3wg9vHmJHtEvXOfsQTZNSO6Zfm5olJ5u8JErg8D4w6gR5_H075jRAQP_3w6G5fuqV1eabLYxQnFKp1uz8oh9iSmm64ZBRraY4f8ohgs2tsbxedAoT8GccaHvRBNFfCtmIFE49v6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMDY2ODEyMjQ3NDc2Mzc4NxgA&sigh=JlyQc7UyNnY&uach_m=[UACH]&cid=CAQSGwCNIrLMsdjYSUWZ6y_dfeNiHvNm2f-uk2j3bRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&h=280&slotname=8213662947&adk=2402764973&adf=1820528888&pi=t.ma~as.8213662947&w=357&fwrn=4&fwrnh=100&lmt=1659430051&rafmt=1&psa=0&format=357x280&url=https%3A%2F%2Fwww.testlericoz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051026&bpp=1&bdt=213&idt=156&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=3530461826269&frm=20&pv=1&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VnPyD7jDKi&p=https%3A//www.testlericoz.com&dtd=159
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 02 Aug 2022 08:47:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame AEB8 0
0 177ms
23ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6ROUCmAKdg2ICAgAAAFHx3VG9Efs1EJ3k6GLqxkHF8i1wzZpfugASAAA&wp=YujknQAEO-oKmoYSAADurjCP5SicmmTNtWkC6Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 204965
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CCD1 206 KB
58 KB 218ms
147ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YujknQAEO-oKmoYSAADurjCP5SicmmTNtWkC6Q&u=%7CLeZGo2aIPjm55fY8exsf7flyTJ0wE7tVRcNoagpWh4o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSUctWjNy2ThrEDvX0n7nbZ07Z4mFU6xADwGeYWK93ZxxfUg2Zm2xAm2rSGFbweGyvApbT4C9FIibne3RHAQvGaGI64il8oMx_WNtO7Ujut8AAYj4P-Q417YUWrEQyidhbBDmwelbUK38oAFaT4e--NhBYFhFGefqzEg2L2B7JUeW1FNnb5u4dEG00lR1YCoLwoi8WWfALv_1__cN82-dHyqCX0Oh9CJ-M4uZzVQ5UuS4aslhh40X0P35DA4BdzCRB3ZGJAge9nDkSE2g-RY4QsYaud_tEUUEfcxTwJ1h_N2k4amq3xIZov-xAXcyxh9VIu0_Cc8eGx1vzmRGbZ52zaYZcZSOPI9vrcGejOp5IsQcwWXPmAeJu2HTrzD_M_0i1cG415qJhmtJUrQRus0rq0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNtVvneToYur3EJKM6gSu3YPQDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMDY2ODEyMjQ3NDc2Mzc4N6AB1bbS6gPIAQmpAkVeSNkbPLE-qAMBqgTEAU_QXc-2dVP3WCtGHJMAYJqYziYToXNDqXefIZ8Zmj-XKmu1g3KgzFnTSE1VeGpWBPHmXjLFf1XkJZEkiP5QEp08-O6YOo5ASZWIshKwDW_OnbkIhYpMTdyhcb4C3wg9vHmJHtEvXOfsQTZNSO6Zfm5olJ5u8JErg8D4w6gR5_H075jRAQP_3w6G5fuqV1eabLYxQnFKp1uz8oh9yyuHeQHO2qUnfeuLVjaQTs_lc2YiYdkexWnS4uH6Ygd-pfu85UEzJjeABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3AclVBO5njqA2GGj7ffJ3X6p0Yjg%26client%3Dca-pub-0668122474763787%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

41e3fcf05cd7daaf59c71210e1e1adb7b83d12cafe2b0c7bf1b0bc19000e2960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 08:47:25 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mxq9T8j1uNx0881T9tDuncJnO0rmfjFbljUpgcDhMHpTiZLGEFMVNipdQ5Z67mGoXXtn_W89S3dnfiaN-Kp5idS86HQUPO5fBzsXVj4lqJX1hDSTdj2e3r-ua6feR4qhPy2XzOKeOKtnSAG1TH64wnlyh1q-XyoRN3t0n-q0_9hveBBWCFh51pNjznWoPrM5MFi7B8ddRSPxQHw0Zm0oWYS48e9vsNOTmj6srf837lJGUnZ4VIisrkUMGmHN189IXZ0X8g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 119922260
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame BC3D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ffeadd4a94927c6af1b28486e235e80cfcf604a241357161570c4e1270de6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 89EF 143 B
163 B 15ms
15ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 02 Aug 2022 08:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E57C 41 KB
15 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com
URL: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 12:49:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 826B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 02 Aug 2022 08:47:26 GMT
expires: Tue, 02 Aug 2022 08:47:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 02 Aug 2022 08:47:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame BC3D 28 KB
28 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 518562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 08:44:44 GMT

GET
DATA 200
OK truncated
/ Frame AEB8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd82c1db077b6d43ab8f7d811fdc725313d03606c36f2d1b31ba412ebc75d7d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E57C 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0028630c750569332720c337a232984b0cac2dead3c36bf279555c647be2412d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/ Frame 217C 11 KB
4 KB 48ms
16ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02951bc16d4bd5a9e8b8a1c50707ec032667abf76a9582f42bc5fb3fe4280dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3719
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 06:45:49 GMT
expires: Wed, 02 Aug 2023 06:45:49 GMT
last-modified: Tue, 09 Feb 2021 19:34:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E57C 0
622 B 128ms
62ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9V3Adn4StrDIJBsEPxGGvmbwxwoR3Uza32a6wZpQM7XUMzcu-kvNo9bIPW7H-REPiBUSQQgO4OWQ0PBT6S9nxLqhjvt9qX5x1aoJthIu-ogjAFOTMlsEOhYHjSHbwo2L3eitjXb7VvhmOzoEPxvNY5fXRJnxjWb6MafxlcDBqduhbBHCQVT1eBWbn4CHynpnaV_KiNRprxbWpiYbgTHD0xNhYtbpTCTuCrTipjzTGkpKIofIPWm0-Tuf8rwoMqDbm9xbWGuDLj0u69t0gKUI7qetgROeNayXMxvv5ZA9I-b02HLI9B2N16l-TrMHgHddUyaxzNCc4dlM4mV9yzi8HxT95a1D6y_caCGiu_kMW3CkgUuv7hQZ56TrXz6p2KVEsDJNTPFsFgDd0dTxfp6XNJ8uQweADwbf2uM-daFs1OjNj1jdlhn9U0gM0jJ5dQ4ZMOcfG2gNF1wlBqHJPb_ckTazXIZpSljt-wr8G9Vnm5AgMYO2qODSoLdfZiV8R1affn8U7LQjugdmGF331fyAVmYMnDKi2RwQSmuozJQGZotZja1HLTpZhwIvTIobxugVg9MaqoC1jiL8gHgm1-Z92YC_VJpDsVp7PqkTiKIH7vyNnER8__OIdEASMEc1V7DzoruBq9GjPdoeE-FHJGOAvwbvg9TpL2lF7Y8IwyIqufeIeb1owaHy7zg0Lb77888VZwVBvUza6jKOnToA5qXIRh9N2elVojhHzQVzRn-PmkZKR98sNSW2OP1e3t67cWQ6h9xYRIM-ys46qbH-bf-ddzO9LY9ztGq6uaa_taEwEuoMXg2Yf_bPdT1h6BS47181qplgKXIaWstFegw-RW7uQYj6xefCqbumvsF7HucQce8Fvy26MSNfJyLGCVRAFSqdwJ7foOkvXvjWf5Bws1E9ctDGIekBN4HR5RT4t68iMxO5zLSSbLnDZ8rHmQTWnoMoT9VYaT2d9FoIAi59xTDpQFROOaPBbXgAv-t5rzqK8x2TvF1-UNJwyR_p0mHPshi7Amuykd66w4D359SkTfoESergAzTCQ_cxcGu2o0ZoBR5rs8Hxdlx3vBLnMURtV8zq312c_cCmlwYd0VBqn4ki9x3FRDmR4VtlVhZf4IeF2z1QMsAs0ByRzlKukG5OnLUZwU5ZJn0u4q07SmXOjo5GpOTc7vKMhrBlU5KSK4yodY147wdguxHE8jG32lqfNQBbWQOIMSYtBUZLE-wRv3Sjf_7N1ZGv0QEuoyj1LtdVyJDECxWJC&sai=AMfl-YRvqOczwgHmCBn6xBRuT0LSoEykIuDBOXyKyJdlC-yrQsLSNKEN9vvBlbSPCo4Hzclu3XgSplQevOSTCWdq7E0KB-FcfBKLrt5P999LDu38NH9DlfoKUI_FKKDib85U3TZNJ5Wne7UlzzfYwuzfHYRTP_BzeFVFBxtTl5mLEnrL_tnhafcs4w7BDWdSGuHB7BoOgaeCE6yPQmo-_-z7o0PDtJ3MkVSVtg&sig=Cg0ArKJSzBdsueSn7FPLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=215&cbvp=1&cstd=211&cisv=r20220727.89344&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.testlericoz.com
URL: https://www.testlericoz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 02 Aug 2022 08:47:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 89EF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

44ms
43ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 02 Aug 2022 08:47:26 GMT
expires: Tue, 02 Aug 2022 08:47:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 02 Aug 2022 08:47:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame 37D2 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: www.testlericoz.com
URL: https://www.testlericoz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Aug 2023 08:38:21 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3CA7 22 KB
8 KB 16ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 86123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 01 Aug 2022 08:52:03 GMT
expires: Tue, 01 Aug 2023 08:52:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CCD1 2 KB
1 KB 87ms
28ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YujknQAEO-oKmoYSAADurjCP5SicmmTNtWkC6Q&u=%7CLeZGo2aIPjm55fY8exsf7flyTJ0wE7tVRcNoagpWh4o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSUctWjNy2ThrEDvX0n7nbZ07Z4mFU6xADwGeYWK93ZxxfUg2Zm2xAm2rSGFbweGyvApbT4C9FIibne3RHAQvGaGI64il8oMx_WNtO7Ujut8AAYj4P-Q417YUWrEQyidhbBDmwelbUK38oAFaT4e--NhBYFhFGefqzEg2L2B7JUeW1FNnb5u4dEG00lR1YCoLwoi8WWfALv_1__cN82-dHyqCX0Oh9CJ-M4uZzVQ5UuS4aslhh40X0P35DA4BdzCRB3ZGJAge9nDkSE2g-RY4QsYaud_tEUUEfcxTwJ1h_N2k4amq3xIZov-xAXcyxh9VIu0_Cc8eGx1vzmRGbZ52zaYZcZSOPI9vrcGejOp5IsQcwWXPmAeJu2HTrzD_M_0i1cG415qJhmtJUrQRus0rq0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNtVvneToYur3EJKM6gSu3YPQDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMDY2ODEyMjQ3NDc2Mzc4N6AB1bbS6gPIAQmpAkVeSNkbPLE-qAMBqgTEAU_QXc-2dVP3WCtGHJMAYJqYziYToXNDqXefIZ8Zmj-XKmu1g3KgzFnTSE1VeGpWBPHmXjLFf1XkJZEkiP5QEp08-O6YOo5ASZWIshKwDW_OnbkIhYpMTdyhcb4C3wg9vHmJHtEvXOfsQTZNSO6Zfm5olJ5u8JErg8D4w6gR5_H075jRAQP_3w6G5fuqV1eabLYxQnFKp1uz8oh9yyuHeQHO2qUnfeuLVjaQTs_lc2YiYdkexWnS4uH6Ygd-pfu85UEzJjeABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3AclVBO5njqA2GGj7ffJ3X6p0Yjg%26client%3Dca-pub-0668122474763787%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Jul 2023 08:47:26 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CCD1 2 KB
1 KB 91ms
32ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Jul 2023 08:47:26 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CCD1 308 B
637 B 83ms
26ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 28 Jul 2023 08:47:26 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CCD1 293 B
621 B 85ms
28ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 28 Jul 2023 08:47:26 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame CCD1 43 B
348 B 109ms
24ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=wxWnt6Igar3PdS5R9BM-mVDRxQUrw5YZX5nuiyVenMPHPPQ2UYeJF31amzUGEXO0uRIz12kquxGA4Wc4qE7lkaphZP5v3cXgNZBP1ZpeuBLLQjbAnlEswIOIacBluesxC9vMrtL5Ye0WqanT1oQwGmAPYy9h_4ds8BZQ_HW6NInqTC0gt5E8PwawwefBb8oQhfXDm5Rn9qyRYQ8JwN2RuHuVMr60-EPFjJsSywN-jupvoNs9k8XsjnHzs4eSrKbSWCyeo0bu3gb2cz5TsMY9-whEAglD8csegCXYjGiZYK5Q6yAEVZL4mHBnc_OVG5-OW8yqFuVHvVQTeEJnYTFH1rG3NuYRwTCU2IOfieAqXit8LRpsV7s700gCT_qA5Z1IXwrYI4U8h1lDf-AnDuLGv2zMr4-7TKw4fS3lJ6PJSfWcUvZb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:25 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2877184
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame CCD1 0
689 B 227ms
157ms Image
text/plain 2600:9000:223c:e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1659430045
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YujknQAEO-oKmoYSAADurjCP5SicmmTNtWkC6Q&u=%7CLeZGo2aIPjm55fY8exsf7flyTJ0wE7tVRcNoagpWh4o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSUctWjNy2ThrEDvX0n7nbZ07Z4mFU6xADwGeYWK93ZxxfUg2Zm2xAm2rSGFbweGyvApbT4C9FIibne3RHAQvGaGI64il8oMx_WNtO7Ujut8AAYj4P-Q417YUWrEQyidhbBDmwelbUK38oAFaT4e--NhBYFhFGefqzEg2L2B7JUeW1FNnb5u4dEG00lR1YCoLwoi8WWfALv_1__cN82-dHyqCX0Oh9CJ-M4uZzVQ5UuS4aslhh40X0P35DA4BdzCRB3ZGJAge9nDkSE2g-RY4QsYaud_tEUUEfcxTwJ1h_N2k4amq3xIZov-xAXcyxh9VIu0_Cc8eGx1vzmRGbZ52zaYZcZSOPI9vrcGejOp5IsQcwWXPmAeJu2HTrzD_M_0i1cG415qJhmtJUrQRus0rq0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNtVvneToYur3EJKM6gSu3YPQDsme0rFcpfyT93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMDY2ODEyMjQ3NDc2Mzc4N6AB1bbS6gPIAQmpAkVeSNkbPLE-qAMBqgTEAU_QXc-2dVP3WCtGHJMAYJqYziYToXNDqXefIZ8Zmj-XKmu1g3KgzFnTSE1VeGpWBPHmXjLFf1XkJZEkiP5QEp08-O6YOo5ASZWIshKwDW_OnbkIhYpMTdyhcb4C3wg9vHmJHtEvXOfsQTZNSO6Zfm5olJ5u8JErg8D4w6gR5_H075jRAQP_3w6G5fuqV1eabLYxQnFKp1uz8oh9yyuHeQHO2qUnfeuLVjaQTs_lc2YiYdkexWnS4uH6Ygd-pfu85UEzJjeABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3AclVBO5njqA2GGj7ffJ3X6p0Yjg%26client%3Dca-pub-0668122474763787%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:26 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: v5T8JNPN8C-cI2Wj-O-fxUVTV4w05D_sxH6r5GwsWemVd6B4GSM6qg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CCD1 12 KB
6 KB 30ms
30ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Jul 2023 08:47:26 GMT

GET
H3 200 attribute-1-x2.png
s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/ Frame 217C 3 KB
3 KB 16ms
16ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/attribute-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1061e168975da6346fe1702ac963aa771e9c18286a81535172dc839f0f3388d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:47:49 GMT
x-content-type-options: nosniff
age: 496777
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2647
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 19:34:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 14:47:49 GMT

GET
H3 200 attribute-2-x2.png
s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/ Frame 217C 3 KB
3 KB 17ms
17ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/attribute-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434bf20c9938b586dc3e9844b6c85251a2a0666c4e1925850abaed3ec0167ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 03:00:08 GMT
x-content-type-options: nosniff
age: 20838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3531
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 19:34:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Aug 2023 03:00:08 GMT

GET
H3 200 box-push-x2.png
s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/ Frame 217C 4 KB
4 KB 21ms
19ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/box-push-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f366acbaef1519ddd73109b73dcb7752e7c7b1f96d9d33240e420a2ba0893f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 06:45:21 GMT
x-content-type-options: nosniff
age: 7325
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4310
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 19:34:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Aug 2023 06:45:21 GMT

GET
H3 200 box-cta-x2.png
s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/ Frame 217C 772 B
799 B 23ms
20ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/box-cta-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a0534b45c4549e33018406cf9cd0c32a9b604807a0070756e49400be4c29c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 06:45:21 GMT
x-content-type-options: nosniff
age: 7325
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 772
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 19:34:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Aug 2023 06:45:21 GMT

GET
H3 200 partner.svg
s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/ Frame 217C 351 B
293 B 23ms
21ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/partner.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72fd1fa5c56689ff1fc4d3d60c6065f7f99fe6953a3c54ed3ad0c82aa9a34fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 06:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 19:34:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Aug 2023 06:45:49 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/ Frame 217C 3 KB
1 KB 25ms
23ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23f66936773cf6edddcdc7b474a536146779ca32fca06d731861ff069544b93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 06:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7263
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1369
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 19:34:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Aug 2023 06:46:23 GMT

GET
H3 200 overlay-push-x2.png
s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/ Frame 217C 1 KB
1 KB 24ms
23ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/overlay-push-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f20f509409a067c507538c68376a95f0fbdedd529b7f9828e1977db873aa4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 06:45:21 GMT
x-content-type-options: nosniff
age: 7325
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1155
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 19:34:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Aug 2023 06:45:21 GMT

GET
H3 200 overlay-cta-hover-x2.png
s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/ Frame 217C 888 B
915 B 23ms
21ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/overlay-cta-hover-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f132723904ab0ecbc23edcb8e63b26ab506c0fa2fe8403428e6e33b277cef20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 06:45:21 GMT
x-content-type-options: nosniff
age: 7325
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 888
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 19:34:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Aug 2023 06:45:21 GMT

GET
H3 200 overlay-cta-x2.png
s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/ Frame 217C 905 B
932 B 23ms
22ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/images/overlay-cta-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f7df8d26a4f8224091392d041c9387ca2e375216dd07d51184f62962f9a75da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 06:45:21 GMT
x-content-type-options: nosniff
age: 7325
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 905
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 19:34:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Aug 2023 06:45:21 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 217C 113 KB
38 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 Aug 2022 08:47:26 GMT

GET
H3 200 creative-1.0.6.min.js Show response
s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/scripts/ Frame 217C 2 KB
884 B 21ms
18ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/scripts/creative-1.0.6.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a44400fb88aaf018fb0e9aff450c4b708da545d38ab0317d6bc599f093e20030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18179720608254659032/TB_ML_HTM_CategoryAuto-AUTO-THINK_320x50_rta-V01/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 06:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 855
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 19:34:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Aug 2023 06:45:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CCD1 25 KB
25 KB 201ms
40ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=710&s=FtHgbgHnE75nb4M0dCNoheDR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0b13f84a6dde5e31b8a9e05852d609f5aa9d41b1b86c26d2d4f773b7dca0a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28425568
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 25396
expires: Tue, 27 Jun 2023 08:46:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CCD1 1 KB
1 KB 204ms
44ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=400&s=GVnKI3ywx2pDN-sz0JRgKSSP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=245164
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Fri, 05 Aug 2022 04:53:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CCD1 2 KB
2 KB 205ms
45ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1609958
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Sun, 21 Aug 2022 00:00:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CCD1 1 KB
2 KB 199ms
39ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2Flogodid-deutsch-institut-GmbH-278134DE-2109221536.gif%3Feb%3D1&v=3&w=400&s=rXlvmrWXuf1JUpy1H8LlMCIn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f00fa43829682abfb3b5148182816a7bc8fb6bf53dfacbb09ce6533b2d9ed501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2084595
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1320
expires: Fri, 26 Aug 2022 11:50:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CCD1 2 KB
2 KB 202ms
42ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=400&s=u8QjTuzx4yQwWOjyD8TMxXfP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=947270
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1960
expires: Sat, 13 Aug 2022 07:55:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CCD1 1 KB
2 KB 205ms
46ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoBaumann-Unternehmensberatung-AG-5660DE.gif%3Feb%3D1&v=3&w=400&s=fo7qbGgBGVLtMx3udvRCgP_P&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

76b13672b24c38eeb174cb4eb38c1d10b6f4d08f282cb06674c50080143335a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=125772
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1470
expires: Wed, 03 Aug 2022 19:43:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CCD1 3 KB
3 KB 22ms
22ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoBusiness-Work-and-Coaching-Inh-Michael-Dommermuth-307307DE-2207060828.gif%3Feb%3D1&v=3&w=400&s=nk2oyu_ZZ9mYkzRn_DIXynM7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e1836e873feac1ac8ead91bd383300abea491e2538a43bf6b7ba4d69f3fa5646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1046780
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2748
expires: Sun, 14 Aug 2022 11:33:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CCD1 3 KB
3 KB 23ms
23ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoStaatliches-Gewerbeaufsichtsamt-Hannover-235875DE-1910161248.gif%3Feb%3D1&v=3&w=400&s=sp08AKuoirm_Viu8N1_LcjG9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b037f9ea1529272c598e6d2b6787627be820def81fb8e0c751be6c6fd676e149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=3052
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2740
expires: Tue, 02 Aug 2022 09:38:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CCD1 5 KB
5 KB 24ms
23ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoDACHSER-SE-4891DE-2003241016.gif%3Feb%3D1&v=3&w=400&s=Js2skOQQI0PMzENBG38ZT6qL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d8f169f581e9e8d07c8e5a0cec347ca2a1e05452725c9bbc3063808a0a720c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1250817
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4666
expires: Tue, 16 Aug 2022 20:14:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CCD1 970 B
1 KB 26ms
25ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FU%2Flogousd-AG-1546DE.gif%3Feb%3D1&v=3&w=400&s=HwPQeq04Saap4ktf9vUVcmbM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bd48cfc51f425d9fabba14bd5552f923a5e7f80ece114a845c53af97ac2fce94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1489299
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 970
expires: Fri, 19 Aug 2022 14:29:06 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CCD1 0
128 B 238ms
22ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=mxq9T8j1uNx0881T9tDuncJnO0rmfjFbljUpgcDhMHpTiZLGEFMVNipdQ5Z67mGoXXtn_W89S3dnfiaN-Kp5idS86HQUPO5fBzsXVj4lqJX1hDSTdj2e3r-ua6feR4qhPy2XzOKeOKtnSAG1TH64wnlyh1q-XyoRN3t0n-q0_9hveBBWCFh51pNjznWoPrM5MFi7B8ddRSPxQHw0Zm0oWYS48e9vsNOTmj6srf837lJGUnZ4VIisrkUMGmHN189IXZ0X8g&sds=2&rev=82250&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 02 Aug 2022 08:47:26 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CCD1 2 KB
1 KB 32ms
32ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Jul 2023 08:47:26 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CCD1 2 KB
1 KB 30ms
29ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Jul 2023 08:47:26 GMT

GET
H2 200 628399d4e4b017f83172d1fc
ng2.virgul.com/tck/imp/ 0
216 B 236ms
56ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/628399d4e4b017f83172d1fc?scm=https&g=1&t=dfpcode&sdr=240000&tp=&r=153975@site_geneli@testlericoz:site_geneli&l=&info=&os=&mt=1659430051096&userId=vnetf3bcbabd-cde8-4e8b-ab2a-a974d0da57e9
Requested by: Host: www.testlericoz.com
URL: https://www.testlericoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://www.testlericoz.com
date: Tue, 02 Aug 2022 08:47:26 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7300 36 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Aug 2023 08:38:21 GMT

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CA7 36 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Aug 2023 08:38:21 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E57C 0
26 B 89ms
53ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9V3Adn4StrDIJBsEPxGGvmbwxwoR3Uza32a6wZpQM7XUMzcu-kvNo9bIPW7H-REPiBUSQQgO4OWQ0PBT6S9nxLqhjvt9qX5x1aoJthIu-ogjAFOTMlsEOhYHjSHbwo2L3eitjXb7VvhmOzoEPxvNY5fXRJnxjWb6MafxlcDBqduhbBHCQVT1eBWbn4CHynpnaV_KiNRprxbWpiYbgTHD0xNhYtbpTCTuCrTipjzTGkpKIofIPWm0-Tuf8rwoMqDbm9xbWGuDLj0u69t0gKUI7qetgROeNayXMxvv5ZA9I-b02HLI9B2N16l-TrMHgHddUyaxzNCc4dlM4mV9yzi8HxT95a1D6y_caCGiu_kMW3CkgUuv7hQZ56TrXz6p2KVEsDJNTPFsFgDd0dTxfp6XNJ8uQweADwbf2uM-daFs1OjNj1jdlhn9U0gM0jJ5dQ4ZMOcfG2gNF1wlBqHJPb_ckTazXIZpSljt-wr8G9Vnm5AgMYO2qODSoLdfZiV8R1affn8U7LQjugdmGF331fyAVmYMnDKi2RwQSmuozJQGZotZja1HLTpZhwIvTIobxugVg9MaqoC1jiL8gHgm1-Z92YC_VJpDsVp7PqkTiKIH7vyNnER8__OIdEASMEc1V7DzoruBq9GjPdoeE-FHJGOAvwbvg9TpL2lF7Y8IwyIqufeIeb1owaHy7zg0Lb77888VZwVBvUza6jKOnToA5qXIRh9N2elVojhHzQVzRn-PmkZKR98sNSW2OP1e3t67cWQ6h9xYRIM-ys46qbH-bf-ddzO9LY9ztGq6uaa_taEwEuoMXg2Yf_bPdT1h6BS47181qplgKXIaWstFegw-RW7uQYj6xefCqbumvsF7HucQce8Fvy26MSNfJyLGCVRAFSqdwJ7foOkvXvjWf5Bws1E9ctDGIekBN4HR5RT4t68iMxO5zLSSbLnDZ8rHmQTWnoMoT9VYaT2d9FoIAi59xTDpQFROOaPBbXgAv-t5rzqK8x2TvF1-UNJwyR_p0mHPshi7Amuykd66w4D359SkTfoESergAzTCQ_cxcGu2o0ZoBR5rs8Hxdlx3vBLnMURtV8zq312c_cCmlwYd0VBqn4ki9x3FRDmR4VtlVhZf4IeF2z1QMsAs0ByRzlKukG5OnLUZwU5ZJn0u4q07SmXOjo5GpOTc7vKMhrBlU5KSK4yodY147wdguxHE8jG32lqfNQBbWQOIMSYtBUZLE-wRv3Sjf_7N1ZGv0QEuoyj1LtdVyJDECxWJC&sai=AMfl-YRvqOczwgHmCBn6xBRuT0LSoEykIuDBOXyKyJdlC-yrQsLSNKEN9vvBlbSPCo4Hzclu3XgSplQevOSTCWdq7E0KB-FcfBKLrt5P999LDu38NH9DlfoKUI_FKKDib85U3TZNJ5Wne7UlzzfYwuzfHYRTP_BzeFVFBxtTl5mLEnrL_tnhafcs4w7BDWdSGuHB7BoOgaeCE6yPQmo-_-z7o0PDtJ3MkVSVtg&sig=Cg0ArKJSzBdsueSn7FPLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=592&vt=11&dtpt=377&dett=3&cstd=211&cisv=r20220727.89344&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.testlericoz.com
URL: https://www.testlericoz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Aug 2022 08:47:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 61ms
29ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220727&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f19e5fe1d3875de1b08f26b01443627d3a27d9883f7ae73bda3550493fbd7cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Aug 2022 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10637
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CA7 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH4EdneToYrjQMqKL9u8PmqufiAUAAAAAOAHgBAI&bg=!U1ClUBTNAAacadVKvGk7ACkAdvg8WtL9gSqjjCw03cjBOPBLOo51bkbfZMYt8kEkZsISalS7oBQ50wIAAABiUgAAAAJoAQeZAupU_r7OLaEUzTSQUchXh8syQ_Ga3Qq8g9DRBN6BjaHOnGl8EiO9expfNHXyVJnCMDWmwrBI6pD_bz8D2WphJdmXEn1g0KdmEvPto1Yk7VtHXaoyIuBt_g8jLnnenx7KvKOpw85Ixxlw0Gs9Df_LONn-CfH6iuISzX6MlEGoX_mLDY4PsKiHKL5wHKJVTzvFHevqDVbNbeU3yg-5f3_yOkA1qqraRmNAoFRmS7aAZYLo2UHcG8NseCb0o7P42SJE95wtwG6docJcS2SYr3Pgr6M9IEWAimouLie-4b4QvpBS0Cxkw2d1W8rmd4Y7rxdZ0sNip5kO7wZEqZUGTONs1HC_-ykIAp0QK2Oi9W9BevFWwGCgSGevu4cbfcd1QNnyQnZxhL-xnIrojll39-gGZ6sM6TNaQiuZSNVR2Jv8bYCs9tpougd8K1u8LvlZGXARLYVvmQG009kwJN-vrgLnZL2JO7Xt1sbRspsLNBiT3V5nj9NVqZvKSgaVAt_892pz38U28papP-n8p4_jwATNjC8aerAxp3js_LtKlkkvquQOFRh3XBCMi-t8JC3-mgcoVe9JoSIsPz6_6TFQxxCQPdr39g_6ctIMO15cIm5XW8bDl-_UcMsEuYnJ5ktbV8aKnRDDf2hJ8MQUUC5fPJFm9DEN1Zr2i8azJWd_gxWGmqDlnvpJ9GbaZmK7pD-S7AWvUfchSCeipUoH5FVYiPY2Y27c8g-_zW5TZIIS02gHlCaAI9-goFlytXp9AkWi2XP3uiLSttoE8nPdiklGNJ3-0yCYwsDBPmiTgCRRIWMM3xXb0XTNKSXYXayA3z1yc8q7_hKWz8hmegQbOc9XEhxP-n9HLGsKrlrCbEk5L1xV_vWLn-kThcbYRlUp-XuVaF6gQ-f_pH8bwBR2mhZVsfYIZi5jJW_rtDoxWrMx2wS1wV1nhY4aiwe7BccNuvP3-NnPEiLRRHU0egD1oaLNwJIy2ZLNoPF3lsLkyErcCg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 Aug 2022 08:47:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B5EB 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.testlericoz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 07:58:16 GMT
expires: Wed, 02 Aug 2023 07:58:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DDAE 783 B
534 B 27ms
26ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

37382247de182b54cc3bc78de16b197b45bcded720b7e0322124a6d53f8b7938

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TuxkvXYcsLPZOyTbHPWxmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.testlericoz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-TuxkvXYcsLPZOyTbHPWxmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 08:47:26 GMT
expires: Tue, 02 Aug 2022 08:47:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame B5EB 36 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Aug 2023 08:38:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DDAE 0
0 51ms
51ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220727&jk=1698436462569302&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B5EB 0
9 B 15ms
15ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HfIKzg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
71 KB 396ms
119ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.testlericoz.com
URL: https://www.testlericoz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1b180241b262c5bd3dc07342b4bff2d11660801a558354699513cbc52cb79280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:27 GMT
content-encoding: br
last-modified: Fri, 29 Jul 2022 10:22:34 GMT
etag: "62e38aba-118ed"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71917
expires: Tue, 02 Aug 2022 09:47:27 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AEB8 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEPLgRPMTnRB15IP41r-mOyDMZrm7sj4t_XRBB7o46jjAqu5VEjBbvd8kdZYYN0zvTSFgIASdtICN2xSMdIh9E3Qk&sig=Cg0ArKJSzKTFxQ5OV6MWEAE&id=lidar2&mcvt=1001&p=0,0,280,357&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220801&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2402764973&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659430051187&rpt=851&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E57C 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZKPlFyQOnQJ7AEF3BpFLMVw-f3Rt4HwdjdPZjV7DekUqjo8lZoOXjEnWNMP5A62pnN225UPLN2xDRZJg2kE0vauRY35npq97HLkGj5jwUvAAtQiM8FQC9qRm-jDOOPJCPpCOWk6mu-yOnLA&sai=AMfl-YS1rV1cHKcfmXO-GvPY71e1ym-BKUx7u-9NhwPefk5cpt2M2TH2xj1Ybsfqs3SsIGDWMxAOwUM7L3Nd7cgTEoT1rhkoSk1EDIK0rRgUZBM5yTCKXYW5D42mDNOhQDx8&sig=Cg0ArKJSzEU3sHI9bZTzEAE&cid=CAASKORoycTUr3ILOClMv4SOuKkppSKSLxHVIDqM8RFCUdrhPlsu0mBYoVM&id=lidar2&mcvt=1000&p=1150,640,1200,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220801&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3611076925&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659430051708&rpt=359&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BC3D 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvqHEVlsShvkQGLobj89Xf58o1-KCb7hcyCsb183IWEu78ZR3b0v6kRzRZIQf5gmyncgVh8UWVB4ZnXXPalw9kLzGrn7T4G5W0iNxRGgwPpOjPRREVqswJyhOKAQ4b_EyOLEKWpE26FDbJ&sai=AMfl-YRtfW37Eg32excLN3EGJdI6cPAMCb00Pu4PTlnzT0eOe4HQ9CUl2daXa0FoN-VrD2iaTSkL21JgFEt8&sig=Cg0ArKJSzMjMxyzTTI-QEAE&id=lidar2&mcvt=1000&p=0,0,280,1090&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220801&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2287156735&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659430051179&rpt=1197&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CCD1 0
127 B 23ms
23ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 02 Aug 2022 08:47:26 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9718.7cVNCAIwkQpM89Fl1d3cj_rQM78V3EhKbyRNthooNXBua4xmAzRoBeozw4SuziPG.1X2YfBVm4b2HnOXRnattknSEVeE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9718.VqqZgJU1itVcD2AizKfCyqjcpC7s9Hx_XGt2ahzObIP7XVFt9SKEMW37zG-trFbzCkDZdWbsP4HhkPD8gIrsIw%2C%2C.E0p-4q8uwLPvm1jgpSOpajcoe2U%2C

75 B
75 B

63ms
63ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9718.VqqZgJU1itVcD2AizKfCyqjcpC7s9Hx_XGt2ahzObIP7XVFt9SKEMW37zG-trFbzCkDZdWbsP4HhkPD8gIrsIw%2C%2C.E0p-4q8uwLPvm1jgpSOpajcoe2U%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:27 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9718.VqqZgJU1itVcD2AizKfCyqjcpC7s9Hx_XGt2ahzObIP7XVFt9SKEMW37zG-trFbzCkDZdWbsP4HhkPD8gIrsIw%2C%2C.E0p-4q8uwLPvm1jgpSOpajcoe2U%2C
date: Tue, 02 Aug 2022 08:47:27 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 60ms
60ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:47:27 GMT
last-modified: Fri, 29 Jul 2022 10:22:34 GMT
etag: "62e38aba-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Aug 2022 09:47:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220727&jk=1698436462569302&bg=!FxSlFFDNAAacadVKvGk7ACkAdvg8WhZXLuMjUYX2LKmSjCB36X5AyfxnycKWCYHuKgejHiPIkjIleQIAAACLUgAAAANoAQcKAEehvgnSINX-gD_4dUmKOk8ovloOdPqE0d-xZIyr9ZIO6zk0rd_MDguRyQF_ezP2RkJdc78qAdssT7UMz1bUEnvHgVBGw7IcDpkCnLrgFZ7Jk3drY2EHYQ8S2bAQct2T4f31U2RZislYq9oO-jW2u9Eclq6DrWeE2paoJRvGSZtR6wS4aMRv_zSNkkXVeECJfC6CB7S9D2trgfR2TJ-ZCJd8dUAOgaghBNB5XYEd5Xe6PlWUfik7pBdXgH2BOMGu4JxdxicxHUa-8Z_1ku3RQxUoSMiI4yuHu6qxZXrLm-Vu1N086TR4PK4t-P453bi7xLgkyzuFEJAY1VDZtQoEPJpByHPSHHzOIKg8OHcIjFrNDMUJW8HminYZoXeLhp2ZblkILz-EGe5IhfcstRrJW7aygn5eBqrWLq6RmV6s3ualEsLgCjFYVtehLMqEWEQ6vGQkblYPlD4G1bltckiPh9A3_mOZR3YSUWfs5xcJjP1gKGsteZ5325F9PB9R5_y-ieYdVs4P9SW9ba1CKFXvFrQB5H8yDJKQTLBW_wTYS8sB5CveUvRWp6lF7Voosoqza5u52BAjGis7Jpyg4VdscNELMbFegnRYxCo1GJpkbEtvtR4sk4sNoaZcNIOvZP4SMVdPWlw80b4XBrIywptkqEf4TpgFWdZDvvd2_r8Yw9fJDV66bLoCp_94Ar8bGiBsYEQoiaF6S3Reu3mfi4e0tafX9J_fxDTtvbCi76HT7km4l4p6HYLn3ydXf6h6q1yZ9cWrF4XzlqNUAs1U2ulV5WMG0ITlX_GA_A5GkppmXQImgUDb_4oeucx0ATNj7uWDBpzZ9_QNFVg1OCkRyvRbe2cKLrrqlYJPV-cuBmeUm4Nnlqh8XalGGSmoJCylEXjvHKHs3wHz5a2fzhldt_eBdY_ociuONjMs9DThFPpzVWU4mN_JooCkJDfayjda4-AacIIN6G5OtizeEzfmQ301SCnl_gJf8q24
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2

200

1 Show response
mc.yandex.com/watch/21154147/
Redirect Chain

https://mc.yandex.com/watch/21154147?wmode=7&page-url=https%3A%2F%2Fwww.testlericoz.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A1026%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.com/watch/21154147/1?wmode=7&page-url=https%3A%2F%2Fwww.testlericoz.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A1026%3Afu%3A0%3Aen%3Au...

350 B
432 B

61ms
60ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/21154147/1?wmode=7&page-url=https%3A%2F%2Fwww.testlericoz.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A1509317137286%3Ahid%3A1072762770%3Az%3A0%3Ai%3A20220802084733%3Aet%3A1659430053%3Ac%3A1%3Arn%3A1623820%3Arqn%3A1%3Au%3A1659430053345449815%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659430049924%3Ads%3A307%2C265%2C62%2C2%2C245%2C0%2C%2C161%2C0%2C2675%2C2675%2C2%2C1045%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659430054%3At%3ATestleri%20%C3%87%C3%B6z%20-%20Yeni%20M%C3%BCfredat%20Testler&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4c82f28c81ce5217af9f9454a24b69aa00a0e9a994c8e05bbe5b65e64de53429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 02-Aug-2022 08:47:27 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.testlericoz.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Tue, 02-Aug-2022 08:47:27 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Aug 2022 08:47:27 GMT
last-modified: Tue, 02-Aug-2022 08:47:27 GMT
location: /watch/21154147/1?wmode=7&page-url=https%3A%2F%2Fwww.testlericoz.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A1509317137286%3Ahid%3A1072762770%3Az%3A0%3Ai%3A20220802084733%3Aet%3A1659430053%3Ac%3A1%3Arn%3A1623820%3Arqn%3A1%3Au%3A1659430053345449815%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659430049924%3Ads%3A307%2C265%2C62%2C2%2C245%2C0%2C%2C161%2C0%2C2675%2C2675%2C2%2C1045%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1659430054%3At%3ATestleri%20%C3%87%C3%B6z%20-%20Yeni%20M%C3%BCfredat%20Testler&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.testlericoz.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 02-Aug-2022 08:47:27 GMT

GET
H2 200 628399d4e4b017f83172d1fc
ng.virgul.com/tck/i_vb2/ 0
216 B 53ms
52ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/628399d4e4b017f83172d1fc?l=&r=153975@site_geneli@testlericoz:site_geneli&cs=1659430054360&userId=vnetf3bcbabd-cde8-4e8b-ab2a-a974d0da57e9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.testlericoz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://www.testlericoz.com
date: Tue, 02 Aug 2022 08:47:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

Verdicts & Comments Add Verdict or Comment

254 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.testlericoz.com/	1970-01-21 04:57:10	Name: pId Value: vnetf3bcbabd-cde8-4e8b-ab2a-a974d0da57e9
.testlericoz.com/	1970-01-20 14:18:46	Name: __gads Value: ID=cf7c5f6dd7dd3743-22feb531e1cd00f2:T=1659430045:S=ALNI_MaDmCQ70KMKglVkkm0IJW6LN4_UJg
.doubleclick.net/	1970-01-20 14:18:46	Name: IDE Value: AHWqTUnGVVWwfXgUWnQNyPgC1iTvSC5xJjw4F2gWKZQ9CUjQRatjWoVJ328PZclmVvw
.casalemedia.com/	1970-01-20 13:42:46	Name: CMID Value: YujknowJ5Ghz3XfYx79UWQAA
.casalemedia.com/	1970-01-20 07:06:46	Name: CMPS Value: 5180
.adnxs.com/	1970-01-20 07:06:46	Name: uuid2 Value: 5193636762001005846
.adnxs.com/	1970-01-20 07:06:46	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTyiidLF!]tbPl1M>e)ZlrFUfJ+tGXxo]SdOU#UEQ_!>ZP4gY9EFQNZjX@]5+F6Qq6rU3If)y3KL9D3I?*pdE.6t
.casalemedia.com/	1970-01-20 07:06:46	Name: CMPRO Value: 1142
.casalemedia.com/	1970-01-20 04:58:36	Name: CMST Value: YujknmLo5J4A
.casalemedia.com/	1970-01-20 13:42:46	Name: CMRUM3 Value: 2d62e8e49e2760CAESEJ8gS0z0OY0R-BGVdt7Ly5o
.doubleclick.net/	1970-01-20 04:57:13	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 07:06:46	Name: CMTS Value: 1126
.testlericoz.com/	1970-01-20 13:42:46	Name: _ym_uid Value: 1659430053345449815
.testlericoz.com/	1970-01-20 13:42:46	Name: _ym_d Value: 1659430053
.mc.yandex.com/	1970-01-20 04:57:10	Name: sync_cookie_csrf Value: 1921091832fake
.testlericoz.com/	1970-01-20 04:58:22	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 04:57:10	Name: sync_cookie_csrf Value: 3639306748fake
.yandex.com/	1970-01-20 13:42:46	Name: yandexuid Value: 7068797011659430047
.yandex.com/	1970-01-20 13:42:46	Name: yuidss Value: 7068797011659430047
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 896741521659430047
.yandex.com/	1970-01-23 20:33:10	Name: i Value: eIzcLDLtaDqF2/oenH5HOfPHv6LHPIcoxZrRmYcjEjiSQDWrdgk489fS3JFPTdOmjml49aQypmubuV11pp+EwQcLiGw=
.yandex.com/	1970-01-20 13:42:46	Name: ymex Value: 1690966047.yrts.1659430047#1690966047.yrtsi.1659430047

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0668122474763787&output=html&h=280&slotname=8213662947&adk=2402764973&adf=1820528888&pi=t.ma~as.8213662947&w=357&fwrn=4&fwrnh=100&lmt=1659430051&rafmt=1&psa=0&format=357x280&url=https%3A%2F%2Fwww.testlericoz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659430051026&bpp=1&bdt=213&idt=156&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=3530461826269&frm=20&pv=1&ga_vid=1565981917.1659430051&ga_sid=1659430051&ga_hid=1538111093&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=988&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31060047%2C42531608%2C31064019&oid=2&pvsid=1698436462569302&tmod=1227480786&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VnPyD7jDKi&p=https%3A//www.testlericoz.com&dtd=159 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9718.VqqZgJU1itVcD2AizKfCyqjcpC7s9Hx_XGt2ahzObIP7XVFt9SKEMW37zG-trFbzCkDZdWbsP4HhkPD8gIrsIw%2C%2C.E0p-4q8uwLPvm1jgpSOpajcoe2U%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
c.amazon-adsystem.com
cat.nl.eu.criteo.com
cm.g.doubleclick.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
fa1b31584acd58b26ea75f8b461be00c.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
mc.yandex.com
mc.yandex.ru
ng.virgul.com
ng2.virgul.com
pagead2.googlesyndication.com
pandg.tapad.com
partner.googleadservices.com
pghub.io
pix.eu.criteo.net
r.casalemedia.com
rtb.nl.eu.criteo.com
s0.2mdn.net
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
static.criteo.net
static.virgul.com
testlericoz.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.testlericoz.com
104.18.18.126
104.18.19.126
108.138.4.10
142.250.185.226
142.250.186.130
172.217.16.130
178.211.49.211
178.250.2.135
178.250.2.148
178.250.2.150
185.7.176.221
185.89.210.212
2600:9000:223c:e00:1e:a43d:b640:93a1
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:829::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:6b8::1:119
34.102.243.38
35.241.45.217
0028630c750569332720c337a232984b0cac2dead3c36bf279555c647be2412d
02951bc16d4bd5a9e8b8a1c50707ec032667abf76a9582f42bc5fb3fe4280dbf
02f20f509409a067c507538c68376a95f0fbdedd529b7f9828e1977db873aa4b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0760f405c9896004ad0f5b2505e379348d83a7d92e79c20b6b88801b55346428
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b13f84a6dde5e31b8a9e05852d609f5aa9d41b1b86c26d2d4f773b7dca0a675
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec89dc563257b6593488dce5c4f253cfce0665feeb04c95795816fb1803adef
1061e168975da6346fe1702ac963aa771e9c18286a81535172dc839f0f3388d6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b180241b262c5bd3dc07342b4bff2d11660801a558354699513cbc52cb79280
1ffeadd4a94927c6af1b28486e235e80cfcf604a241357161570c4e1270de6ed
23f66936773cf6edddcdc7b474a536146779ca32fca06d731861ff069544b93e
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a0534b45c4549e33018406cf9cd0c32a9b604807a0070756e49400be4c29c32
2b389424cd446960d3078464e4dffda112ffd553dd5e20e135e936aed5a4dd62
2c2f3a3fba087ddfd3de1035785a84396768d691d510f656641b31da902c4221
2f7df8d26a4f8224091392d041c9387ca2e375216dd07d51184f62962f9a75da
37382247de182b54cc3bc78de16b197b45bcded720b7e0322124a6d53f8b7938
37b8e87c76f63fdd30214c4f93350b387076cba53d0c5cd52fd2059ee645ba41
39753ba2450c6282487e78e0cddfba476231d490f9f82ae28dc7b4b703c9ca60
41e3fcf05cd7daaf59c71210e1e1adb7b83d12cafe2b0c7bf1b0bc19000e2960
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b65cdce85b852d6806a9fae043c7105cde5d7c73e20c6afa634ab036d493055
4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f
4c82f28c81ce5217af9f9454a24b69aa00a0e9a994c8e05bbe5b65e64de53429
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5420dad3e0819cfa0c41b7314c8d885fc69c6ed2241fa0bc981e6c5ba80fabde
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
677f81b84b0905cd558ddce3fd4b6bc7361a5ce7462af0ebb840e6967010ffc7
681d80c84cca1f6265b438cdd44c713af7173a7309d0780f551d0e1b3986d84e
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72fd1fa5c56689ff1fc4d3d60c6065f7f99fe6953a3c54ed3ad0c82aa9a34fa2
76b13672b24c38eeb174cb4eb38c1d10b6f4d08f282cb06674c50080143335a0
773475aca661d998e94a51108c220c017c65f254b5c014b9d55d94817eaf23c5
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
79d2d2c6b0b8a0a6755f4ca808bf89f9d7a94b0c6a06a9463bfb6516b3d7989c
79d8f763cbd0d01dfc7e5e00770811a54ab54a39cba31804154d5178a9d19710
7f132723904ab0ecbc23edcb8e63b26ab506c0fa2fe8403428e6e33b277cef20
81cc9998a2b921c0df75a0abdff187c7653c8ec08c6546bdeae267875ed078f3
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
882b4673693f2b07b3c904416d7919a9e32f4b6dc1d00b6161b421cbc5cc4863
8843613a4b957f7b9604069c40f858abe00b8d0fff3e7c91436aaeb8cc50f238
8a719dfbca2b4fc363e174b3f4e0f6ed16229e8bdcd22d6001d7d4411a8d86cd
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d1f2a9077d62394a7584b7749c0f0f4827733df915ea4a5a7df98117b63ae9d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715
9434bf20c9938b586dc3e9844b6c85251a2a0666c4e1925850abaed3ec0167ca
96d2f08963d4dc71e5210ee7fcd3a45a5562e55ebe413a363c5eaffefa8b966b
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0b1dfaf37caa3dbfe6468493a1f3d5210304fd1d5b4243966089ec2893a8ac2
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a44400fb88aaf018fb0e9aff450c4b708da545d38ab0317d6bc599f093e20030
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab070e344fbeffbde02740af8f2ddebcc2a27be10e41c78a776ab7976f75824f
acc59f9b5fce9cdc25d3dc8ca8011fe8bf3e07ca3d24440fa26b221c57ffd499
b037f9ea1529272c598e6d2b6787627be820def81fb8e0c751be6c6fd676e149
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
bd48cfc51f425d9fabba14bd5552f923a5e7f80ece114a845c53af97ac2fce94
bfe6cf8ec00d0ff9673fef483a2fab0f9aeea6ea078eb9e42b4fbfc96777d1d6
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
d01601dd06b9da219ee07b4f0884d68b50d138096724db7fb436386b026f3b17
d2552b5a5b1d8d9b480866377443816318a135709b83b2e4009219d6dd082fcb
d2eab6dfc74d8b8cdddf09a87f525cb19e1f09e954fcd1cdd6c058f20cf363e8
d8f169f581e9e8d07c8e5a0cec347ca2a1e05452725c9bbc3063808a0a720c55
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
ddfc706afb70d371749fe833ef9c9b33804ca4c4c19cee1e3289884a2d23ff8f
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de6136b62b0e9af54a0f3c0853c4ffa071cb1f0d8ede51cc9724f360517f4b3a
decd5fa918b316dce330166ed5bb259554286772de081a7be6775aef2b179450
e000b4ee7c3e0a7df2e7b1f888fddad72384bfc22e7c188fd88121c3716352f0
e1836e873feac1ac8ead91bd383300abea491e2538a43bf6b7ba4d69f3fa5646
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
e5de11498c78d14bc26154d9c041c62d7dd8891e144216e4308c6f0b3e71d370
e71bb1427b992069918dfb37acd5fd69b4a4c7d8d89e7a65cb4150c2757502a6
e86211fdbe0aafcd5afa764fb4f2dbc82b28e19e6c535ded21ec0faa881a185e
eab293839fb2aa5cfda5c6861bef235adf8127e9b7491caca48dc961a61d9b03
ebd959678a5caae9b9a3b84ae1dc1d9f53a725b6edb36a64f23ab0121dc70f9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00fa43829682abfb3b5148182816a7bc8fb6bf53dfacbb09ce6533b2d9ed501
f19e5fe1d3875de1b08f26b01443627d3a27d9883f7ae73bda3550493fbd7cc2
f366acbaef1519ddd73109b73dcb7752e7c7b1f96d9d33240e420a2ba0893f7d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f957fca8c1f0b47604870a9b38edc45f1638388f78c3dcf0c80d33d186e9e063
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
fbcba28ce1b2ea8d9830097a0731facbf3eea677ad8b157a770e2977c3ea16ec
fd82c1db077b6d43ab8f7d811fdc725313d03606c36f2d1b31ba412ebc75d7d4

www.testlericoz.com Open in urlscan Pro 178.211.49.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

158 Requests

83 %HTTPS

58 %IPv6

21 Domains

37 Subdomains

33 IPs

6 Countries

1779 kBTransfer

4616 kBSize

22 Cookies

1 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.testlericoz.com Open in urlscan Pro
178.211.49.211 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

83 %
HTTPS

58 %
IPv6

21
Domains

37
Subdomains

33
IPs

6
Countries

1779 kB
Transfer

4616 kB
Size

22
Cookies

158 HTTP transactions
3 data transactions