lyrics24h.com Open in urlscan Pro
1.52.187.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lyrics24h.com/
Submission Tags: phishingrod
Submission: On August 15 via api (August 15th 2023, 1:35:45 am UTC) from DE — Scanned from DE

Summary HTTP 81 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 21 domains to perform 81 HTTP transactions. The main IP is 1.52.187.138, located in Ho Chi Minh City, Viet Nam and belongs to FPT-AS-AP FPT Telecom Company, VN. The main domain is lyrics24h.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 18th 2023. Valid for: a year.

This is the only time lyrics24h.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	1.52.187.138 1.52.187.138	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:82e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
4	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
81	22

16 1.52.187.138 (Ho Chi Minh City, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

lyrics24h.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
admin.exhandle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:82e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151	362 KB
14	lyrics24h.com lyrics24h.com	429 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	291 KB
10	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	86 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216 www.googleadservices.com — Cisco Umbrella Rank: 150	601 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	4 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 604	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 841 s.tribalfusion.com — Cisco Umbrella Rank: 1914	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	1022 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	113 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	89 KB
2	exhandle.com admin.exhandle.com	273 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 818	714 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 777	543 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3044	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 857	463 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	61 KB
1	adskeeper.com jsc.adskeeper.com — Cisco Umbrella Rank: 34648	420 B
81	21

	Domain	Requested by
14	lyrics24h.com	lyrics24h.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	lyrics24h.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	fonts.gstatic.com	fonts.googleapis.com
6	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
4	cm.g.doubleclick.net	lyrics24h.com googleads.g.doubleclick.net
4	www.googleadservices.com	lyrics24h.com
3	fonts.googleapis.com	lyrics24h.com googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	lyrics24h.com connect.facebook.net
2	admin.exhandle.com	lyrics24h.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	lyrics24h.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.facebook.com	lyrics24h.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	lyrics24h.com
1	jsc.adskeeper.com	lyrics24h.com
81	26

This site contains no links.

Subject Issuer	Validity	Valid
lyrics24h.com ZeroSSL RSA Domain Secure Site CA	`2023-03-18` - `2024-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.exhandle.com ZeroSSL RSA Domain Secure Site CA	`2023-03-18` - `2024-03-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-26` - `2024-04-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://lyrics24h.com/
Frame ID: 1F6B5129A87FD002BEE0A268E95FE857
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html
Frame ID: D6D073B2F4CEFABE4CEB8653316E3281
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=2638742339&adk=3577780253&adf=2124344956&pi=t.ma~as.2638742339&w=1100&fwrn=4&fwrnh=100&lmt=1692056138&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692063338113&bpp=4&bdt=1096&idt=106&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=3621906891996&frm=20&pv=2&ga_vid=271615508.1692063338&ga_sid=1692063338&ga_hid=1021363753&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=4339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31076964%2C44799569&oid=2&pvsid=2435387331087474&tmod=944712747&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FwSIqpiPKC&p=https%3A//lyrics24h.com&dtd=118
Frame ID: 659671F6239397E6BC378EC72D7B0BC5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&adk=1812271804&adf=3025194257&lmt=1692056139&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Flyrics24h.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692063339185&bpp=2&bdt=2168&idt=2&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18b9ff8c026f898f-2271438c98e30084%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_Ma_Acu54ft76mebPcFGb2Z1i2Pq3w&gpic=UID%3D00000c608c9b710f%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_MbIC9et7_MIqOrRekupxj1Gfx2KEw&prev_fmts=1100x280&nras=1&correlator=3621906891996&frm=20&pv=1&ga_vid=271615508.1692063338&ga_sid=1692063338&ga_hid=1021363753&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31076964%2C44799569&oid=2&pvsid=2435387331087474&tmod=944712747&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=13
Frame ID: 9D4612FE220A9752CBB9286C6FC8500B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=5512140074&adk=3493941598&adf=1043275132&pi=t.ma~as.5512140074&w=1100&fwrn=4&fwrnh=100&lmt=1692056139&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692063338117&bpp=1&bdt=1100&idt=125&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18b9ff8c026f898f-2271438c98e30084%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_Ma_Acu54ft76mebPcFGb2Z1i2Pq3w&gpic=UID%3D00000c608c9b710f%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_MbIC9et7_MIqOrRekupxj1Gfx2KEw&prev_fmts=1100x280%2C0x0&nras=1&correlator=3621906891996&frm=20&pv=1&ga_vid=271615508.1692063338&ga_sid=1692063338&ga_hid=1021363753&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31076964%2C44799569&oid=2&pvsid=2435387331087474&tmod=944712747&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=PhRMnlENVz&p=https%3A//lyrics24h.com&dtd=1096
Frame ID: FA9F9070A5254D52B6B2FBD5A4826457
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 7657148C02226FE51AF673DB4E2DA08F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8CEC8831B36449EE09FF07119173A11
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 193ED4E06C65BAA328794A05593D224B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 62FDBA49285C5EFD5859D1A26E997FDB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D4AA455B803431C9B0DFF3152146DE8E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lời bài hát Việt Nam - Lyrics24h.com

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Page Statistics

81
Requests

93 %
HTTPS

71 %
IPv6

21
Domains

26
Subdomains

22
IPs

7
Countries

1733 kB
Transfer

3517 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://googleads.g.doubleclick.net/pagead/adview?ai=C4uJNatbaZK3ED-OSjuwPmJmA0A6jxtOKcs-h0trHEc-nyrHiNhABII_75E1glYKAgLAHoAH6vfzeKMgBCakCSoEp5l9csj6oAwHIA8sEqgTPAU_QrjUBfQcCZiGsA0FBx2fegGXimCF-cvg84dxH3VKYKTNhtUpuI8_LH5_hBsO59DlM8ORNOsr_M3K6jCYWRc7BZmP9R6qpy9yeBSpMMt5Si4DllH7Rg-hP_IVxupA_FT3HcDTijdCcmLSHazHR65yLqeWCa5MyhmTMGgyRLNSqPMp9NQ3X1iU4n6V93lO-R4Sjk3IgpN8G2K__gmLyDReGfQhFAhdL6dfvAUXxD5QO9pxxb_gv0N4lIDiXajjp1hxi7mzt4PuuspVUgys5KcAEsdTc1J4EkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_r1zL4DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ08oy0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJJmh0dHBzOi8vd3d3LmFtbWluaXN0cmF0b3JpZGlzaXN0ZW1hLml0gAoByAsBogwIKgYKBMOwsQLYEwzQFQGAFwGyFxwKGggAEhRwdWItMTc1NjU3NzI2NTg3MTc1NBgA&sigh=JBPFrWLsarM&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWKXDDmk4_wQbi1UcUNnlS9P8qlcAMzxgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223479851703677479067%22,%22debug_reporting%22:true,%22destination%22:%22https://amministratoridisistema.it%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210936590074%22],%224%22:[%2208-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229867001477459325729%22}&andc=true

Request Chain 67

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJHREhfeVgaLOo6CCLUdjmg&google_cver=1&google_push=AXcoOmSCKHGGFaj5nsEZ-Yj79o-y9OVlcZ0jImv0xzwshr5qmBzNSbdezMjHqebb_M-4YIxu0l896JUSZ8CHX9Ob42SdLw-73uC-7sM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSCKHGGFaj5nsEZ-Yj79o-y9OVlcZ0jImv0xzwshr5qmBzNSbdezMjHqebb_M-4YIxu0l896JUSZ8CHX9Ob42SdLw-73uC-7sM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJHREhfeVgaLOo6CCLUdjmg&google_cver=1&google_push=AXcoOmSCKHGGFaj5nsEZ-Yj79o-y9OVlcZ0jImv0xzwshr5qmBzNSbdezMjHqebb_M-4YIxu0l896JUSZ8CHX9Ob42SdLw-73uC-7sM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSCKHGGFaj5nsEZ-Yj79o-y9OVlcZ0jImv0xzwshr5qmBzNSbdezMjHqebb_M-4YIxu0l896JUSZ8CHX9Ob42SdLw-73uC-7sM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 68

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJDGdIgO8qWFbL_-uwezUw0&google_cver=1&google_push=AXcoOmSkZFnKC9W-pttOezfaUfB4OLh1fvPygs1R8LN2f5EAfV9e2ZO8r1aODTrl_74sOgwbM2uWZLZLbi824yhSRUvIQ1IQ17BCx64 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJDGdIgO8qWFbL_-uwezUw0&google_push=AXcoOmSkZFnKC9W-pttOezfaUfB4OLh1fvPygs1R8LN2f5EAfV9e2ZO8r1aODTrl_74sOgwbM2uWZLZLbi824yhSRUvIQ1IQ17BCx64

Request Chain 69

https://um.simpli.fi/gp_match?google_gid=CAESEEUBzxdBBbsJL36hbQfaOMs&google_cver=1&google_push=AXcoOmSVVCIjZTsLnCpqee6P6_XY221gvhbWq4uOhVP6T_wUVmukAjM4v68Lof2G_fluX5AuYni0XvZyV71b0W4zffq5WW4HMlecfQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A2A782E44BE54FEEA69C426203E8E752&google_push=AXcoOmSVVCIjZTsLnCpqee6P6_XY221gvhbWq4uOhVP6T_wUVmukAjM4v68Lof2G_fluX5AuYni0XvZyV71b0W4zffq5WW4HMlecfQ

Request Chain 71

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA4oSaZNamjdwCnjgCVOM0E&google_cver=1&google_push=AXcoOmT2i4PgdPSeXyJX1-L3PcTzK55HmIeq0P3UOUhcJekFxdA3nIaeUfcqsKkl4irvENPldqRCSh3fYLyEqVoMpOJfqvAWw11G9Tc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA4oSaZNamjdwCnjgCVOM0E&google_cver=1&google_push=AXcoOmT2i4PgdPSeXyJX1-L3PcTzK55HmIeq0P3UOUhcJekFxdA3nIaeUfcqsKkl4irvENPldqRCSh3fYLyEqVoMpOJfqvAWw11G9Tc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU4NjQ0MzQzNzUzMzMyMjE5MA&google_push=AXcoOmT2i4PgdPSeXyJX1-L3PcTzK55HmIeq0P3UOUhcJekFxdA3nIaeUfcqsKkl4irvENPldqRCSh3fYLyEqVoMpOJfqvAWw11G9Tc

Request Chain 74

https://googleads.g.doubleclick.net/pagead/adview?ai=C_EWGa9baZMbCH7WVjuwPnam2wA-5yPr8baydvLuOEOyZtOLMMxABII_75E1glYKAgLAHoAHX4PGWKMgBCakCSoEp5l9csj6oAwHIA8sEqgTJAU_QXyAqwvmOkgY-3aLVjOOKyv6MiLgAQbKLFPuHG7zDresI_bQjSPyyhR9vMB-3-pNBov7WYMRUkGyLBhPuYdw0-J0-6RBiIE9gB9oAqmL1zssY7jbGsDJ7Xl9qenrWCSC7I2fgJIewTTYWQKpNQ_W6v9zYUp_ZRuafYzR_9NaIRw0N1c9s9Z-8Jk2-mLg6hghEIZDGZ-EVFo-jglsgX0AP_Qn8hGwH4Pct2tztZPT9AGNxfkcrodrlFxJvuAsrTs_QmQihxxhaxcAEu83zlY4EkgUECAQYAZIFBAgFGASgBi6AB9eYwvYCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQie0f0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJJGh0dHBzOi8vaW5mby5tb2pvZXN0YXRlcy5jb20vbGxkaC1scIAKAcgLAaIMCCoGCgTDsLEC2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTE3NTY1NzcyNjU4NzE3NTQYAA&sigh=Rzew_v5zOVA&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWZc6iYVrj_PW750JkPr4BkmHsDIB6v1wQNPgYs-ViCBWBeQgKctG1AuxVVrMUin3LX3x2W2veGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229911189089814061218%22,%22debug_reporting%22:true,%22destination%22:%22https://mojoestates.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210785419351%22],%224%22:[%2208-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226361094163790836993%22}&andc=true

81 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lyrics24h.com/ 35 KB
8 KB 1026ms
419ms Document
text/html 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 44c63c9f205076b8654a989c95924d76e845d6fea627450b2e59e0dfd5880f0e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 8113
content-type: text/html; charset=utf-8
date: Tue, 15 Aug 2023 01:35:37 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 template-style.css
lyrics24h.com/Content/css/ 2 KB
841 B 604ms
603ms Stylesheet
text/css 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/css/template-style.css
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e2cc6ffd5cfafeb038b5142626e94a51dfe62456778e35181a1c9149a87814be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:37 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:40 GMT
server: Microsoft-IIS/10.0
etag: "ddccde391724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 783

GET
H2 200 template-responsive.css
lyrics24h.com/Content/css/ 234 KB
51 KB 606ms
605ms Stylesheet
text/css 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/css/template-responsive.css
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a80c47499d2ddbd1ff40fe9af7bee68858ee8d3ddb3f17964c8806094b4afa1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:37 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:40 GMT
server: Microsoft-IIS/10.0
etag: "eea1dc391724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 51978

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 81ms
32ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e9ca7be8b8e6a5f242215d8d9e28351061397607ec3d614f711e0cc70806bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 01:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 01:35:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 01:35:37 GMT

GET
H2 200 PagedList.css
lyrics24h.com/Content/css/ 3 KB
1 KB 301ms
300ms Stylesheet
text/css 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/css/PagedList.css
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f805b4510d9013b2b357ebdc6426de05f94e549c7f8102d32591d7ed33a01b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:37 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:40 GMT
server: Microsoft-IIS/10.0
etag: "ff63da391724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 964

GET
H2 200 minify.min.js Show response
lyrics24h.com/Content/js/ 125 KB
39 KB 308ms
308ms Script
application/javascript 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/js/minify.min.js
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0a8907e810d93eb5e7aa2f2911a70e73cee3e7e2acc43edafd4f1000044ffb2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:37 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "8030333a1724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 39624

GET
H2 200 logo.png
lyrics24h.com/Content/images/ 26 KB
26 KB 520ms
518ms Image
image/png 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lyrics24h.com/Content/images/logo.png
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3689acff8324f8b00d84ebb3c3aca7dc6f3d5dda2c272c7524fc3990abd40a5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "88f8c3a1724d71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 26691

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 86ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92d7fed265dcb3639da5138d171e69d0233ab1670d4f0355c9e6af7d1fd9873e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50769
x-xss-protection: 0
server: cafe
etag: 7858629727702586638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 01:35:38 GMT

GET
H2 200 post-1.jpg
lyrics24h.com/Content/images/ 61 KB
61 KB 805ms
804ms Image
image/jpeg 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lyrics24h.com/Content/images/post-1.jpg
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8c3e035df19aaef28777173ee36bf3c4815911ad82e2cf8bf7ea45c5f6bfffa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "46bc953a1724d71:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 62537

GET
H2 200 47386395_119609189060985_655478744571445248_o.jpg
admin.exhandle.com/DataFiles/Imported/Images/Lyrics24h/Articles/ 150 KB
150 KB 1225ms
607ms Image
image/jpeg 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admin.exhandle.com/DataFiles/Imported/Images/Lyrics24h/Articles/47386395_119609189060985_655478744571445248_o.jpg
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 120c2f79cd2a4ea2f49be66bdc8db175b26bd1c248aff3d2a8ea708255717614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
last-modified: Sun, 28 Mar 2021 20:56:02 GMT
server: Microsoft-IIS/10.0
etag: "1d72414c2fecba7"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 153255

GET
H2 200 tranthanh_mphs.jpg
admin.exhandle.com/DataFiles/Imported/Images/Lyrics24h/Articles/ 123 KB
123 KB 927ms
310ms Image
image/jpeg 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admin.exhandle.com/DataFiles/Imported/Images/Lyrics24h/Articles/tranthanh_mphs.jpg
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8ca15c889be2474ac169dbb7751fa4fa9c2e3b83b481f060560f99385b7e873c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
last-modified: Sun, 28 Mar 2021 20:56:02 GMT
server: Microsoft-IIS/10.0
etag: "1d72414c2fd7609"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 125705

GET
H2 200 lyrics24h.com.1120285.js Show response
jsc.adskeeper.com/l/y/ 3 B
420 B 272ms
224ms Script
text/javascript 2606:4700::6812:82e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/l/y/lyrics24h.com.1120285.js
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:82e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca452a778322112acf74d2542d39fd7e2d2c4687aedcf0fe895d60ca1fbb536b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
x-amz-version-id: aQ3QQdVfkOC5s3CCOvpf8VeuBS7BMiD8
cf-cache-status: MISS
x-amz-request-id: W7RXPFD0F1PXE0NR
alt-svc: h3=":443"; ma=86400
content-length: 3
x-amz-id-2: 0TSZKlu1GXNb2MsYNkPZ2m8e+W16j/7kitfOQRUOVpdHTSMxQz6GLngJByUEJ7/8AiYwxKwNdP8y3uvIvcApf0nzjBFgMx7W
last-modified: Wed, 15 Jun 2022 16:11:25 GMT
server: cloudflare
etag: "cf64b89236d83f0076d28cfa07bc8d51"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7f6db3b6a9cb5b74-FRA
expires: Tue, 15 Aug 2023 05:35:38 GMT

GET
H2 200 logo-footer.png
lyrics24h.com/Content/images/ 3 KB
3 KB 294ms
293ms Image
image/png 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lyrics24h.com/Content/images/logo-footer.png
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 95231cd5878cd87285518dbed3b6b626e5267e9944af7ca0e002c33d1e7b4d7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "bf838b3a1724d71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 2911

GET
H2 200 owl.carousel.min.js Show response
lyrics24h.com/Content/js/ 153 KB
40 KB 305ms
305ms Script
application/javascript 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/js/owl.carousel.min.js
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d00e35ee80b76ebd2dd9afe000e16025d2a461b994d41ca79b251bc5a348b6da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:37 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "8030333a1724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 41132

GET
H2 200 template-embed.min.js Show response
lyrics24h.com/Content/js/ 4 KB
2 KB 347ms
346ms Script
application/javascript 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/js/template-embed.min.js
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 35051bdb01c8d38f7f6afbe77a1fb6138ec9919fe8994e622fb013a37a6855c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:42 GMT
server: Microsoft-IIS/10.0
etag: "0c7cb3a1724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1543

GET
H2 200 modernizr-2.6.2-respond-1.1.0.min.js Show response
lyrics24h.com/Content/js/ 75 KB
21 KB 1173ms
1172ms Script
application/javascript 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/js/modernizr-2.6.2-respond-1.1.0.min.js
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 376851e6e11cd8c48f52a2f7714dcfb7da7ac247bc8f6b0416b3782ba7d2e688

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "8030333a1724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 21055

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 77ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132768667-1

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa59c7614f6c49fab52d3dd3a8c7ff4eb588a2e123703d95efadcad453560e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61743
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Aug 2023 01:35:38 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 61ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61880628bb739dc4a7b5cad6f7b9baf006a93ad2a1e1ad09e2478f26fbb9efa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lyrics24h.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 01:35:38 GMT
content-md5: 1z8vR6H4+HKdrWCir4S7hw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-debug: qu5Xz5GMs/cRBWqQxul5jjIuRXV640+RlYnbTVrn3qxPfX3gLDbB0bQ6zeGNWu+bqScDpWrGfmhIT+oOq/XpRA==
x-fb-content-md5: 97da346927dad30a8feb882fb25be298
cross-origin-opener-policy: same-origin-allow-popups
etag: "fd897d68c9c441bf0887d5cae76aaf6b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 15 Aug 2023 01:40:07 GMT

GET
H2 200 homepage-min.jpg
lyrics24h.com/Content/images/ 89 KB
89 KB 1383ms
1383ms Image
image/jpeg 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lyrics24h.com/Content/images/homepage-min.jpg
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ec94e4a07bc5e5f7a8fbad8588afb8d7979ff71b2361329d9cfb7b40c865c739

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
last-modified: Sun, 28 Mar 2021 21:13:40 GMT
server: Microsoft-IIS/10.0
etag: "b2c1e7391724d71:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 90889

GET
H2 200 image-18-big-min-412x548.jpg
lyrics24h.com/Content/images/ 18 KB
18 KB 2249ms
2249ms Image
image/jpeg 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lyrics24h.com/Content/images/image-18-big-min-412x548.jpg
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 48d3a8d3b05b689b84bca36fdf63bcad9dfc29c576a3fc1b80c9a808ba3f0205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "a9d0433a1724d71:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 18257

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 94ms
49ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 08:10:00 GMT
x-content-type-options: nosniff
age: 494738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 08:10:00 GMT

GET
H2 200 fontawesome-webfont.woff
lyrics24h.com/Content/css/font-awesome/ 70 KB
70 KB 2256ms
2256ms Font
font/x-woff 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/css/font-awesome/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/Content/css/template-responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18

Request headers

Referer: https://lyrics24h.com/Content/css/template-responsive.css
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
last-modified: Sun, 28 Mar 2021 21:13:40 GMT
server: Microsoft-IIS/10.0
etag: "8b51ca391724d71:0"
x-powered-by: ASP.NET
content-type: font/x-woff
accept-ranges: bytes
content-length: 71508

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 118ms
73ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:23:23 GMT
x-content-type-options: nosniff
age: 306735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 12:23:23 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 82ms
37ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 21:15:20 GMT
x-content-type-options: nosniff
age: 361218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Aug 2024 21:15:20 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 29 KB
29 KB 109ms
69ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:33:15 GMT
x-content-type-options: nosniff
age: 244943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29232
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:33:15 GMT

GET
H2 200 TK3iWkUHHAIjg752Fz8Ghe4.woff2
fonts.gstatic.com/s/oswald/v49/ 20 KB
20 KB 104ms
64ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752Fz8Ghe4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c25293f4637ada03ea626b30464dbfdf00eb1aa827fbdc6e68f1025361e15358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 07:06:20 GMT
x-content-type-options: nosniff
age: 412158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20164
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:13:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Aug 2024 07:06:20 GMT

GET
H2 200 TK3iWkUHHAIjg752Fj8Ghe4.woff2
fonts.gstatic.com/s/oswald/v49/ 6 KB
6 KB 116ms
76ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752Fj8Ghe4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dbdefa69774e4bf6436b1ef2236a98350b3985576de66315179b3c7be98d56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 02:31:45 GMT
x-content-type-options: nosniff
age: 515033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6156
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:38:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 02:31:45 GMT

GET
H2 200 jizaRExUiTo99u79D0yExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 26 KB
26 KB 59ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0yExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 07:06:52 GMT
x-content-type-options: nosniff
age: 412126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26460
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Aug 2024 07:06:52 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 369 KB
125 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1756577265871754&plah=lyrics24h.com&bust=31076964

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

708e525516ccde32fe653d7404775be99d07cdd986cf52ce9e29693befef61fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128223
x-xss-protection: 0
server: cafe
etag: 16110066404678406576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 01:35:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/ Frame D6D0 10 KB
5 KB 67ms
19ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 23:04:16 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 23:04:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
601 B 76ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lyrics24h.com&callback=_gfp_s_&client=ca-pub-1756577265871754

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1756577265871754&plah=lyrics24h.com&bust=31076964

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12bab83b765cc4ef561154721c594799b2f2b991cc469c41905681da9f54348a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6596 115 KB
39 KB 780ms
780ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=2638742339&adk=3577780253&adf=2124344956&pi=t.ma~as.2638742339&w=1100&fwrn=4&fwrnh=100&lmt=1692056138&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692063338113&bpp=4&bdt=1096&idt=106&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=3621906891996&frm=20&pv=2&ga_vid=271615508.1692063338&ga_sid=1692063338&ga_hid=1021363753&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=4339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31076964%2C44799569&oid=2&pvsid=2435387331087474&tmod=944712747&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FwSIqpiPKC&p=https%3A//lyrics24h.com&dtd=118

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2314fca8e12efd95a05a746ff8f4c32a11c5a4c6820462fa319b68be29252b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39250
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 01:35:38 GMT
expires: Tue, 15 Aug 2023 01:35:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 307 KB
87 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=3a38c01507a48c76fd07bb7f2a269643

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

856a53bbabeca0f069db27008c099ad1cd0662b536d4eced3478f15d535fe06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lyrics24h.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 01:35:39 GMT
content-md5: wFeFgjlFhWevn6V6HTy8mw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88819
x-fb-debug: NXNQ5k8Gy/tMM5eMNnJJGTawljJ0CLXVR2+t2ryQra+RGRURENVoF1W1Vznih0UIYDzrNKaR7+vkMT+IxKe8ow==
x-fb-content-md5: 5048f2ac80aecbe8cd8aebb1d3078d5d
cross-origin-opener-policy: same-origin-allow-popups
etag: "9f83ba01d99568bd6a25ea0e9dc50242"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 14 Aug 2024 01:00:07 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D46 0
20 B 33ms
29ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&adk=1812271804&adf=3025194257&lmt=1692056139&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Flyrics24h.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692063339185&bpp=2&bdt=2168&idt=2&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18b9ff8c026f898f-2271438c98e30084%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_Ma_Acu54ft76mebPcFGb2Z1i2Pq3w&gpic=UID%3D00000c608c9b710f%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_MbIC9et7_MIqOrRekupxj1Gfx2KEw&prev_fmts=1100x280&nras=1&correlator=3621906891996&frm=20&pv=1&ga_vid=271615508.1692063338&ga_sid=1692063338&ga_hid=1021363753&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31076964%2C44799569&oid=2&pvsid=2435387331087474&tmod=944712747&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 01:35:39 GMT
expires: Tue, 15 Aug 2023 01:35:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 311ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132768667-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 23:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6676
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 15 Aug 2023 01:44:23 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA9F 122 KB
41 KB 866ms
863ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=5512140074&adk=3493941598&adf=1043275132&pi=t.ma~as.5512140074&w=1100&fwrn=4&fwrnh=100&lmt=1692056139&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692063338117&bpp=1&bdt=1100&idt=125&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18b9ff8c026f898f-2271438c98e30084%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_Ma_Acu54ft76mebPcFGb2Z1i2Pq3w&gpic=UID%3D00000c608c9b710f%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_MbIC9et7_MIqOrRekupxj1Gfx2KEw&prev_fmts=1100x280%2C0x0&nras=1&correlator=3621906891996&frm=20&pv=1&ga_vid=271615508.1692063338&ga_sid=1692063338&ga_hid=1021363753&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31076964%2C44799569&oid=2&pvsid=2435387331087474&tmod=944712747&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=PhRMnlENVz&p=https%3A//lyrics24h.com&dtd=1096

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92938a3531ae980b8b046be776f1f54f1d1ada4da2ea01d61bcb259a5885d887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42267
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 01:35:40 GMT
expires: Tue, 15 Aug 2023 01:35:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 6596 14 KB
1 KB 32ms
30ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=2638742339&adk=3577780253&adf=2124344956&pi=t.ma~as.2638742339&w=1100&fwrn=4&fwrnh=100&lmt=1692056138&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692063338113&bpp=4&bdt=1096&idt=106&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=3621906891996&frm=20&pv=2&ga_vid=271615508.1692063338&ga_sid=1692063338&ga_hid=1021363753&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=4339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31076964%2C44799569&oid=2&pvsid=2435387331087474&tmod=944712747&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FwSIqpiPKC&p=https%3A//lyrics24h.com&dtd=118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 01:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 01:13:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 01:35:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 6596 2 KB
973 B 71ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:40:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 6596 23 KB
9 KB 63ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:31:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 6596 3 KB
1 KB 66ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:55:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:55:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 6596 20 KB
8 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:34:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6596 180 KB
57 KB 79ms
33ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 01:35:39 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 6596 33 KB
14 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H2 200 13004946848601697361
tpc.googlesyndication.com/simgad/ Frame 6596 32 KB
32 KB 75ms
37ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13004946848601697361?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3afe7e19dd21a3a16117de917d0669c909cf40de6930e1705c7765803a81faa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:56:31 GMT
x-content-type-options: nosniff
age: 545948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32287
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 12:59:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 17:56:31 GMT

GET
DATA 200
OK truncated
/ Frame 6596 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6596 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 66ms
25ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298358031054495&ev=fb_page_view&dl=https%3A%2F%2Flyrics24h.com%2F&rl=&if=false&ts=1692063339531&sw=1600&sh=1200&at=

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 15 Aug 2023 01:35:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 27ms
26ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1021363753&t=pageview&_s=1&dl=https%3A%2F%2Flyrics24h.com%2F&ul=en-us&de=UTF-8&dt=L%E1%BB%9Di%20b%C3%A0i%20h%C3%A1t%20Vi%E1%BB%87t%20Nam%20-%20Lyrics24h.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1472448261&gjid=273614427&cid=271615508.1692063338&tid=UA-132768667-1&_gid=1693149291.1692063340&_r=1&gtm=457e3890&jsscut=1&z=569257448

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lyrics24h.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 01:35:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lyrics24h.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6596 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f70124ba997379ae78127179f8c956b64d4587d87e6dfd2fc5c40769773e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6596 33 KB
33 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 246698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6596
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4uJNatbaZK3ED-OSjuwPmJmA0A6jxtOKcs-h0trHEc-nyrHiNhABII_75E1glYKAgLAHoAH6vfzeKMgBCakCSoEp5l9csj6oAwHIA8sEqgTPAU_QrjUBfQcCZiGsA0FBx2fegGXimCF-cvg...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223479851703677479067%22,%22debug_reporting%22:true,%22destination%22:%22https://amministratoridisistema.it%22,%22event_repo...

0
0

96ms
54ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223479851703677479067%22,%22debug_reporting%22:true,%22destination%22:%22https://amministratoridisistema.it%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210936590074%22],%224%22:[%2208-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229867001477459325729%22}&andc=true

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:39 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3479851703677479067","debug_reporting":true,"destination":"https://amministratoridisistema.it","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10936590074"],"4":["08-15"],"6":["true"]},"priority":"500","source_event_id":"9867001477459325729"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 01:35:39 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 15 Aug 2023 01:35:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3479851703677479067","debug_reporting":true,"destination":"https://amministratoridisistema.it","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10936590074"],"4":["08-15"],"6":["true"]},"priority":"500","source_event_id":"9867001477459325729"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7657 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 119ms
54ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 15 Aug 2023 01:35:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame FA9F 14 KB
1 KB 28ms
28ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=5512140074&adk=3493941598&adf=1043275132&pi=t.ma~as.5512140074&w=1100&fwrn=4&fwrnh=100&lmt=1692056139&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692063338117&bpp=1&bdt=1100&idt=125&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18b9ff8c026f898f-2271438c98e30084%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_Ma_Acu54ft76mebPcFGb2Z1i2Pq3w&gpic=UID%3D00000c608c9b710f%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_MbIC9et7_MIqOrRekupxj1Gfx2KEw&prev_fmts=1100x280%2C0x0&nras=1&correlator=3621906891996&frm=20&pv=1&ga_vid=271615508.1692063338&ga_sid=1692063338&ga_hid=1021363753&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31076964%2C44799569&oid=2&pvsid=2435387331087474&tmod=944712747&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=PhRMnlENVz&p=https%3A//lyrics24h.com&dtd=1096

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 01:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 01:05:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 01:35:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame FA9F 2 KB
931 B 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:40:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame FA9F 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:31:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame FA9F 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:55:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:55:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B8CE 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame FA9F 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:34:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FA9F 0
0 76ms
28ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWsMu5rUmURNZPQG4kevAsFDb04oqImOZrVJwf5cSdl3ZpK0XycBYvYSZN-Uj5_nyTd3ANTMxqUeHF8LGYkQhirIr3Gw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=5512140074&adk=3493941598&adf=1043275132&pi=t.ma~as.5512140074&w=1100&fwrn=4&fwrnh=100&lmt=1692056139&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692063338117&bpp=1&bdt=1100&idt=125&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18b9ff8c026f898f-2271438c98e30084%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_Ma_Acu54ft76mebPcFGb2Z1i2Pq3w&gpic=UID%3D00000c608c9b710f%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_MbIC9et7_MIqOrRekupxj1Gfx2KEw&prev_fmts=1100x280%2C0x0&nras=1&correlator=3621906891996&frm=20&pv=1&ga_vid=271615508.1692063338&ga_sid=1692063338&ga_hid=1021363753&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31076964%2C44799569&oid=2&pvsid=2435387331087474&tmod=944712747&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=PhRMnlENVz&p=https%3A//lyrics24h.com&dtd=1096
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA9F 180 KB
56 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 01:35:40 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame FA9F 33 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11040690312256902774/ Frame FA9F 49 KB
49 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11040690312256902774/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c0711023de3b1b0277dc238ce2ca08425009aacd66c793e93cf25a10efa9c4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 05:21:39 GMT
x-content-type-options: nosniff
age: 332041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50224
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 07:59:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 05:21:39 GMT

GET
DATA 200
OK truncated
/ Frame FA9F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FA9F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FA9F 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7884270c71e0f281a72bbec5716242f102097419b7803c1d0ec9e3ef53fb654

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame B8CE 35 B
463 B 67ms
20ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECIwzB1lFhYjgnfuKvxXOtQ&google_cver=1&google_push=AXcoOmSRlMa2kVKRtUpZRpjQTcX1BzBj-I76cNOCtFC1wiCEl7POyIbsbKan5aPqdavNRfzrx8lG9E7Y_QZk6IzSMrt62das87OHQUE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 01:35:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B8CE 0
104 B 189ms
68ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMobRU-aXNxlX6i0mOBrtTk&google_cver=1&google_push=AXcoOmRxsl8pZzwDwPTXXzidCyo1favP6zpCD5LUIrwXzJkOKJpyIpdjOlcc2Tmiv5vatypuO4br0J73Zo3L15_vUIMF0AehV4vvtSk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=5512140074&adk=3493941598&adf=1043275132&pi=t.ma~as.5512140074&w=1100&fwrn=4&fwrnh=100&lmt=1692056139&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692063338117&bpp=1&bdt=1100&idt=125&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18b9ff8c026f898f-2271438c98e30084%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_Ma_Acu54ft76mebPcFGb2Z1i2Pq3w&gpic=UID%3D00000c608c9b710f%3AT%3D1692063338%3ART%3D1692063338%3AS%3DALNI_MbIC9et7_MIqOrRekupxj1Gfx2KEw&prev_fmts=1100x280%2C0x0&nras=1&correlator=3621906891996&frm=20&pv=1&ga_vid=271615508.1692063338&ga_sid=1692063338&ga_hid=1021363753&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31076964%2C44799569&oid=2&pvsid=2435387331087474&tmod=944712747&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=PhRMnlENVz&p=https%3A//lyrics24h.com&dtd=1096
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 01:35:40 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B8CE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJHREhfeVgaLOo6CCLUdjmg&google_cver=1&google_push=AXcoOmSCKHGGFaj5nsEZ-Yj79o-y9OVlcZ0jImv0xzwshr5qmBzNSbdezMjHqebb_M-4YIxu0l896JUSZ8CHX9Ob42SdLw-73uC-7...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJHREhfeVgaLOo6CCLUdjmg&google_cver=1&google_push=AXcoOmSCKHGGFaj5nsEZ-Yj79o-y9OVlcZ0jImv0xzwshr5qmBzNSbdezMjHqebb_M-4YIxu0l896JUSZ8CHX9Ob42SdLw-73uC...

43 B
426 B

189ms
163ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJHREhfeVgaLOo6CCLUdjmg&google_cver=1&google_push=AXcoOmSCKHGGFaj5nsEZ-Yj79o-y9OVlcZ0jImv0xzwshr5qmBzNSbdezMjHqebb_M-4YIxu0l896JUSZ8CHX9Ob42SdLw-73uC-7sM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSCKHGGFaj5nsEZ-Yj79o-y9OVlcZ0jImv0xzwshr5qmBzNSbdezMjHqebb_M-4YIxu0l896JUSZ8CHX9Ob42SdLw-73uC-7sM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 01:35:40 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f6db3c7bf1a2c1c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 01:35:40 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 114
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJHREhfeVgaLOo6CCLUdjmg&google_cver=1&google_push=AXcoOmSCKHGGFaj5nsEZ-Yj79o-y9OVlcZ0jImv0xzwshr5qmBzNSbdezMjHqebb_M-4YIxu0l896JUSZ8CHX9Ob42SdLw-73uC-7sM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSCKHGGFaj5nsEZ-Yj79o-y9OVlcZ0jImv0xzwshr5qmBzNSbdezMjHqebb_M-4YIxu0l896JUSZ8CHX9Ob42SdLw-73uC-7sM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f6db3c64e602c1c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B8CE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJDGdIgO8qWFbL_-uwezUw0&google_push=AXcoOmSkZFnKC9W-pttOezfaUfB4OLh1fvPygs1R8LN2f5EAfV9e2ZO8r1...

170 B
232 B

27ms
27ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJDGdIgO8qWFbL_-uwezUw0&google_push=AXcoOmSkZFnKC9W-pttOezfaUfB4OLh1fvPygs1R8LN2f5EAfV9e2ZO8r1aODTrl_74sOgwbM2uWZLZLbi824yhSRUvIQ1IQ17BCx64

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 01:35:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220088-FRA
pragma: no-cache
date: Tue, 15 Aug 2023 01:35:40 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1692063341.523519,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJDGdIgO8qWFbL_-uwezUw0&google_push=AXcoOmSkZFnKC9W-pttOezfaUfB4OLh1fvPygs1R8LN2f5EAfV9e2ZO8r1aODTrl_74sOgwbM2uWZLZLbi824yhSRUvIQ1IQ17BCx64
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B8CE
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEUBzxdBBbsJL36hbQfaOMs&google_cver=1&google_push=AXcoOmSVVCIjZTsLnCpqee6P6_XY221gvhbWq4uOhVP6T_wUVmukAjM4v68Lof2G_fluX5AuYni0XvZyV71b0W4zffq5WW4HMlecfQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A2A782E44BE54FEEA69C426203E8E752&google_push=AXcoOmSVVCIjZTsLnCpqee6P6_XY221gvhbWq4uOhVP6T_wUVmukAjM4v68Lof2G_fluX5AuYni0XvZyV71b0W4...

170 B
329 B

29ms
28ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A2A782E44BE54FEEA69C426203E8E752&google_push=AXcoOmSVVCIjZTsLnCpqee6P6_XY221gvhbWq4uOhVP6T_wUVmukAjM4v68Lof2G_fluX5AuYni0XvZyV71b0W4zffq5WW4HMlecfQ

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 01:35:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 15 Aug 2023 01:35:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A2A782E44BE54FEEA69C426203E8E752&google_push=AXcoOmSVVCIjZTsLnCpqee6P6_XY221gvhbWq4uOhVP6T_wUVmukAjM4v68Lof2G_fluX5AuYni0XvZyV71b0W4zffq5WW4HMlecfQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 14 Aug 2023 01:35:40 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B8CE 43 B
363 B 106ms
32ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRhHNHPF0iyatL0Z86JFWF3epe0XuGhdf85qUoN6GR0Zf8GMb8vOAcxssb-YsZWKTcAhzCPmzqeUYiR5Lht3oHpryUKJ1HarA&google_gid=CAESEByZCFtKsFY7deE6J7UQAfA&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 01:35:40 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 163898
expires: Tue, 15 Aug 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B8CE
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA4oSaZNamjdwCnjgCVOM0E&google_cver=1&google_push=AXcoOmT2i4PgdPSeXyJX1-L3PcTzK55HmIeq0P3UOUhcJekFxdA3nIaeUfcqsKkl4irvENPldqRCSh3f...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA4oSaZNamjdwCnjgCVOM0E&google_cver=1&google_push=AXcoOmT2i4PgdPSeXyJX1-L3PcTzK55HmIeq0P3UOUhcJekFxdA3nIaeUfcqsKkl4irvENPldqR...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU4NjQ0MzQzNzUzMzMyMjE5MA&google_push=AXcoOmT2i4PgdPSeXyJX1-L3PcTzK55HmIeq0P3UOUhcJekFxdA3nIaeUfcqsKkl4irvENPldqRCSh...

170 B
232 B

29ms
29ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU4NjQ0MzQzNzUzMzMyMjE5MA&google_push=AXcoOmT2i4PgdPSeXyJX1-L3PcTzK55HmIeq0P3UOUhcJekFxdA3nIaeUfcqsKkl4irvENPldqRCSh3fYLyEqVoMpOJfqvAWw11G9Tc

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 01:35:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 01:35:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU4NjQ0MzQzNzUzMzMyMjE5MA&google_push=AXcoOmT2i4PgdPSeXyJX1-L3PcTzK55HmIeq0P3UOUhcJekFxdA3nIaeUfcqsKkl4irvENPldqRCSh3fYLyEqVoMpOJfqvAWw11G9Tc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B8CE 0
139 B 85ms
26ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JyTkdB4tM5HHBy_AgyNA89TpzQwt1Y-D_ElF_kz63FCbZXxH3uX3B2oNfijJIBBkapwMKV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame FA9F 33 KB
33 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 246699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FA9F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C_EWGa9baZMbCH7WVjuwPnam2wA-5yPr8baydvLuOEOyZtOLMMxABII_75E1glYKAgLAHoAHX4PGWKMgBCakCSoEp5l9csj6oAwHIA8sEqgTJAU_QXyAqwvmOkgY-3aLVjOOKyv6MiLgAQbK...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229911189089814061218%22,%22debug_reporting%22:true,%22destination%22:%22https://mojoestates.com%22,%22event_report_window%2...

0
0

54ms
54ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229911189089814061218%22,%22debug_reporting%22:true,%22destination%22:%22https://mojoestates.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210785419351%22],%224%22:[%2208-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226361094163790836993%22}&andc=true

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9911189089814061218","debug_reporting":true,"destination":"https://mojoestates.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10785419351"],"4":["08-15"],"6":["true"]},"priority":"500","source_event_id":"6361094163790836993"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 01:35:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 15 Aug 2023 01:35:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9911189089814061218","debug_reporting":true,"destination":"https://mojoestates.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10785419351"],"4":["08-15"],"6":["true"]},"priority":"500","source_event_id":"6361094163790836993"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 193E 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
53ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 15 Aug 2023 01:35:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6596 42 B
64 B 95ms
56ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBM2CCUESl5v_sbcgLNzZnBxsZpHmC9ycNyaslIgOiQIXKWASfunIfTsZzumToaQNobEcFR3odYOeqOdHKUisQSCjA2YY_W0IuAqaRSjPGiSIm-xxNd7JURoecZklO3FqF9QE4rHoOVya2&sai=AMfl-YR95tVSg248NHydAfBT7DtHf-3_TDin0U7tXFpyqYOqAlMaVIvSbcSgzTU-5QlCgmhOG2y_dnl1IdOM&sig=Cg0ArKJSzLNkjPPc7xdBEAE&cid=CAQSGwBpAlJWKXDDmk4_wQbi1UcUNnlS9P8qlcAMzxgB&id=lidar2&mcvt=1000&p=0,0,280,1100&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=0.68&if=1&vu=1&app=0&itpl=22&adk=3577780253&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692063338233&rpt=1422&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 01:35:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 232ms
231ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc0259f1a0f3ab5c59a6a0728a8d3a8cd2c08f5405d1f8ff676dd644d102d954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11946
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 01:35:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 62FD 13 KB
5 KB 20ms
18ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:46:20 GMT
expires: Wed, 14 Aug 2024 00:46:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D4AA 831 B
1022 B 68ms
68ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0670cc53830eea139503a2df6c93d9d7da0b0d4000b77b267707142a4a189bd1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IZMXkQYux3z8A9oroKlNUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 534
content-security-policy: script-src 'report-sample' 'nonce-IZMXkQYux3z8A9oroKlNUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 01:35:41 GMT
expires: Tue, 15 Aug 2023 01:35:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 62FD 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D4AA 0
0 53ms
53ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=2435387331087474&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 62FD 0
10 B 18ms
17ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tpSQWA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 01:35:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=2435387331087474&bg=!UlGlUQXNAAaiGN5Pghg7ADkAdvg8Wm1f3XIyEb32BCQMoSPdhv9rS9Ec0koGrjN6NMzhZbzF26R25nGExAVAMG7rFLhovTneXvgCAAAAS1IAAAAJaAEHmQK9chiMRcXjXgNHYAF3zn-oPPjqw54iqALGV2kwiBiZ24ns4CWgTZTxUd6xdlnIh69EYJWO6uP6KBn25gIjKSuToKCziNtHc_hqFYEy2XsAg6VBp8svyix6HqLWje0N_MVdFGGiSvr8Th9pbEVzDgE-SZEDT6eEks8rNOQTV9nuS7c3oqwh1_tJ8OB1BnyA2rV0xEoSUtSAulIKIyMEUq_hsFbN3EdERzZwGOKnGAHmMcsyE_vjGpdZy7qt_Qtv2Vpzb5CjHef8If-xmEHWKPkx_e1YvTxlQNs9uDkru5cW7a8kpwvBp_ILJ4ePPNKJ8AZxMTtnShBt-DvPWqxAHEh2Nc3VczZ1f3dJs0Kg6Pdo0Z2P05MTqmOYHbnCb3OJ11rKYExes3UQGNF_JCVcYiK9Y2tl5kXglOTXRGhz3ZWvq0rwmdemJ-UUsWTemOYQzBSJWqtus-Ya7STsa7C08GDR1HFW4wY3IbTdhw2WNxUypt1MQfH_6nq8-IBl0sS6Ay5GyMVWBJUWCmrvs_gYqLUb9gnJOL-9Usm6LTsYTJzqMf73bOogzU-RzU-PM1zgt_C3mbYpzEbOSS82wgeH21hszjg5qKyoCgw3Azz1KXI9F19lfcV6XG9SuUniCOaSyt17e9wwUQ00wy-ASuZ9b1RF1uSAdtKCv2MaTI-l6UaNK7G5EfozRmB3JViogyWmReaOHy_4kM2ePSEabUH2rer1zLC4mWRUKiE_IvxSteq46Jp948NDR6F66NCHX5aM3IcuA6beMCfruylszX9k10Mwy25M37binX-25q2_NmTMIg9-CnG5fMNJzBgpe2auF5aXVRxxE5_aM_-WglE9_RJmaFvMftPUSPk82Xk4e0R3dZWDNuh9go5RDhcSjnQbHtJFgsxleSvZsumpE41J6OZrJDD0bSK7bGPmJcCOKb0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lyrics24h.com/	1970-01-20 23:22:39	Name: __gads Value: ID=18b9ff8c026f898f-2271438c98e30084:T=1692063338:RT=1692063338:S=ALNI_Ma_Acu54ft76mebPcFGb2Z1i2Pq3w
.lyrics24h.com/	1970-01-20 23:22:39	Name: __gpi Value: UID=00000c608c9b710f:T=1692063338:RT=1692063338:S=ALNI_MbIC9et7_MIqOrRekupxj1Gfx2KEw
.lyrics24h.com/	1970-01-20 23:37:03	Name: _ga Value: GA1.2.271615508.1692063338
.lyrics24h.com/	1970-01-20 14:02:29	Name: _gid Value: GA1.2.1693149291.1692063340
.lyrics24h.com/	1970-01-20 14:01:03	Name: _gat_gtag_UA_132768667_1 Value: 1
.googleadservices.com/	1970-01-20 16:10:39	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 23:22:39	Name: IDE Value: AHWqTUkQqA9z7KMhNYVpABe_CGRBiajzwPt-I1hzhlBAnvmL7FYwCxAGRdZsessMAqw
.quantserve.com/	1970-01-20 16:10:39	Name: d Value: EGoBCQHbKYEA
.quantserve.com/	1970-01-20 23:31:17	Name: mc Value: 64dad66c-7ee00-c25de-96af8
.simpli.fi/	1970-01-20 22:48:05	Name: suid Value: A2A782E44BE54FEEA69C426203E8E752
.adform.net/	1970-01-20 14:45:41	Name: C Value: 1
.everesttech.net/	1970-01-20 22:46:39	Name: everest_g_v2 Value: g_surferid~ZNrWbAAIoHtPQAA_
.adform.net/	1970-01-20 15:27:27	Name: uid Value: 4586443437533322190
.tribalfusion.com/	1970-01-20 16:10:39	Name: ANON_ID Value: aLntuJpkijcDifqAbPsoN5FCQODVuJcU4sg0CZa1TvnZcrYxQEgIurbWpbZbYZaEuPwqyZcr8LwJ4p6YG3D7qZaoevZd411

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
admin.exhandle.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jsc.adskeeper.com
lyrics24h.com
pagead2.googlesyndication.com
partner.googleadservices.com
s.tribalfusion.com
sync-tm.everesttech.net
tpc.googlesyndication.com
um.simpli.fi
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
1.52.187.138
151.101.2.49
172.217.18.2
178.250.7.11
216.58.206.34
2606:4700::6812:19ad
2606:4700::6812:82e
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a02:fa8:8806:20::2010
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.91.62.186
37.157.6.237
0670cc53830eea139503a2df6c93d9d7da0b0d4000b77b267707142a4a189bd1
0a8907e810d93eb5e7aa2f2911a70e73cee3e7e2acc43edafd4f1000044ffb2f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e9ca7be8b8e6a5f242215d8d9e28351061397607ec3d614f711e0cc70806bca
120c2f79cd2a4ea2f49be66bdc8db175b26bd1c248aff3d2a8ea708255717614
12bab83b765cc4ef561154721c594799b2f2b991cc469c41905681da9f54348a
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15
20f70124ba997379ae78127179f8c956b64d4587d87e6dfd2fc5c40769773e0f
2314fca8e12efd95a05a746ff8f4c32a11c5a4c6820462fa319b68be29252b69
2dbdefa69774e4bf6436b1ef2236a98350b3985576de66315179b3c7be98d56c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
35051bdb01c8d38f7f6afbe77a1fb6138ec9919fe8994e622fb013a37a6855c7
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3689acff8324f8b00d84ebb3c3aca7dc6f3d5dda2c272c7524fc3990abd40a5a
376851e6e11cd8c48f52a2f7714dcfb7da7ac247bc8f6b0416b3782ba7d2e688
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3afe7e19dd21a3a16117de917d0669c909cf40de6930e1705c7765803a81faa6
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
44c63c9f205076b8654a989c95924d76e845d6fea627450b2e59e0dfd5880f0e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48d3a8d3b05b689b84bca36fdf63bcad9dfc29c576a3fc1b80c9a808ba3f0205
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61880628bb739dc4a7b5cad6f7b9baf006a93ad2a1e1ad09e2478f26fbb9efa6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
708e525516ccde32fe653d7404775be99d07cdd986cf52ce9e29693befef61fc
856a53bbabeca0f069db27008c099ad1cd0662b536d4eced3478f15d535fe06c
8c3e035df19aaef28777173ee36bf3c4815911ad82e2cf8bf7ea45c5f6bfffa8
8ca15c889be2474ac169dbb7751fa4fa9c2e3b83b481f060560f99385b7e873c
92938a3531ae980b8b046be776f1f54f1d1ada4da2ea01d61bcb259a5885d887
92d7fed265dcb3639da5138d171e69d0233ab1670d4f0355c9e6af7d1fd9873e
95231cd5878cd87285518dbed3b6b626e5267e9944af7ca0e002c33d1e7b4d7f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c0711023de3b1b0277dc238ce2ca08425009aacd66c793e93cf25a10efa9c4e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a80c47499d2ddbd1ff40fe9af7bee68858ee8d3ddb3f17964c8806094b4afa1d
aa59c7614f6c49fab52d3dd3a8c7ff4eb588a2e123703d95efadcad453560e41
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
bc0259f1a0f3ab5c59a6a0728a8d3a8cd2c08f5405d1f8ff676dd644d102d954
c25293f4637ada03ea626b30464dbfdf00eb1aa827fbdc6e68f1025361e15358
ca452a778322112acf74d2542d39fd7e2d2c4687aedcf0fe895d60ca1fbb536b
d00e35ee80b76ebd2dd9afe000e16025d2a461b994d41ca79b251bc5a348b6da
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e2cc6ffd5cfafeb038b5142626e94a51dfe62456778e35181a1c9149a87814be
e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec94e4a07bc5e5f7a8fbad8588afb8d7979ff71b2361329d9cfb7b40c865c739
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7884270c71e0f281a72bbec5716242f102097419b7803c1d0ec9e3ef53fb654
f805b4510d9013b2b357ebdc6426de05f94e549c7f8102d32591d7ed33a01b96

lyrics24h.com Open in urlscan Pro 1.52.187.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

93 %HTTPS

71 %IPv6

21 Domains

26 Subdomains

22 IPs

7 Countries

1733 kBTransfer

3517 kBSize

14 Cookies

0 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lyrics24h.com Open in urlscan Pro
1.52.187.138 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

93 %
HTTPS

71 %
IPv6

21
Domains

26
Subdomains

22
IPs

7
Countries

1733 kB
Transfer

3517 kB
Size

14
Cookies

81 HTTP transactions
6 data transactions