lyrics24h.com Open in urlscan Pro
1.52.187.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lyrics24h.com/
Submission Tags: phishingrod
Submission: On August 14 via api (August 14th 2023, 9:37:48 am UTC) from DE — Scanned from DE

Summary HTTP 81 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 21 domains to perform 81 HTTP transactions. The main IP is 1.52.187.138, located in Ho Chi Minh City, Viet Nam and belongs to FPT-AS-AP FPT Telecom Company, VN. The main domain is lyrics24h.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 18th 2023. Valid for: a year.

This is the only time lyrics24h.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	1.52.187.138 1.52.187.138	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:92e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
81	21

16 1.52.187.138 (Ho Chi Minh City, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

lyrics24h.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
admin.exhandle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:92e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (Grosse Pointe, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151	310 KB
14	lyrics24h.com lyrics24h.com	461 KB
12	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	90 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	291 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216 www.googleadservices.com — Cisco Umbrella Rank: 150	606 B
3	google.com mts0.google.com — Cisco Umbrella Rank: 4389 www.google.com — Cisco Umbrella Rank: 3	1023 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	4 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1405	451 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4741	653 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	113 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	88 KB
2	exhandle.com admin.exhandle.com	273 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1321	213 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8932	556 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 777	547 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1190	731 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3044	104 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	61 KB
1	adskeeper.com jsc.adskeeper.com — Cisco Umbrella Rank: 34648	401 B
81	21

	Domain	Requested by
14	lyrics24h.com	lyrics24h.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	lyrics24h.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	fonts.gstatic.com	fonts.googleapis.com
6	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
4	www.googleadservices.com	lyrics24h.com
3	fonts.googleapis.com	lyrics24h.com googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects
2	d5p.de17a.com	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	connect.facebook.net	lyrics24h.com connect.facebook.net
2	admin.exhandle.com	lyrics24h.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	www.facebook.com	lyrics24h.com
1	mts0.google.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	lyrics24h.com
1	jsc.adskeeper.com	lyrics24h.com
81	26

This site contains no links.

Subject Issuer	Validity	Valid
lyrics24h.com ZeroSSL RSA Domain Secure Site CA	`2023-03-18` - `2024-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.exhandle.com ZeroSSL RSA Domain Secure Site CA	`2023-03-18` - `2024-03-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-26` - `2024-04-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://lyrics24h.com/
Frame ID: DC0EFBD076A993834B35B5C52F1479C4
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: B0E255CE9CB4EF4D7EA15CDDEC1F9445
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=2638742339&adk=3577780253&adf=2124344956&pi=t.ma~as.2638742339&w=1100&fwrn=4&fwrnh=100&lmt=1691998656&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005855800&bpp=9&bdt=2212&idt=195&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&correlator=7189335390651&frm=20&pv=2&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=4339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Pv1vv8O2Pv&p=https%3A//lyrics24h.com&dtd=214
Frame ID: BF9049DED88E8DB53F37E26EF32184E1
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 7CCF3C581E91D25246D7AC793CD445BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&adk=1812271804&adf=3025194257&lmt=1691998662&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Flyrics24h.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005862465&bpp=1&bdt=8877&idt=1&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a7ea17f5b8081a2-227b0fbf50de0029%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaIN2twTlFEEW3MPIhkle4D6Glc_w&gpic=UID%3D00000c60668fb81c%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaEyFVQKvnfJh3JrnycPFChKtfAnQ&prev_fmts=1100x280&nras=1&correlator=7189335390651&frm=20&pv=1&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&psts=AOrYGsldAEM7eBhzgJBc1J6lzQWr3Y_88-T1TyADdd4UZ6FOhGjRN7cdnCq2VbI4_5XshYK5P8hu5GSdD0BV7hvYcJXzfA&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=13
Frame ID: B95B8AE0A01D2BBE845F0038E4E0EEEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=5512140074&adk=3493941598&adf=1043275132&pi=t.ma~as.5512140074&w=1100&fwrn=4&fwrnh=100&lmt=1691998662&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005855809&bpp=1&bdt=2222&idt=213&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a7ea17f5b8081a2-227b0fbf50de0029%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaIN2twTlFEEW3MPIhkle4D6Glc_w&gpic=UID%3D00000c60668fb81c%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaEyFVQKvnfJh3JrnycPFChKtfAnQ&prev_fmts=1100x280%2C0x0&nras=1&correlator=7189335390651&frm=20&pv=1&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&psts=AOrYGsldAEM7eBhzgJBc1J6lzQWr3Y_88-T1TyADdd4UZ6FOhGjRN7cdnCq2VbI4_5XshYK5P8hu5GSdD0BV7hvYcJXzfA&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=1kVN6x4whx&p=https%3A//lyrics24h.com&dtd=6683
Frame ID: 2FAD93F3B97BB2EF3662D612A77AAE07
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0EBEB361FD2EF4933D807C6F045B0605
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 0F176AD345CF6AD7929A7DB5CBAEE70B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 98B5F2B02356DF3BA57B3F7A7BA94068
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DDB259644EC931905252F51E5F4746C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lời bài hát Việt Nam - Lyrics24h.com

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Page Statistics

81
Requests

91 %
HTTPS

63 %
IPv6

21
Domains

26
Subdomains

21
IPs

7
Countries

1713 kB
Transfer

3485 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://googleads.g.doubleclick.net/pagead/adview?ai=CGFsQ4PXZZJrjAozu3gOlhLDwDP2R3sdin4epjMoQpOfy7ZUCEAEgj_vkTWCVoqSCsAegAea53JUDyAEJqQKoPV_hbl6yPqgDAcgDywSqBMgBT9CbR9JjedmgMdNgrLbGTeO33-roSZt21ZuCpBJV3REoW7ttz07arrsTTj7S4jtdT9X6HMgLE0YkaGKSOC4jBowjExpeoQugB3Jof7FGtyx-au5iMEmkGzRBMviV42-40zmTrsdAOFrIZ8Z2CcB5C2NTVPSVFcFXYH1VG-Xv1CBYuSyxNk7RQJxq7eX1wAzPQP0u5hfeI5TcgzLvPn5ac0s0-bXZeCXlNOUNWKusmM8UpeRRQeSkFneu9vlPUgja3PnLHvvm-3bABPH5je3BA5IFBAgEGAGSBQQIBRgEoAYugAeCxqNqqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvIYZ0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJHWh0dHBzOi8vbW9iaWxhYnNvbHV0aW9ucy5jb20vgAoByAsBogwQKg4KDMOwsQLktLEC7rWxArgTiATYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItMTc1NjU3NzI2NTg3MTc1NBgA&sigh=DhFjiS8AFEc&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWHFDqOi1QXh9Yne19rZHxpXhE_0wq4BgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212979217858223971232%22,%22debug_reporting%22:true,%22destination%22:%22https://mobilabsolutions.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22850861286%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229623163066200361857%22}&andc=true

Request Chain 67

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPXVe-9-oqXq_qbNsfFQzC0&google_cver=1&google_push=AXcoOmSq9zLGQ9iQmCJM4Wp--CL9g7iCnc7hAq9GuwMrw-7TlewnHI84Warhid61_setitFhB-F8Ydn2ZDp9ptuQliL9Vlw-dTUfUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSq9zLGQ9iQmCJM4Wp--CL9g7iCnc7hAq9GuwMrw-7TlewnHI84Warhid61_setitFhB-F8Ydn2ZDp9ptuQliL9Vlw-dTUfUw

Request Chain 68

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPfJHsHGQqjq9tTHFL8EHh4&google_cver=1&google_push=AXcoOmRuXQAvSkmOHvzECBjoXwCin4IEgOo5_WWkeb8vSQdZB2-Xqh7Z1Y8u7l1GLYgMTO_78ZWbWMrmKIuyJlxyz4mI9RgCeZg9B98 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPfJHsHGQqjq9tTHFL8EHh4&google_push=AXcoOmRuXQAvSkmOHvzECBjoXwCin4IEgOo5_WWkeb8vSQdZB2-Xqh7Z1Y8u7l1GLYgMTO_78ZWbWMrmKIuyJlxyz4mI9RgCeZg9B98

Request Chain 69

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB9mbgJ_TP9mIRp7WGY2-A8&google_cver=1&google_push=AXcoOmQvwXUaIqyS6WjRH5-jBuUxwwxjbSQWKJHu6w_z2ZttuGu2Ph58Kk12ctyOhEneDGDgTgiZjiGNX7b2gwczbP85IQMm0kff-g HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vWkJLpEATle0FqDu5KGhng2&google_push=AXcoOmQvwXUaIqyS6WjRH5-jBuUxwwxjbSQWKJHu6w_z2ZttuGu2Ph58Kk12ctyOhEneDGDgTgiZjiGNX7b2gwczbP85IQMm0kff-g

Request Chain 70

https://d5p.de17a.com/cookies/google?google_gid=CAESEDhvHGJ4vzbEW55gtOB8wVI&google_cver=1&google_push=AXcoOmS538i91vFc028AHosHaJYsF2nN1RJCONR2FEzgN0aRsbAHlqmfXhduVo4Fx3nu4oGZWeLwDRRcc-LT3u6-uFyx-lUyhw6EUEY HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDhvHGJ4vzbEW55gtOB8wVI&google_cver=1&google_push=AXcoOmS538i91vFc028AHosHaJYsF2nN1RJCONR2FEzgN0aRsbAHlqmfXhduVo4Fx3nu4oGZWeLwDRRcc-LT3u6-uFyx-lUyhw6EUEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS538i91vFc028AHosHaJYsF2nN1RJCONR2FEzgN0aRsbAHlqmfXhduVo4Fx3nu4oGZWeLwDRRcc-LT3u6-uFyx-lUyhw6EUEY

Request Chain 72

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHIgjJPnqQP4cgbyq1ZlfuQ&google_cver=1&google_push=AXcoOmQoDsFl6j1NkNLzW2vZTwtmpLKdiro_-Ncsre7atJwZh4Gu48EZwB0CIbLwi2eSB_2JUhtX8Hq4sMN_vmiYjpJwaCTdIEOfTkBE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQoDsFl6j1NkNLzW2vZTwtmpLKdiro_-Ncsre7atJwZh4Gu48EZwB0CIbLwi2eSB_2JUhtX8Hq4sMN_vmiYjpJwaCTdIEOfTkBE HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 76

https://googleads.g.doubleclick.net/pagead/adview?ai=CZUlF5vXZZM79H8iWjuwP1tmG4AXc7Y-ccsS9tb6MEvGWqbyMPxABII_75E1glaKkgrAHoAHp_fXPA8gBCagDAcgDywSqBMwBT9APuqfOh902FKKFs0qWesgweRZghs1BMAq3S9xI8fZ36rqnao0K0CZkSCNXV9R0ZS-nyOKdceSKmk8JCEp0IuD-hOkC6_AeiR-NOu7-qM91aYZKqcI3zeo-7kBwPbRecvr3DXH9Z3EfX7YigUYB0P1g5NtRUzguwVBrj64qJ_QFjgPgS92xF54vamtw9sASqhq0RprjPzBqg9IHJZ8rnMAi5zr51n8oNK_kA7ixqr1PnkTt52-IfiQL_ZHxI1jgNx3ip2o2RlR86756wASa7sG2vwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHiprEnAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCG-BbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgk7aHR0cHM6Ly9zZWFyY2hmYXZvcml0ZXMubmV0L2luZGV4LnBocD9yZ2lkPTY4MzUzMCZzdWI9Z2NsaWSACgHICwGiDAgqBgoEw7CxAtgTDNAVAYAXAbIXHAoaCAASFHB1Yi0xNzU2NTc3MjY1ODcxNzU0GAA&sigh=VY_5Vcw12Zc&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWhloXCiE4lfWtAOXEeq1soSJ50hi2tKhgkYj9oNPRyWWkdVVk4V68sMnnS0_oBlFjw-7JqxuAGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210910285569047207015%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226249541556751877249%22}&andc=true

81 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lyrics24h.com/ 35 KB
8 KB 1053ms
386ms Document
text/html 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 44c63c9f205076b8654a989c95924d76e845d6fea627450b2e59e0dfd5880f0e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 8113
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 09:37:33 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 template-style.css
lyrics24h.com/Content/css/ 2 KB
876 B 323ms
321ms Stylesheet
text/css 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/css/template-style.css
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e2cc6ffd5cfafeb038b5142626e94a51dfe62456778e35181a1c9149a87814be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:33 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:40 GMT
server: Microsoft-IIS/10.0
etag: "ddccde391724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 783

GET
H2 200 template-responsive.css
lyrics24h.com/Content/css/ 234 KB
51 KB 665ms
663ms Stylesheet
text/css 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/css/template-responsive.css
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a80c47499d2ddbd1ff40fe9af7bee68858ee8d3ddb3f17964c8806094b4afa1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:33 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:40 GMT
server: Microsoft-IIS/10.0
etag: "eea1dc391724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 51978

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 82ms
32ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e9ca7be8b8e6a5f242215d8d9e28351061397607ec3d614f711e0cc70806bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 09:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 09:30:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 09:37:33 GMT

GET
H2 200 PagedList.css
lyrics24h.com/Content/css/ 3 KB
1022 B 325ms
324ms Stylesheet
text/css 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/css/PagedList.css
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f805b4510d9013b2b357ebdc6426de05f94e549c7f8102d32591d7ed33a01b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:33 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:40 GMT
server: Microsoft-IIS/10.0
etag: "ff63da391724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 964

GET
H2 200 minify.min.js Show response
lyrics24h.com/Content/js/ 125 KB
51 KB 341ms
340ms Script
application/javascript 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/js/minify.min.js
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0a8907e810d93eb5e7aa2f2911a70e73cee3e7e2acc43edafd4f1000044ffb2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:33 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "bff7a03a1724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 52030

GET
H2 200 logo.png
lyrics24h.com/Content/images/ 26 KB
26 KB 1921ms
1919ms Image
image/png 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lyrics24h.com/Content/images/logo.png
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3689acff8324f8b00d84ebb3c3aca7dc6f3d5dda2c272c7524fc3990abd40a5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:36 GMT
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "88f8c3a1724d71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 26691

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 141ms
80ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

353663d41517215180ca1a4e2cb2138bf1fc5d2c9a0e1c38f737da0c6f1aafc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50823
x-xss-protection: 0
server: cafe
etag: 17320824396063718666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 09:37:35 GMT

GET
H2 200 post-1.jpg
lyrics24h.com/Content/images/ 61 KB
61 KB 3861ms
3860ms Image
image/jpeg 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lyrics24h.com/Content/images/post-1.jpg
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8c3e035df19aaef28777173ee36bf3c4815911ad82e2cf8bf7ea45c5f6bfffa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:36 GMT
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "46bc953a1724d71:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 62537

GET
H2 200 47386395_119609189060985_655478744571445248_o.jpg
admin.exhandle.com/DataFiles/Imported/Images/Lyrics24h/Articles/ 150 KB
150 KB 1002ms
333ms Image
image/jpeg 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admin.exhandle.com/DataFiles/Imported/Images/Lyrics24h/Articles/47386395_119609189060985_655478744571445248_o.jpg
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 120c2f79cd2a4ea2f49be66bdc8db175b26bd1c248aff3d2a8ea708255717614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:36 GMT
last-modified: Sun, 28 Mar 2021 20:56:02 GMT
server: Microsoft-IIS/10.0
etag: "1d72414c2fecba7"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 153255

GET
H2 200 tranthanh_mphs.jpg
admin.exhandle.com/DataFiles/Imported/Images/Lyrics24h/Articles/ 123 KB
123 KB 1320ms
651ms Image
image/jpeg 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admin.exhandle.com/DataFiles/Imported/Images/Lyrics24h/Articles/tranthanh_mphs.jpg
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8ca15c889be2474ac169dbb7751fa4fa9c2e3b83b481f060560f99385b7e873c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:36 GMT
last-modified: Sun, 28 Mar 2021 20:56:02 GMT
server: Microsoft-IIS/10.0
etag: "1d72414c2fd7609"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 125705

GET
H2 200 lyrics24h.com.1120285.js Show response
jsc.adskeeper.com/l/y/ 3 B
401 B 299ms
232ms Script
text/javascript 2606:4700::6812:92e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/l/y/lyrics24h.com.1120285.js
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:92e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca452a778322112acf74d2542d39fd7e2d2c4687aedcf0fe895d60ca1fbb536b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:35 GMT
x-amz-version-id: aQ3QQdVfkOC5s3CCOvpf8VeuBS7BMiD8
cf-cache-status: MISS
x-amz-request-id: NYR8REEPZGQEXB73
alt-svc: h3=":443"; ma=86400
content-length: 3
x-amz-id-2: YPlSHtHBAjiXNqV/V6vxnr4gNtLjcuZW0PnrhKur9sR4t0eAugXLkkdoS5Bevhmgsq/BsTxv1Og=
last-modified: Wed, 15 Jun 2022 16:11:25 GMT
server: cloudflare
etag: "cf64b89236d83f0076d28cfa07bc8d51"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7f6838560d0e35fc-FRA
expires: Mon, 14 Aug 2023 13:37:35 GMT

GET
H2 200 logo-footer.png
lyrics24h.com/Content/images/ 3 KB
3 KB 1920ms
1919ms Image
image/png 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lyrics24h.com/Content/images/logo-footer.png
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 95231cd5878cd87285518dbed3b6b626e5267e9944af7ca0e002c33d1e7b4d7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:36 GMT
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "bf838b3a1724d71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 2911

GET
H2 200 owl.carousel.min.js Show response
lyrics24h.com/Content/js/ 153 KB
54 KB 1313ms
1313ms Script
application/javascript 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/js/owl.carousel.min.js
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d00e35ee80b76ebd2dd9afe000e16025d2a461b994d41ca79b251bc5a348b6da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:34 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "5b4dc83a1724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 55244

GET
H2 200 template-embed.min.js Show response
lyrics24h.com/Content/js/ 4 KB
2 KB 1955ms
1955ms Script
application/javascript 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/js/template-embed.min.js
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 35051bdb01c8d38f7f6afbe77a1fb6138ec9919fe8994e622fb013a37a6855c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:36 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:42 GMT
server: Microsoft-IIS/10.0
etag: "5495d93a1724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1799

GET
H2 200 modernizr-2.6.2-respond-1.1.0.min.js Show response
lyrics24h.com/Content/js/ 75 KB
26 KB 6765ms
6763ms Script
application/javascript 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/js/modernizr-2.6.2-respond-1.1.0.min.js
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 376851e6e11cd8c48f52a2f7714dcfb7da7ac247bc8f6b0416b3782ba7d2e688

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:36 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "2f29b43a1724d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 27014

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 103ms
43ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132768667-1

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec8a57043d485abf55cc29e20bf5771465a25cd1a5f42812d8b662eace6404ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61680
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Aug 2023 09:37:35 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 101ms
32ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2e5f0dec4845b67ef9e1cb369b4aab63fb7c27de25b9cf50f17c3f702acf353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lyrics24h.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 09:37:35 GMT
content-md5: N7KtHz9gsncCixg27M1moA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: DD34y1+AfKNGXnhDrUNOo8TdW2KZbTnKnswwRqJLbkWEVjIvV8nUNFjRjTNLMs+HX9BuIbiJEbYb3lhCDh8uxw==
x-fb-content-md5: 80c6a852ce05b07c2a952335228f4db8
cross-origin-opener-policy: same-origin-allow-popups
etag: "6a58dd2c543fdb5dff07dc5f65ac3363"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 14 Aug 2023 09:52:29 GMT

GET
H2 200 homepage-min.jpg
lyrics24h.com/Content/images/ 89 KB
89 KB 5484ms
5484ms Image
image/jpeg 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lyrics24h.com/Content/images/homepage-min.jpg
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ec94e4a07bc5e5f7a8fbad8588afb8d7979ff71b2361329d9cfb7b40c865c739

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:36 GMT
last-modified: Sun, 28 Mar 2021 21:13:40 GMT
server: Microsoft-IIS/10.0
etag: "b2c1e7391724d71:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 90889

GET
H2 200 image-18-big-min-412x548.jpg
lyrics24h.com/Content/images/ 18 KB
18 KB 6448ms
6447ms Image
image/jpeg 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lyrics24h.com/Content/images/image-18-big-min-412x548.jpg
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 48d3a8d3b05b689b84bca36fdf63bcad9dfc29c576a3fc1b80c9a808ba3f0205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:36 GMT
last-modified: Sun, 28 Mar 2021 21:13:41 GMT
server: Microsoft-IIS/10.0
etag: "a9d0433a1724d71:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 18257

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 134ms
67ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 08:57:05 GMT
x-content-type-options: nosniff
age: 175230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 08:57:05 GMT

GET
H2 200 fontawesome-webfont.woff
lyrics24h.com/Content/css/font-awesome/ 70 KB
70 KB 6761ms
6760ms Font
font/x-woff 1.52.187.138
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL: https://lyrics24h.com/Content/css/font-awesome/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: lyrics24h.com
URL: https://lyrics24h.com/Content/css/template-responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.52.187.138 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18

Request headers

Referer: https://lyrics24h.com/Content/css/template-responsive.css
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:36 GMT
last-modified: Sun, 28 Mar 2021 21:13:40 GMT
server: Microsoft-IIS/10.0
etag: "8b51ca391724d71:0"
x-powered-by: ASP.NET
content-type: font/x-woff
accept-ranges: bytes
content-length: 71508

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 94ms
28ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 10:38:33 GMT
x-content-type-options: nosniff
age: 255542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 10:38:33 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 116ms
50ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:51:22 GMT
x-content-type-options: nosniff
age: 186373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:51:22 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 29 KB
29 KB 144ms
83ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:50:57 GMT
x-content-type-options: nosniff
age: 128798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29232
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 21:50:57 GMT

GET
H2 200 TK3iWkUHHAIjg752Fz8Ghe4.woff2
fonts.gstatic.com/s/oswald/v49/ 20 KB
20 KB 150ms
90ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752Fz8Ghe4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c25293f4637ada03ea626b30464dbfdf00eb1aa827fbdc6e68f1025361e15358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:32:50 GMT
x-content-type-options: nosniff
age: 219885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20164
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:13:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 20:32:50 GMT

GET
H2 200 TK3iWkUHHAIjg752Fj8Ghe4.woff2
fonts.gstatic.com/s/oswald/v49/ 6 KB
7 KB 84ms
25ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752Fj8Ghe4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dbdefa69774e4bf6436b1ef2236a98350b3985576de66315179b3c7be98d56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 14:18:51 GMT
x-content-type-options: nosniff
age: 155924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6156
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:38:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:18:51 GMT

GET
H2 200 jizaRExUiTo99u79D0yExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 26 KB
26 KB 153ms
94ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0yExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic|Oswald:300,400,700&ver=1528706284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:48:31 GMT
x-content-type-options: nosniff
age: 128944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26460
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 21:48:31 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/ 372 KB
126 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1756577265871754&plah=lyrics24h.com&bust=31076951

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

263c3f7702d40be71f522374cda84635f3ee02dbed8c2fe934957b261dace71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128447
x-xss-protection: 0
server: cafe
etag: 6739776680950414205
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 09:37:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame B0E2 10 KB
5 KB 78ms
23ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:28:54 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 09:28:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 104ms
47ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lyrics24h.com&callback=_gfp_s_&client=ca-pub-1756577265871754

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1756577265871754&plah=lyrics24h.com&bust=31076951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a609d7a8175c1ba9be501cb07acc551b866a524a4c7dce92a9ca4df5e9c2783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF90 141 KB
43 KB 1874ms
1873ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=2638742339&adk=3577780253&adf=2124344956&pi=t.ma~as.2638742339&w=1100&fwrn=4&fwrnh=100&lmt=1691998656&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005855800&bpp=9&bdt=2212&idt=195&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&correlator=7189335390651&frm=20&pv=2&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=4339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Pv1vv8O2Pv&p=https%3A//lyrics24h.com&dtd=214

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97aa92da01df2277e3634c49193e0cba71381c22486eb99980b5bf92c439e6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:37:37 GMT
expires: Mon, 14 Aug 2023 09:37:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame BF90 14 KB
1 KB 35ms
34ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=2638742339&adk=3577780253&adf=2124344956&pi=t.ma~as.2638742339&w=1100&fwrn=4&fwrnh=100&lmt=1691998656&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005855800&bpp=9&bdt=2212&idt=195&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&correlator=7189335390651&frm=20&pv=2&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=4339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Pv1vv8O2Pv&p=https%3A//lyrics24h.com&dtd=214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 09:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 07:39:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 09:37:37 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame BF90 2 KB
973 B 838ms
777ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame BF90 23 KB
9 KB 835ms
778ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame BF90 3 KB
1 KB 839ms
782ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 03:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 03:14:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame BF90 20 KB
8 KB 831ms
774ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 07:29:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF90 179 KB
57 KB 371ms
73ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 09:37:38 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame BF90 33 KB
14 KB 85ms
26ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H2 400 data=Jhg0aacYDygKyCvO3pbxgynWAlNIAPyvzcgek2F9IDzW27MYhh3BZZyTE1wMvU14avf0A2sKzncg2zogYhdldw
mts0.google.com/vt/ Frame BF90 0
0 166ms
60ms Image
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=Jhg0aacYDygKyCvO3pbxgynWAlNIAPyvzcgek2F9IDzW27MYhh3BZZyTE1wMvU14avf0A2sKzncg2zogYhdldw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=2638742339&adk=3577780253&adf=2124344956&pi=t.ma~as.2638742339&w=1100&fwrn=4&fwrnh=100&lmt=1691998656&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005855800&bpp=9&bdt=2212&idt=195&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&correlator=7189335390651&frm=20&pv=2&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=4339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=Pv1vv8O2Pv&p=https%3A//lyrics24h.com&dtd=214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame BF90 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF90 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF90 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF90 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF90 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e522c7dded564b04a6ddf50e17c572e13a1aa708a8cafc6db372965e809c6f6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BF90 33 KB
33 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:13:42 GMT
x-content-type-options: nosniff
age: 440636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:13:42 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BF90
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGFsQ4PXZZJrjAozu3gOlhLDwDP2R3sdin4epjMoQpOfy7ZUCEAEgj_vkTWCVoqSCsAegAea53JUDyAEJqQKoPV_hbl6yPqgDAcgDywSqBMgBT9CbR9JjedmgMdNgrLbGTeO33-roSZt21Zu...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212979217858223971232%22,%22debug_reporting%22:true,%22destination%22:%22https://mobilabsolutions.com%22,%22event_report_wi...

0
0

104ms
58ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212979217858223971232%22,%22debug_reporting%22:true,%22destination%22:%22https://mobilabsolutions.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22850861286%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229623163066200361857%22}&andc=true

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Server

142.250.186.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:39 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12979217858223971232","debug_reporting":true,"destination":"https://mobilabsolutions.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["850861286"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"9623163066200361857"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 09:37:39 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 09:37:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12979217858223971232","debug_reporting":true,"destination":"https://mobilabsolutions.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["850861286"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"9623163066200361857"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CCF 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 08:36:31 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 119ms
55ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 09:37:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 302 KB
86 KB 31ms
30ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=0d7a9372e49d539a2cecab7fc0eb5c81

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73c66b471b9610c77463a41ca3266dce2d3f25f6377bce6463aa87654bf7892d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lyrics24h.com/
Origin: https://lyrics24h.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 09:37:42 GMT
content-md5: eeQ7B9K1w7tu87dS10x/0A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87362
x-fb-debug: MMIIS3i/Ije8g6fb48jh0MjctxfhRP/qClUkecgGBDCK8LMZ3buhsDPUvHfYDqlqu/K1jHeiSZhKtHvLwx5rGg==
x-fb-content-md5: 453a4bc4d147e4c12c4c12f1c7e692e3
cross-origin-opener-policy: same-origin-allow-popups
etag: "9fc3be7ed0a5bb4bcb3c90586ad69315"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 13 Aug 2024 08:56:53 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B95B 0
16 B 34ms
33ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&adk=1812271804&adf=3025194257&lmt=1691998662&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Flyrics24h.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005862465&bpp=1&bdt=8877&idt=1&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a7ea17f5b8081a2-227b0fbf50de0029%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaIN2twTlFEEW3MPIhkle4D6Glc_w&gpic=UID%3D00000c60668fb81c%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaEyFVQKvnfJh3JrnycPFChKtfAnQ&prev_fmts=1100x280&nras=1&correlator=7189335390651&frm=20&pv=1&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&psts=AOrYGsldAEM7eBhzgJBc1J6lzQWr3Y_88-T1TyADdd4UZ6FOhGjRN7cdnCq2VbI4_5XshYK5P8hu5GSdD0BV7hvYcJXzfA&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:37:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132768667-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Aug 2023 07:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6799
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 14 Aug 2023 09:44:23 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2FAD 118 KB
40 KB 463ms
463ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=5512140074&adk=3493941598&adf=1043275132&pi=t.ma~as.5512140074&w=1100&fwrn=4&fwrnh=100&lmt=1691998662&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005855809&bpp=1&bdt=2222&idt=213&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a7ea17f5b8081a2-227b0fbf50de0029%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaIN2twTlFEEW3MPIhkle4D6Glc_w&gpic=UID%3D00000c60668fb81c%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaEyFVQKvnfJh3JrnycPFChKtfAnQ&prev_fmts=1100x280%2C0x0&nras=1&correlator=7189335390651&frm=20&pv=1&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&psts=AOrYGsldAEM7eBhzgJBc1J6lzQWr3Y_88-T1TyADdd4UZ6FOhGjRN7cdnCq2VbI4_5XshYK5P8hu5GSdD0BV7hvYcJXzfA&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=1kVN6x4whx&p=https%3A//lyrics24h.com&dtd=6683

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89e891598e985a8d5f31079a30d1068370caec56c96e7a7ffa9267dbb4cd1ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 41264
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:37:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 30ms
29ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=394265120&t=pageview&_s=1&dl=https%3A%2F%2Flyrics24h.com%2F&ul=en-us&de=UTF-8&dt=L%E1%BB%9Di%20b%C3%A0i%20h%C3%A1t%20Vi%E1%BB%87t%20Nam%20-%20Lyrics24h.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=123305499&gjid=361434735&cid=1676204663.1692005856&tid=UA-132768667-1&_gid=654762005.1692005863&_r=1&gtm=457e3890&jsscut=1&z=140548836

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lyrics24h.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 09:37:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lyrics24h.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 103ms
33ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298358031054495&ev=fb_page_view&dl=https%3A%2F%2Flyrics24h.com%2F&rl=&if=false&ts=1692005862551&sw=1600&sh=1200&at=

Requested by

Host: lyrics24h.com
URL: https://lyrics24h.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 14 Aug 2023 09:37:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 2FAD 14 KB
1 KB 32ms
31ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=5512140074&adk=3493941598&adf=1043275132&pi=t.ma~as.5512140074&w=1100&fwrn=4&fwrnh=100&lmt=1691998662&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005855809&bpp=1&bdt=2222&idt=213&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a7ea17f5b8081a2-227b0fbf50de0029%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaIN2twTlFEEW3MPIhkle4D6Glc_w&gpic=UID%3D00000c60668fb81c%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaEyFVQKvnfJh3JrnycPFChKtfAnQ&prev_fmts=1100x280%2C0x0&nras=1&correlator=7189335390651&frm=20&pv=1&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&psts=AOrYGsldAEM7eBhzgJBc1J6lzQWr3Y_88-T1TyADdd4UZ6FOhGjRN7cdnCq2VbI4_5XshYK5P8hu5GSdD0BV7hvYcJXzfA&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=1kVN6x4whx&p=https%3A//lyrics24h.com&dtd=6683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 09:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:44:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 09:37:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 2FAD 2 KB
931 B 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:37 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14841624141432236731/ Frame 2FAD 28 KB
29 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14841624141432236731/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c848a2d6431bd54a01c7cf2f75876b14f044fe189f0402d039266baff9ff4168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:04:30 GMT
x-content-type-options: nosniff
age: 181992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 02:43:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Aug 2024 07:04:30 GMT

GET
DATA 200
OK truncated
/ Frame 2FAD 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2FAD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 2FAD 23 KB
9 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 2FAD 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 03:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 03:14:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0EBE 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:29:07 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 09:29:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 2FAD 20 KB
8 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 07:29:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2FAD 0
0 81ms
31ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQabkOLIYCHFmOpKATSXFAA_A-iNXynFziG-qmk-hd_DgDwcB0YYrL50DYbugjuAMciMEf9hBWQ_fzB1whoe6Zp-ICZxg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=5512140074&adk=3493941598&adf=1043275132&pi=t.ma~as.5512140074&w=1100&fwrn=4&fwrnh=100&lmt=1691998662&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005855809&bpp=1&bdt=2222&idt=213&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a7ea17f5b8081a2-227b0fbf50de0029%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaIN2twTlFEEW3MPIhkle4D6Glc_w&gpic=UID%3D00000c60668fb81c%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaEyFVQKvnfJh3JrnycPFChKtfAnQ&prev_fmts=1100x280%2C0x0&nras=1&correlator=7189335390651&frm=20&pv=1&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&psts=AOrYGsldAEM7eBhzgJBc1J6lzQWr3Y_88-T1TyADdd4UZ6FOhGjRN7cdnCq2VbI4_5XshYK5P8hu5GSdD0BV7hvYcJXzfA&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=1kVN6x4whx&p=https%3A//lyrics24h.com&dtd=6683
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FAD 179 KB
56 KB 76ms
74ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 09:37:43 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 2FAD 33 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0EBE 0
104 B 199ms
73ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESED2YHOlNPX-p1YGUyhwvRmw&google_cver=1&google_push=AXcoOmQjiINmRTVMh8teueUhOhOYTQWpYPkbZ7P9DrLHgA4s_sDxwytp6FxTol6gRSyD869mz7sfQ7GFo2PaZWa-4aX3wHUuXRta3RU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=5512140074&adk=3493941598&adf=1043275132&pi=t.ma~as.5512140074&w=1100&fwrn=4&fwrnh=100&lmt=1691998662&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005855809&bpp=1&bdt=2222&idt=213&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a7ea17f5b8081a2-227b0fbf50de0029%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaIN2twTlFEEW3MPIhkle4D6Glc_w&gpic=UID%3D00000c60668fb81c%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaEyFVQKvnfJh3JrnycPFChKtfAnQ&prev_fmts=1100x280%2C0x0&nras=1&correlator=7189335390651&frm=20&pv=1&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&psts=AOrYGsldAEM7eBhzgJBc1J6lzQWr3Y_88-T1TyADdd4UZ6FOhGjRN7cdnCq2VbI4_5XshYK5P8hu5GSdD0BV7hvYcJXzfA&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=1kVN6x4whx&p=https%3A//lyrics24h.com&dtd=6683
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 09:37:43 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0EBE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPXVe-9-oqXq_qbNsfFQzC0&google_cver=1&google_push=AXcoOmSq9zLGQ9iQmCJM4Wp--CL9g7iCnc7hAq9GuwMrw-7TlewnHI84Warhid61_setitFhB-F8Ydn2ZDp9ptuQ...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSq9zLGQ9iQmCJM4Wp--CL9g7iCnc7hAq9GuwMrw-7TlewnHI84Warhid61_setitFhB-F8Ydn2ZDp9ptuQliL9Vlw-dTUfUw

170 B
329 B

35ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSq9zLGQ9iQmCJM4Wp--CL9g7iCnc7hAq9GuwMrw-7TlewnHI84Warhid61_setitFhB-F8Ydn2ZDp9ptuQliL9Vlw-dTUfUw

Requested by

Protocol

Server

142.250.185.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 14 Aug 2023 09:37:43 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSq9zLGQ9iQmCJM4Wp--CL9g7iCnc7hAq9GuwMrw-7TlewnHI84Warhid61_setitFhB-F8Ydn2ZDp9ptuQliL9Vlw-dTUfUw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 14 Aug 2023 09:37:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0EBE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPfJHsHGQqjq9tTHFL8EHh4&google_push=AXcoOmRuXQAvSkmOHvzECBjoXwCin4IEgOo5_WWkeb8vSQdZB2-Xqh7Z1Y...

170 B
188 B

39ms
39ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPfJHsHGQqjq9tTHFL8EHh4&google_push=AXcoOmRuXQAvSkmOHvzECBjoXwCin4IEgOo5_WWkeb8vSQdZB2-Xqh7Z1Y8u7l1GLYgMTO_78ZWbWMrmKIuyJlxyz4mI9RgCeZg9B98

Protocol

Server

142.250.185.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220094-FRA
pragma: no-cache
date: Mon, 14 Aug 2023 09:37:43 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1692005863.108809,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPfJHsHGQqjq9tTHFL8EHh4&google_push=AXcoOmRuXQAvSkmOHvzECBjoXwCin4IEgOo5_WWkeb8vSQdZB2-Xqh7Z1Y8u7l1GLYgMTO_78ZWbWMrmKIuyJlxyz4mI9RgCeZg9B98
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0EBE
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB9mbgJ_TP9mIRp7WGY2-A8&google_cver=1&google_push=AXcoOmQvwXUaIqyS6WjRH5-jBuUxwwxjbSQWKJHu6w_z2ZttuGu2Ph58Kk12ctyOhEneDGDgTgiZjiGNX7b2gwcz...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vWkJLpEATle0FqDu5KGhng2&google_push=AXcoOmQvwXUaIqyS6WjRH5-jBuUxwwxjbSQWKJHu6w_z2ZttuGu2Ph58Kk12ctyOhEneDGDgTgiZjiGNX7b2gwczbP85IQMm0kff-g

170 B
232 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vWkJLpEATle0FqDu5KGhng2&google_push=AXcoOmQvwXUaIqyS6WjRH5-jBuUxwwxjbSQWKJHu6w_z2ZttuGu2Ph58Kk12ctyOhEneDGDgTgiZjiGNX7b2gwczbP85IQMm0kff-g

Requested by

Protocol

Server

142.250.185.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 14 Aug 2023 09:37:43 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vWkJLpEATle0FqDu5KGhng2&google_push=AXcoOmQvwXUaIqyS6WjRH5-jBuUxwwxjbSQWKJHu6w_z2ZttuGu2Ph58Kk12ctyOhEneDGDgTgiZjiGNX7b2gwczbP85IQMm0kff-g
x-host: tde-deliveryengine-production-6ffbf575ff-42dnz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0EBE
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDhvHGJ4vzbEW55gtOB8wVI&google_cver=1&google_push=AXcoOmS538i91vFc028AHosHaJYsF2nN1RJCONR2FEzgN0aRsbAHlqmfXhduVo4Fx3nu4oGZWeLwDRRcc-LT3u6-uFyx-lU...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDhvHGJ4vzbEW55gtOB8wVI&google_cver=1&google_push=AXcoOmS538i91vFc028AHosHaJYsF2nN1RJCONR2FEzgN0aRsbAHlqmfXhduVo4Fx3nu4oGZWeLwDRRcc-LT3u6-uFyx-...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS538i91vFc028AHosHaJYsF2nN1RJCONR2FEzgN0aRsbAHlqmfXhduVo4Fx3nu4oGZWeLwDRRcc-LT3u6-uFyx-lUyhw6EUEY

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS538i91vFc028AHosHaJYsF2nN1RJCONR2FEzgN0aRsbAHlqmfXhduVo4Fx3nu4oGZWeLwDRRcc-LT3u6-uFyx-lUyhw6EUEY

Protocol

Server

142.250.185.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS538i91vFc028AHosHaJYsF2nN1RJCONR2FEzgN0aRsbAHlqmfXhduVo4Fx3nu4oGZWeLwDRRcc-LT3u6-uFyx-lUyhw6EUEY
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 0EBE 42 B
213 B 106ms
32ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAFnkO4nRe-PcrpB1Z8oops&google_push=AXcoOmQZUZzt-LQ_h0PG1x7WrMt-sZMg9YBeywXlzey3pdxHdlzBdI3YsRNxDZSfjb-Q_yp2AzwFasEu5m6GIlW45GCNHi1pCdwcSA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1756577265871754&output=html&h=280&slotname=5512140074&adk=3493941598&adf=1043275132&pi=t.ma~as.5512140074&w=1100&fwrn=4&fwrnh=100&lmt=1691998662&rafmt=1&format=1100x280&url=https%3A%2F%2Flyrics24h.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692005855809&bpp=1&bdt=2222&idt=213&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a7ea17f5b8081a2-227b0fbf50de0029%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaIN2twTlFEEW3MPIhkle4D6Glc_w&gpic=UID%3D00000c60668fb81c%3AT%3D1692005856%3ART%3D1692005856%3AS%3DALNI_MaEyFVQKvnfJh3JrnycPFChKtfAnQ&prev_fmts=1100x280%2C0x0&nras=1&correlator=7189335390651&frm=20&pv=1&ga_vid=1676204663.1692005856&ga_sid=1692005856&ga_hid=394265120&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076924%2C31076951%2C44796632%2C21065725&oid=2&psts=AOrYGsldAEM7eBhzgJBc1J6lzQWr3Y_88-T1TyADdd4UZ6FOhGjRN7cdnCq2VbI4_5XshYK5P8hu5GSdD0BV7hvYcJXzfA&pvsid=1568799486003251&tmod=1603537746&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=1kVN6x4whx&p=https%3A//lyrics24h.com&dtd=6683
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:43 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

report
sync.teads.tv/um/ Frame 0EBE
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHIgjJPnqQP4...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQoDsFl6j1NkNLzW2vZTwtmpLKdiro_-Ncsre7atJwZh4Gu48EZwB0CIbLwi2eSB_2JUhtX8Hq4sMN_vmiYjpJwaCTdIEOfTkBE
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

66ms
66ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Mon, 14 Aug 2023 09:37:43 GMT
pragma: no-cache
date: Mon, 14 Aug 2023 09:37:43 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0EBE 0
130 B 94ms
28ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEu35zsHjqcLqjcA2bQVBSocPDTEZr-iqTM2YHyG8K430JPzSmXNkn8MOhSh5-iLoyYajuDg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 2FAD 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23222f766cb7b7467868b379308aec148960258bf552749ee1a3c4c122f434fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2FAD 33 KB
33 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:13:42 GMT
x-content-type-options: nosniff
age: 440641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:13:42 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2FAD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZUlF5vXZZM79H8iWjuwP1tmG4AXc7Y-ccsS9tb6MEvGWqbyMPxABII_75E1glaKkgrAHoAHp_fXPA8gBCagDAcgDywSqBMwBT9APuqfOh902FKKFs0qWesgweRZghs1BMAq3S9xI8fZ36rq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210910285569047207015%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_win...

0
0

58ms
57ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210910285569047207015%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226249541556751877249%22}&andc=true

Protocol

Server

142.250.186.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10910285569047207015","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"6249541556751877249"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 09:37:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 09:37:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10910285569047207015","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"6249541556751877249"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 121ms
74ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230809&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3fba2a07ce5155b55bd23e6dc3ffc3602f3876a743315ba1e61ab278b89ff8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11769
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F17 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 08:36:31 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
55ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 09:37:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 09:37:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 98B5 13 KB
5 KB 25ms
23ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 08:27:19 GMT
expires: Tue, 13 Aug 2024 08:27:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DDB2 831 B
1023 B 35ms
34ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ed9c4c23f90c4b9d4d7070177e29a188bb1b554e7efb48ad913900896bb7d6f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-364PrBkETP5RzWxRFPi0qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lyrics24h.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-364PrBkETP5RzWxRFPi0qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:37:43 GMT
expires: Mon, 14 Aug 2023 09:37:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 98B5 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 08:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 08:36:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DDB2 0
0 117ms
117ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230809&jk=1568799486003251&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 98B5 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SlmwSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:37:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF90 42 B
64 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkRrSyt9YpoCvfzkeg8tFYB_5n65y_gPS0Wq35uOr-6eSAxvH9ce3BezXL9WW39La8ZPaugAAnGdeFDp1FpJ3JwojBL4tS3ql8UJcr8awoh_widNW7vKlskoe3P7kfWhP_PyO9imTpFjNQ&sai=AMfl-YSLt-J_u-gyJoYbbABXJYP0XRGl7s_vot_p0kz8KdIUpUR6JDT1okPFUWKNgMVNzU0Rzn0rzabcV3aH&sig=Cg0ArKJSzB9tZLPZ11LtEAE&cid=CAQSGwBpAlJWHFDqOi1QXh9Yne19rZHxpXhE_0wq4BgB&id=lidar2&mcvt=1000&p=0,0,280,1100&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=0.68&if=1&vu=1&app=0&itpl=22&adk=3577780253&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692005856016&rpt=2813&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 09:37:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 126ms
126ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230809&jk=1568799486003251&bg=!ZmWlZTHNAAaiGN5Pghg7ADkAdvg8Ws-ybNaARIrEZJ9KbiQQO7KhhWg7gPFhndFr9wpuUl1oQW-4RWanOTb76aAtZLo7Xvaq-JsCAAAATlIAAAAIaAEHmQLWsOwnlPHU6f45gcwMFpJPAbHM8ciHSBQsZC8C71RAwlhlgox-Izb9ATuPyJSVGo9uF2rr766XnQP4AyOv7HiavXtGrMdfgRbEAxRV9Z1adaFx0CNJZLeOYr8DOH6sgAl4KG7tDLvbApsAM2gUWMPEA5QgzX_omt5WM1Xvpv5Sr3w48Y7hRVFjpeC34cG6FUDWVgsp7Mf28ZzrNLJjdiGGdVGUOQfgTclHQ6__s8lO-tBRmHc8ilUTbSOpXntFNsrhd_8xOBlZOX9p1sfHAymarOwLyqzJ9w0NewM9u2mPrjWY7zFJE1-NUKQLgD6gjFSA7hOlmheUDCmpH9o31SlWbaoksBOGZFQaIVaPRkblRagoIE40n2AuVDh-NRyMts_eeKs5TgUciGXtKywetLgtUsbwFFSpKkmkdeFiLZnT9TQYkF9Za1QzKNz1cw9Sg8qBiAAKRZfgTr8m86EfC6IBsovrT8mVTBRJvhXkAkvpfbl9eFS-MSTKMp3Xyp95YpZff-UFAjeU5Ry-v6TAN8N3xwIQgLm3-eteClCCQVQgZ0L06bsvVV_pVr0X7lONk3hsEol83tW_kwnzcFpRR-hF6zs2I68WgzoU4GFx35p3AGaK0pq0O0lS8IlWQ_oN4kxy319CzZhwI4xzlq1HlkqQRz9pB98S0iHACM7vKHACB6atWwfp8qwk5L86OHN48QmCv0op60uVpP1tTDdtdFXJ7tLipDI5EJK289cHW5HhrcRKDYwJoD7JznW4JiBrxc_lnkGcvybKGj3OK8WvdrbOqi4-FIMRpHMBlu_uiFtZzRw62GSidcii3RkqvX1M77iJ_4ZCAAJLPVJy5oCylRtnQWHXCq7wttAX5rplu7P_9m8MvPW_-nc4p19_OPDw-GCZVHxmWYQAH2XdlRfbjczhN3pIkfU1BxY8A02HzsMxMZu9P17HxHAFMpan4tr5fBpEwKnmybDM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lyrics24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lyrics24h.com/	1970-01-20 23:21:41	Name: __gads Value: ID=6a7ea17f5b8081a2-227b0fbf50de0029:T=1692005856:RT=1692005856:S=ALNI_MaIN2twTlFEEW3MPIhkle4D6Glc_w
.lyrics24h.com/	1970-01-20 23:21:41	Name: __gpi Value: UID=00000c60668fb81c:T=1692005856:RT=1692005856:S=ALNI_MaEyFVQKvnfJh3JrnycPFChKtfAnQ
.doubleclick.net/	1970-01-20 23:21:41	Name: IDE Value: AHWqTUli1IODvJvzxPrEE4j9f1VU8-_wqlx5CsvpkLm1SkB7ImgJdPvv6xL5fqRBFlE
.googleadservices.com/	1970-01-20 16:09:41	Name: ar_debug Value: 1
.lyrics24h.com/	1970-01-20 23:36:05	Name: _ga Value: GA1.2.1676204663.1692005856
.lyrics24h.com/	1970-01-20 14:01:32	Name: _gid Value: GA1.2.654762005.1692005863
.lyrics24h.com/	1970-01-20 14:00:05	Name: _gat_gtag_UA_132768667_1 Value: 1
.mathtag.com/	1970-01-20 14:43:17	Name: mt_mop Value: 4:1692005863
.travelaudience.com/	1970-01-20 23:31:46	Name: _tracker Value: %7B%22UUID%22%3A%22BD69092E-9100-4E57-B416-A0EEE4A1A19E%22%7D
.de17a.com/	1970-01-20 22:38:29	Name: guid Value: 1.7296064393334796436
.everesttech.net/	1970-01-20 22:45:41	Name: everest_g_v2 Value: g_surferid~ZNn15wAFPZqhWABV

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=Jhg0aacYDygKyCvO3pbxgynWAlNIAPyvzcgek2F9IDzW27MYhh3BZZyTE1wMvU14avf0A2sKzncg2zogYhdldw Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.exhandle.com
ads.travelaudience.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jsc.adskeeper.com
lyrics24h.com
mts0.google.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
1.52.187.138
104.102.35.84
142.250.185.226
142.250.186.98
151.101.2.49
185.29.132.241
213.155.156.168
2606:4700::6812:92e
2a00:1450:4001:800::200a
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a02:fa8:8806:12::1400
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
34.160.236.64
35.190.0.66
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
0a609d7a8175c1ba9be501cb07acc551b866a524a4c7dce92a9ca4df5e9c2783
0a8907e810d93eb5e7aa2f2911a70e73cee3e7e2acc43edafd4f1000044ffb2f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e9ca7be8b8e6a5f242215d8d9e28351061397607ec3d614f711e0cc70806bca
120c2f79cd2a4ea2f49be66bdc8db175b26bd1c248aff3d2a8ea708255717614
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15
23222f766cb7b7467868b379308aec148960258bf552749ee1a3c4c122f434fe
263c3f7702d40be71f522374cda84635f3ee02dbed8c2fe934957b261dace71b
2dbdefa69774e4bf6436b1ef2236a98350b3985576de66315179b3c7be98d56c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35051bdb01c8d38f7f6afbe77a1fb6138ec9919fe8994e622fb013a37a6855c7
353663d41517215180ca1a4e2cb2138bf1fc5d2c9a0e1c38f737da0c6f1aafc1
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3689acff8324f8b00d84ebb3c3aca7dc6f3d5dda2c272c7524fc3990abd40a5a
376851e6e11cd8c48f52a2f7714dcfb7da7ac247bc8f6b0416b3782ba7d2e688
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
44c63c9f205076b8654a989c95924d76e845d6fea627450b2e59e0dfd5880f0e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48d3a8d3b05b689b84bca36fdf63bcad9dfc29c576a3fc1b80c9a808ba3f0205
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73c66b471b9610c77463a41ca3266dce2d3f25f6377bce6463aa87654bf7892d
89e891598e985a8d5f31079a30d1068370caec56c96e7a7ffa9267dbb4cd1ca2
8c3e035df19aaef28777173ee36bf3c4815911ad82e2cf8bf7ea45c5f6bfffa8
8ca15c889be2474ac169dbb7751fa4fa9c2e3b83b481f060560f99385b7e873c
8ed9c4c23f90c4b9d4d7070177e29a188bb1b554e7efb48ad913900896bb7d6f
95231cd5878cd87285518dbed3b6b626e5267e9944af7ca0e002c33d1e7b4d7f
97aa92da01df2277e3634c49193e0cba71381c22486eb99980b5bf92c439e6dc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a2e5f0dec4845b67ef9e1cb369b4aab63fb7c27de25b9cf50f17c3f702acf353
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a80c47499d2ddbd1ff40fe9af7bee68858ee8d3ddb3f17964c8806094b4afa1d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c25293f4637ada03ea626b30464dbfdf00eb1aa827fbdc6e68f1025361e15358
c848a2d6431bd54a01c7cf2f75876b14f044fe189f0402d039266baff9ff4168
ca452a778322112acf74d2542d39fd7e2d2c4687aedcf0fe895d60ca1fbb536b
d00e35ee80b76ebd2dd9afe000e16025d2a461b994d41ca79b251bc5a348b6da
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e2cc6ffd5cfafeb038b5142626e94a51dfe62456778e35181a1c9149a87814be
e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e522c7dded564b04a6ddf50e17c572e13a1aa708a8cafc6db372965e809c6f6b
ec8a57043d485abf55cc29e20bf5771465a25cd1a5f42812d8b662eace6404ef
ec94e4a07bc5e5f7a8fbad8588afb8d7979ff71b2361329d9cfb7b40c865c739
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fba2a07ce5155b55bd23e6dc3ffc3602f3876a743315ba1e61ab278b89ff8e
f805b4510d9013b2b357ebdc6426de05f94e549c7f8102d32591d7ed33a01b96

lyrics24h.com Open in urlscan Pro 1.52.187.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

91 %HTTPS

63 %IPv6

21 Domains

26 Subdomains

21 IPs

7 Countries

1713 kBTransfer

3485 kBSize

11 Cookies

0 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lyrics24h.com Open in urlscan Pro
1.52.187.138 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

91 %
HTTPS

63 %
IPv6

21
Domains

26
Subdomains

21
IPs

7
Countries

1713 kB
Transfer

3485 kB
Size

11
Cookies

81 HTTP transactions
8 data transactions