Submitted URL: http://tr.aubertolivier.org/
Effective URL: https://tr.aubertolivier.org/
Submission: On May 12 via manual from TR — Scanned from DE

Summary

This website contacted 28 IPs in 5 countries across 31 domains to perform 107 HTTP transactions. The main IP is 2a06:98c1:3121::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is tr.aubertolivier.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 13th 2021. Valid for: a year.
This is the only time tr.aubertolivier.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
6 151.101.65.195 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
3 45.133.44.24 39572 (ADVANCEDH...)
1 143.198.248.63 14061 (DIGITALOC...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
10 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 88.212.201.210 39134 (UNITEDNET)
4 45.133.44.25 39572 (ADVANCEDH...)
5 16 2a02:6b8::1:119 208722 (YNDX)
7 142.250.186.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 23.88.85.6 24940 (HETZNER-AS)
1 88.198.204.168 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 2a01:4f8:252:... 24940 (HETZNER-AS)
1 1 2a02:128:7:49... 50245 (SERVEREL-AS)
1 1 2a02:128:7:49... 50245 (SERVEREL-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:128:7:52... ()
5 2a00:1450:400... ()
1 2a00:1450:400... ()
107 28
Apex Domain
Subdomains
Transfer
16 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
232 KB
16 aubertolivier.org
tr.aubertolivier.org
aubertolivier.org
2 MB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
204 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9163
3 KB
8 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3290
71 KB
6 zx-adnet.com
cdn.zx-adnet.com — Cisco Umbrella Rank: 139918
132 KB
5 youtube.com
www.youtube.com
689 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 74
www.google.com — Cisco Umbrella Rank: 7
2 KB
4 bantgoau.com
stream.bantgoau.com — Cisco Umbrella Rank: 43014
vs.bantgoau.com
717 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
29 KB
4 newrrb.bid
newrrb.bid — Cisco Umbrella Rank: 304016
22 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
3 KB
2 rtbrennab.com
rtbrennab.com — Cisco Umbrella Rank: 30970
2 KB
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 25787
373 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
65 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7678
914 B
2 wpadmngr.com
js.wpadmngr.com — Cisco Umbrella Rank: 23360
31 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8141
1 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 68
39 KB
1 baimgfroggd.site
tb.baimgfroggd.site — Cisco Umbrella Rank: 35496
688 B
1 zog.link
tcimp.zog.link — Cisco Umbrella Rank: 38295
320 B
1 wpushsdk.com
js.wpushsdk.com — Cisco Umbrella Rank: 35502
9 KB
1 cabnnr.com
js.cabnnr.com — Cisco Umbrella Rank: 39373
11 KB
1 92333cc277.com
55e0337459.92333cc277.com
199 B
1 tubecup.net
notification.tubecup.net — Cisco Umbrella Rank: 7850
190 B
1 nawpush.com
na.nawpush.com — Cisco Umbrella Rank: 37935
675 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 789
649 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 660
29 KB
1 load02.biz
load02.biz — Cisco Umbrella Rank: 545713
19 KB
1 cstwpush.com
cst.cstwpush.com — Cisco Umbrella Rank: 116881
597 B
0 Failed
function sub() { [native code] }. Failed
107 31
Domain Requested by
14 aubertolivier.org tr.aubertolivier.org
8 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
8 mc.yandex.com 2 redirects tr.aubertolivier.org
mc.yandex.ru
8 mc.yandex.ru 3 redirects tr.aubertolivier.org
6 securepubads.g.doubleclick.net cdn.zx-adnet.com
www.googletagservices.com
securepubads.g.doubleclick.net
6 cdn.zx-adnet.com tr.aubertolivier.org
cdn.zx-adnet.com
6 pagead2.googlesyndication.com tr.aubertolivier.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 www.youtube.com www.google.com
www.youtube.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
4 newrrb.bid tr.aubertolivier.org
newrrb.bid
3 stream.bantgoau.com js.cabnnr.com
stream.bantgoau.com
3 www.gstatic.com 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
3 www.google.com 1 redirects tpc.googlesyndication.com
stream.bantgoau.com
3 fonts.googleapis.com tr.aubertolivier.org
655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
2 rtbrennab.com 2 redirects
2 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 fp.metricswpsh.com js.wpadmngr.com
2 www.googletagservices.com cdn.zx-adnet.com
655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 js.wpadmngr.com cst.cstwpush.com
js.wpadmngr.com
2 counter.yadro.ru 1 redirects tr.aubertolivier.org
2 tr.aubertolivier.org 1 redirects
1 fonts.gstatic.com www.youtube.com
1 vs.bantgoau.com stream.bantgoau.com
1 lh3.googleusercontent.com stream.bantgoau.com
1 tb.baimgfroggd.site 1 redirects
1 tcimp.zog.link 1 redirects
1 js.wpushsdk.com js.wpadmngr.com
1 js.cabnnr.com js.wpadmngr.com
1 55e0337459.92333cc277.com js.wpadmngr.com
1 notification.tubecup.net js.wpadmngr.com
1 na.nawpush.com js.wpadmngr.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 code.jquery.com tr.aubertolivier.org
1 load02.biz tr.aubertolivier.org
1 cst.cstwpush.com tr.aubertolivier.org
0 template Failed aubertolivier.org
107 38
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-12-13 -
2022-12-13
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
pointly.ch
GTS CA 1D4
2022-05-05 -
2022-08-03
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
cst.cstwpush.com
R3
2022-03-21 -
2022-06-19
3 months crt.sh
load02.biz
R3
2022-05-11 -
2022-08-09
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
js.wpadmngr.com
R3
2022-03-21 -
2022-06-19
3 months crt.sh
mc.yandex.ru
Yandex CA
2021-12-22 -
2022-06-03
5 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
*.google.de
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.google.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
na.nawpush.com
R3
2022-04-09 -
2022-07-08
3 months crt.sh
notification.tubecup.net
R3
2022-04-21 -
2022-07-20
3 months crt.sh
55e0337459.92333cc277.com
R3
2022-05-09 -
2022-08-07
3 months crt.sh
js.cabnnr.com
R3
2022-04-25 -
2022-07-24
3 months crt.sh
js.wpushsdk.com
R3
2022-03-21 -
2022-06-19
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
www.google.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
vs.bantgoau.com
R3
2022-04-16 -
2022-07-15
3 months crt.sh

This page contains 12 frames:

Primary Page: https://tr.aubertolivier.org/
Frame ID: 68A894A2C98168A9654C257D5221ECAA
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/zrt_lookup.html
Frame ID: 3F73FC9C4A5DEA186CD43966535755BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPY4iL-PY4iL-AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3890713886363470&output=html&adk=1812271804&adf=1573534164&lmt=1652360063&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftr.aubertolivier.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652360063387&bpp=2&bdt=111&idt=242&shv=r20220509&mjsv=m202205090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=928116508211&frm=20&pv=2&ga_vid=80802282.1652360064&ga_sid=1652360064&ga_hid=1407932583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067536%2C31067525%2C31062931&oid=2&pvsid=830655573324336&pem=829&tmod=1523819917&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=533
Frame ID: 84218B8FE0558936B9844D0E9E4F0157
Requests: 1 HTTP requests in this frame

Frame: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EBA665194FFBC341F084DE6EBC141198
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CE9BC0E2DDFE5ADEEDD041474256262D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 28E42B5765F9528D57CB8B21792E09AE
Requests: 2 HTTP requests in this frame

Frame: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D122E9222EF805172993A92F62094C36
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C505CCFEB66204F6D0ADB8699E2BFBE6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5C724CEE3FA78B2068523C129387816F
Requests: 2 HTTP requests in this frame

Frame: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FflXyC3-fY_w%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.0160&oid=1850965&sp=0.043750&spp=1000&se=impression&vi=flXyC3-fY_w&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652360067&utm1=tcb&utm2=803629811-1&utm3=195-21720-0&utm4=0-9033275-14
Frame ID: BC853C575D0616A437A6775C1FE55418
Requests: 4 HTTP requests in this frame

Frame: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Frame ID: 503E29BF2AACBD1C188432A3681978B6
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Frame ID: 2D90E0DD55BC9E1F5BC5A2AE03D70B65
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

Bilimsel ve eÄŸitsel web sitesi Aubertolivier

Page URL History Show full URLs

  1. http://tr.aubertolivier.org/ HTTP 301
    https://tr.aubertolivier.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

107
Requests

90 %
HTTPS

73 %
IPv6

31
Domains

38
Subdomains

28
IPs

5
Countries

4453 kB
Transfer

10210 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tr.aubertolivier.org/ HTTP 301
    https://tr.aubertolivier.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//tr.aubertolivier.org/;0.8758350718472803 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tr.aubertolivier.org/;0.8758350718472803
Request Chain 48
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22tr.aubertolivier.org%22:{%22https://tr.aubertolivier.org/%22:%22%22}}}&r=0.02783642910510764 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tr.aubertolivier.org%22%3A%7B%22https%3A%2F%2Ftr.aubertolivier.org%2F%22%3A%22%22%7D%7D%7D&r=0.02783642910510764
Request Chain 50
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22tr.aubertolivier.org%22:{%22https://tr.aubertolivier.org/%22:%22%22}}}&r=0.8817649858297176 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tr.aubertolivier.org%22%3A%7B%22https%3A%2F%2Ftr.aubertolivier.org%2F%22%3A%22%22%7D%7D%7D&r=0.8817649858297176
Request Chain 53
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9636.Yt1Rp-9jmIylANTUSvsVBhCgUICNTYWtmfOyYXGIODHZBjYSiIb73chK3CaaKIAH.fn66LAXJ0KwiDBdZ0VPCGTtxnyk%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9636.5F1GFndj4Fd_ilaZyNwPzqfBtaqSGEfPl-0L5VsVtTwJITX81c4MOaKXmIyFbUyjgRpNzxU-nmeD8v8DuwgK2qYddLcFGKTjI3oRDjDA4f0%2C.P_Dc0h914tJ61evbkaAnMM8vZ30%2C
Request Chain 69
  • https://mc.yandex.com/watch/71323803?wmode=7&page-url=https%3A%2F%2Ftr.aubertolivier.org%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A599%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A442771435995%3Ahid%3A47907720%3Az%3A0%3Ai%3A20220512125424%3Aet%3A1652360064%3Ac%3A1%3Arn%3A97634989%3Arqn%3A1%3Au%3A1652360064377118755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652360062709%3Ads%3A0%2C49%2C88%2C1%2C427%2C0%2C%2C442%2C15%2C%2C%2C%2C1007%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652360064%3At%3ABilimsel%20ve%20e%C4%9Fitsel%20web%20sitesi%20Aubertolivier&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/71323803/1?wmode=7&page-url=https%3A%2F%2Ftr.aubertolivier.org%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A599%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A442771435995%3Ahid%3A47907720%3Az%3A0%3Ai%3A20220512125424%3Aet%3A1652360064%3Ac%3A1%3Arn%3A97634989%3Arqn%3A1%3Au%3A1652360064377118755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652360062709%3Ads%3A0%2C49%2C88%2C1%2C427%2C0%2C%2C442%2C15%2C%2C%2C%2C1007%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652360064%3At%3ABilimsel%20ve%20e%C4%9Fitsel%20web%20sitesi%20Aubertolivier&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 91
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 93
  • https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksMjYsNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiODA0MDM1MDU2IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTA2NjcsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjB9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjEwNjY3IiwiY2F0IjpbIklBQjI0Il0sInBhZ2UiOiJodHRwczovL3RyLmF1YmVydG9saXZpZXIub3JnLyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiJhNDA3OTUyMTM3OThhMTcxMDk3OWFjNDM0MWJhYzhlNSJ9LCJleHQiOnsiZHQiOjE2NTIzNjAwNjczNTZ9fQ== HTTP 302
  • https://rtbrennab.com/banner/in/show/?mid=98132581&pid=0&site=10667&sc=DE&usage_type=DCH&subid=804035056&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.035&ecpm=0.035&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=tr.aubertolivier.org&hostname=auc-banner-hz-5&site_id=0&spot_id=10667&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=2001:ac8:20:3c00:1011:99fc:7f2c:97d6&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=&min_cpm=0.000007&ttl=&space_id=1695&banner_width=1&banner_height=1&url=%2F%2Ftcimp.zog.link%2Fin%2Fbanners%3Fkatds_ep%3D6NhloIx0qcanw3U3lahsuOXusUCF2HjMMR3KqKUafakn-wKG9IjrH9s9_zEsZ7qrqS7uClMyedMrWpg1Tyu85Srx1mxoYfhgxhvw0aHpcsnO_n_iMbDsHxPkoaKuMTBu0uukUuHCLgZ137C0eSyFFoSEsN8JXcvVwX2jM_Q1T1FSfeFJpCPFKpePCs3qHL9FG_CwisrtSDTXSoAu0DDkYEtg3eY3xfZPy68h7uzoLTbWcX9ZcRwFCp27XJYSzFtgVAjt1DL6fLgYC9iCOjQuVDAbCdavdJhgxU86UGZkIF0ahoj-v6xLe55qo3_B3OJf52xUud2JHEwDhU_7ywB-2pi4hJDfaHoy6AWa4f_qZ2P-Thd4Qc_DvVwXf9Jc303_v4JEOLVEcNUxvXfzxeXuSyrm-rHzMJiDKsMs_PUIh-9S0b-XPwxSMIGyG_N50hIOYGUyg8ckoYvXayPFbmzc595QVMJL8lNOzqwHXS7tqaunoA&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags= HTTP 302
  • https://tcimp.zog.link/in/banners?katds_ep=6NhloIx0qcanw3U3lahsuOXusUCF2HjMMR3KqKUafakn-wKG9IjrH9s9_zEsZ7qrqS7uClMyedMrWpg1Tyu85Srx1mxoYfhgxhvw0aHpcsnO_n_iMbDsHxPkoaKuMTBu0uukUuHCLgZ137C0eSyFFoSEsN8JXcvVwX2jM_Q1T1FSfeFJpCPFKpePCs3qHL9FG_CwisrtSDTXSoAu0DDkYEtg3eY3xfZPy68h7uzoLTbWcX9ZcRwFCp27XJYSzFtgVAjt1DL6fLgYC9iCOjQuVDAbCdavdJhgxU86UGZkIF0ahoj-v6xLe55qo3_B3OJf52xUud2JHEwDhU_7ywB-2pi4hJDfaHoy6AWa4f_qZ2P-Thd4Qc_DvVwXf9Jc303_v4JEOLVEcNUxvXfzxeXuSyrm-rHzMJiDKsMs_PUIh-9S0b-XPwxSMIGyG_N50hIOYGUyg8ckoYvXayPFbmzc595QVMJL8lNOzqwHXS7tqaunoA HTTP 302
  • https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.043750&katds_labels=&utm1=tcb&utm2=803629811-1&utm3=195-21720-0&utm4=0-9033275-14&ts=1652360067 HTTP 302
  • https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FflXyC3-fY_w%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.0160&oid=1850965&sp=0.043750&spp=1000&se=impression&vi=flXyC3-fY_w&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652360067&utm1=tcb&utm2=803629811-1&utm3=195-21720-0&utm4=0-9033275-14

107 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tr.aubertolivier.org/
Redirect Chain
  • http://tr.aubertolivier.org/
  • https://tr.aubertolivier.org/
28 KB
6 KB
Document
General
Full URL
https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f866e8257d53e6044641208c2e1094963571f7978ff4bf2f7a4b68b95985251

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
DYNAMIC
cf-ray
70a34d7afc4e41b8-MRS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 12:54:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 13 May 2022 12:54:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3sKnY1tpNqn2TWrFpPGzK2dn8MuIa%2BNKD7LCtocoePI%2BUKSTwviUw7RzYaIdFgSk9%2BhjVqCbxvrwroBpbzm5%2Fe%2BEyRgDKH2Oz%2BkXu%2FTHYpP4bNF%2BDXB0wWrL00tPcPi%2FZYmmsnAsVLlYt2u9H6T6hb8tw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
70a34d78bed45a07-MXP
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 12 May 2022 12:54:22 GMT
Expires
Thu, 12 May 2022 13:54:22 GMT
Location
https://tr.aubertolivier.org/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olyapJuvY1hsJA5dMPEPRbsrKYzXCrxdS8WN8eZqV1VqA0KFl0FfwBXtyPwMo3IFhmAGNDI1CLyR%2BkO%2FINVXAaYjGpZxDQHZAAHopi9zqY%2FmB%2BgkU8h9BTizqo2r2jAjAZBo%2FJdL9Tv2MyjOtd15Jyhxzw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
158 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0eb92f4478f8e38f9f62a2c23fa58ec27aff2cb92fc820f5544312073de4c69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.aubertolivier.org/
Origin
https://tr.aubertolivier.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56130
x-xss-protection
0
server
cafe
etag
2372545888940749072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 12 May 2022 12:54:23 GMT
51pb.min.js
newrrb.bid/
66 KB
20 KB
Script
General
Full URL
https://newrrb.bid/51pb.min.js
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
148
duration
320792
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 12 May 2022 12:51:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nC3I8DeME5v5xFn6DwAnhB48kM9MEe3Q7aqLvTlz8Xm8wO%2B8MCuNgI285%2BNL2%2F9g5qDaxhJd82dnHZ3gtT5NEVEyRrOGNIyeXiswTUPnZR6AKS8GpFbancWjlbF592dUZP37jbtexFmj"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
70a34d7c1fcbd775-MRS
access-control-allow-headers
*
expires
Thu, 12-May-2022 15:56:55 EEST
drm56_19091901.js
cdn.zx-adnet.com/adx/
145 KB
19 KB
Script
General
Full URL
https://cdn.zx-adnet.com/adx/drm56_19091901.js
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1a2bd42bc7fbd2e7c718771e120ebbd8073aafb021026fb34331f6e735023652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Wed, 27 Apr 2022 20:26:02 GMT
x-timer
S1652360063.320529,VS0,VE1
etag
"d19f1de6243194dbbeaf5e3ecbc9aa1b386f3241bfe4e3200dbae8c980dc6177-br"
x-served-by
cache-hhn4020-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Thu, 12 May 2022 12:54:23 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
19487
x-cache-hits
1
css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300&display=swap
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f10fd88c3496b700fe1bf3cf205d6e10d635331860d9b809c9d107861914288f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 May 2022 10:54:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 12 May 2022 12:54:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 May 2022 12:54:23 GMT
style.css
aubertolivier.org/template/aubertolivier/css/
688 KB
144 KB
Stylesheet
General
Full URL
https://aubertolivier.org/template/aubertolivier/css/style.css
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09826b400604cc624c1b66800896ddca207d4e1e93e7fa51c0b5dace3cfac723

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
343856
cf-polished
origSize=719631
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 12 Mar 2021 20:09:16 GMT
server
cloudflare
etag
W/"afb0f-5bd5c797c22eb-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6z3kC%2BT5GAVxMUhxTDPSadY8nwLwpITJNwY%2Fi0pClPOx2M2jQF4fA6udPAGipUT5CzNzOW25i%2BhyeAfYX3%2FBq8sQ%2FZT7a4pYugHX5OaQ1ZSm5V%2BPviyub2dIKFYjKesSECN2pxks38cLctmBFpMuXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1209600
cf-ray
70a34d7c4e7c41b8-MRS
expires
Sun, 22 May 2022 13:23:27 GMT
jquery.js
aubertolivier.org/template/aubertolivier/js/
95 KB
34 KB
Script
General
Full URL
https://aubertolivier.org/template/aubertolivier/js/jquery.js?ver=1.12.4-wp
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
343856
cf-polished
origSize=96878
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 19 Jan 2021 12:03:28 GMT
server
cloudflare
etag
W/"17a6e-5b93fa0669fde-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vo14FCEUBPR9KEPX%2FFlOtxbv6GuDBA%2Fh6V8%2FALpJkB29NPeemQpGA9BX7PLJovsYZz%2BGTqDBI%2Bet1ru7eAkjR8P%2BVnrfFU9yi2eMC7PKJFYjCAb6gRcodKMSjg4qaKGeJrj2tAC34kxt7ZQPbfkUGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
70a34d7c4e8241b8-MRS
expires
Sun, 22 May 2022 13:23:27 GMT
autoptimize_ac4ee0fe3e519184ae2c06b29c21034f.js
aubertolivier.org/template/aubertolivier/js/
129 KB
38 KB
Script
General
Full URL
https://aubertolivier.org/template/aubertolivier/js/autoptimize_ac4ee0fe3e519184ae2c06b29c21034f.js
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f8d1575e642f5bf742ca3680f8c9b09b17ea98f3801d494fdb9ece009412654

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587959
cf-polished
origSize=131829
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 19 Jan 2021 12:03:27 GMT
server
cloudflare
etag
W/"202f5-5b93fa05a2c5c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=offaRJ44%2FBnAK6AiLPyvMPV4MRMi4LF1E3YCzXZ3wtUEFXEGoSFAaNEBuz7Tdt1s%2BtdKU%2Fp%2BEqsgdpa1zwa06G4knyA57na62oXEdGxLA0z1s6J3MWc%2ByqPRPtJn2M9WrS445LL0AWUiRXmhx%2B%2FSgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
70a34d7c4e8341b8-MRS
expires
Thu, 19 May 2022 17:35:04 GMT
adv.css
aubertolivier.org/template/aubertolivier/css/
61 KB
42 KB
Stylesheet
General
Full URL
https://aubertolivier.org/template/aubertolivier/css/adv.css
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
325535
cf-polished
origSize=62935
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 12 Mar 2021 20:08:38 GMT
server
cloudflare
etag
W/"f5d7-5bd5c77396642-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjtwfXhJ4NgsSBmlUdVjntc2riHb6xJ2hLEFmvuLVAhKdyZgYO8sfhqyNrAq%2BteVVkHr%2FDV4xIMzm3CP9Jiy33VTVceYKDuT7v4gPWQkPCwr8LF80JAUAZAt2ycdpFku7I7nMHoMSzV1QdrHc%2BoJCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1209600
cf-ray
70a34d7c4e7a41b8-MRS
expires
Sun, 22 May 2022 18:28:48 GMT
adManager.js
cst.cstwpush.com/static/
451 B
597 B
Script
General
Full URL
https://cst.cstwpush.com/static/adManager.js
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 09:03:43 GMT
server
nginx/1.18.0
etag
W/"6166a0ef-1c3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 12 May 2022 12:59:23 GMT
cache-control
max-age=300
x-proxy-cache
HIT
/
load02.biz/
19 KB
19 KB
Script
General
Full URL
https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.198.248.63 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
6661ec634c913aee431e00c8d5619097c3a6978882bc61044c257701a49d731c
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 12 May 2022 12:54:23 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
jquery-2.2.1.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.1.min.js
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e7e"
vary
Accept-Encoding
x-hw
1652360063.dop128.fr8.t,1652360063.cds254.fr8.hn,1652360063.cds274.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29882
jquery.unveil2.min.js
aubertolivier.org/template/aubertolivier/js/
3 KB
2 KB
Script
General
Full URL
https://aubertolivier.org/template/aubertolivier/js/jquery.unveil2.min.js
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587959
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 19 Jan 2021 12:03:29 GMT
server
cloudflare
etag
W/"b2e-5b93fa070c19f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CVmdksO6k28IaYBnShSpkmNfMguz9zkq%2BNR5NBeX5qyqk8LZk4ISNxOSbCpv3IhGrD81FfQG4q12MSKocF43DvvNi4MwNJ0PQX9wHiohOs8sJPLeHLp6YH9PID1Ksjl8PARj0rCyNicbjJj6jHkdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
70a34d7c4e7e41b8-MRS
expires
Thu, 19 May 2022 17:35:04 GMT
cookies_gdpr.js
cdn.zx-adnet.com/consent/
34 KB
9 KB
Script
General
Full URL
https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.9994472506106054
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Wed, 27 Apr 2022 20:26:02 GMT
x-timer
S1652360063.320717,VS0,VE51
etag
"e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
x-served-by
cache-hhn4020-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
no-cache
date
Thu, 12 May 2022 12:54:23 GMT
accept-ranges
bytes
x-cache-hits
0
motherboard-makes-high-pitched-chirping-noise-will-it-stop-by-itself-or-what-do-i-need-to-do-to-fix-it.jpg
aubertolivier.org/picture/hardware/
199 KB
200 KB
Image
General
Full URL
https://aubertolivier.org/picture/hardware/motherboard-makes-high-pitched-chirping-noise-will-it-stop-by-itself-or-what-do-i-need-to-do-to-fix-it.jpg
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9664817e847880ba537d08c0a3bb7ec3c1f9776110e78406a24f748d2417b5eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
204141
last-modified
Tue, 19 Jan 2021 12:03:52 GMT
server
cloudflare
etag
"31d6d-5b93fa1cb026f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tzzH6JhC%2BkzZ7O4gBvhFTPDcuoOCGL%2Fj06x1cpYOhWq7mLfD4tvR1Q9Z5lDO4ypXrflAorVC4mdroiny6%2Fn1ncBU3kn6XYjacsdxh%2FWA7LhazioV%2B4BbC75TVfrj4v6vg%2BkEsbkoWyywuwK6KmBSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
70a34d7c4e7f41b8-MRS
expires
Fri, 12 May 2023 12:54:23 GMT
cant-connect-to-local-iis-on-windows-8.jpg
aubertolivier.org/picture/cant/
42 KB
43 KB
Image
General
Full URL
https://aubertolivier.org/picture/cant/cant-connect-to-local-iis-on-windows-8.jpg
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da5cf6d16bdefe5c557e9960738168b2fede23ae02a3ce2925a93a2c06fc0315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43065
last-modified
Tue, 19 Jan 2021 12:03:42 GMT
server
cloudflare
etag
"a839-5b93fa1377cba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPSvi6h7JGMcKxGFReKfdG5erACan1cb09%2BmI8mowsMgjxMJbgdaBbKQ6MaeNHMUGhW%2FEGR5u90tTevIQ2NYDErjyi354T6GgkEXMouXbB99V87nfdMvkEoPbU3mtsTglgxhypTfb7%2FYRuvTsP0%2FUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
70a34d7c4e8541b8-MRS
expires
Fri, 12 May 2023 12:54:23 GMT
missing-access-log-for-virtual-host-on-plesk.jpg
aubertolivier.org/picture/apache/
47 KB
48 KB
Image
General
Full URL
https://aubertolivier.org/picture/apache/missing-access-log-for-virtual-host-on-plesk.jpg
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6490749576364e3a3bd85ac9cb33bb0470df4937c8eafb9135acae57c5e8055

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48142
last-modified
Tue, 19 Jan 2021 12:03:38 GMT
server
cloudflare
etag
"bc0e-5b93fa0fa5472"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EC7gZfAbWKd1G%2FUZlJJ76iFQpfJuf0O9out8PeHQOtTTOV92048VVkLwtHxNixJQOUWoPTI0iOPcCznAyqUQ0cuUZ36WwtIgNZpKEQHH9T6Nnss8XhTNkM1iT6zuyFZ4BDZtOEUCVJfNAdtc4XIQiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
70a34d7ca92c59ad-MXP
expires
Fri, 12 May 2023 12:54:23 GMT
windows-8-network-connections-take-minutes-to-establish.jpg
aubertolivier.org/picture/networking/
125 KB
126 KB
Image
General
Full URL
https://aubertolivier.org/picture/networking/windows-8-network-connections-take-minutes-to-establish.jpg
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ff2962bd99caa469e4c3b923b9a8a676b2c46f209b80ff4ac5579019ab495d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
128402
last-modified
Tue, 19 Jan 2021 12:04:12 GMT
server
cloudflare
etag
"1f592-5b93fa2fdf4b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYCc8kX7ZXKyxXSBbdYTnKzA2EDu9ou3l7DJ5RayXO9nY0mwWt%2B7Dw4vy8%2BXQpy5ndLVlEhwAo4s1yK5BceJK%2BlLIshTsf1enQhCx7lTSQFROVv%2BUC6ekkAbu0m%2BiEh%2BBeKiA3Gv%2FERD5eEJi0QJhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
70a34d7ca92859ad-MXP
expires
Fri, 12 May 2023 12:54:23 GMT
vim-colorschemes-not-changing-background-in-ubuntu-terminal.png
aubertolivier.org/picture/vimrc/
686 KB
687 KB
Image
General
Full URL
https://aubertolivier.org/picture/vimrc/vim-colorschemes-not-changing-background-in-ubuntu-terminal.png
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9aecddc90a23bdd5e76d6c361918f09324585216949484eb05cb03bb7c7be3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
702682
last-modified
Tue, 19 Jan 2021 12:04:25 GMT
server
cloudflare
etag
"ab8da-5b93fa3c73074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9v0HCcydH6%2BV11coYpdmzBTRELSkjTpJSzWSboaxC%2B8kPHmam9jVr3GaDLVNZwYpDzVQW9JOPgcxvHaVM2wMZQ1zLyniCOBxPROkZ9XuleU3k25AbkwIKAGsp02MzJQQf1MTkdSTMjDcsCPTs3qLDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
70a34d7ca92f59ad-MXP
expires
Fri, 12 May 2023 12:54:23 GMT
application-that-recognizes-default-gestures-and-tells-me-about-results-3.png
aubertolivier.org/picture/windows/
109 KB
110 KB
Image
General
Full URL
https://aubertolivier.org/picture/windows/application-that-recognizes-default-gestures-and-tells-me-about-results-3.png
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca59097e658f4a32803ef2560bde74368e7f4e0559a635e85aeffc89c8202406

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111566
last-modified
Tue, 19 Jan 2021 12:04:29 GMT
server
cloudflare
etag
"1b3ce-5b93fa409b7be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eB41HCmi9V3Ct2UdvDjDSbGJdEC0eCmOV%2FCt6oLBR2aI1JToMzkl2NoxVMtWSG6qkez1m6x2x1AfwcnM%2FcpDrnWIzQKXdxZIC0aRXuD0Gz7LXYL7Ui%2Fo56%2FkfKt77wHvIJ%2FD003AAqd7KRH5TxwXuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
70a34d7ca91f59ad-MXP
expires
Fri, 12 May 2023 12:54:23 GMT
windows-explorer-doesnt-open-my-documents-music-or-anything-when-clicking-the-library.jpg
aubertolivier.org/picture/windows/
181 KB
182 KB
Image
General
Full URL
https://aubertolivier.org/picture/windows/windows-explorer-doesnt-open-my-documents-music-or-anything-when-clicking-the-library.jpg
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3ffe2b152a7828b7f491db25c8560b2796a69617176b8dfc9e669adfa59f652

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
185763
last-modified
Tue, 19 Jan 2021 12:04:40 GMT
server
cloudflare
etag
"2d5a3-5b93fa4b05814"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLqzJXkfSVbjqHIx%2FevdQy3qSDaOqnycBFXIAHvSNf9ugC%2BIMbSDo6MQx%2F8RVVi3Kt2fjSIA7NAAkn2WoIW%2FIU0AYH6Mu9PoqzLYi8%2BzoTpOaLQZqgEceyfJSfq%2Fy%2BmpB86bKb62BJZ3QONbQH0CoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
70a34d7ca91c59ad-MXP
expires
Fri, 12 May 2023 12:54:23 GMT
remove-mouse-over-events-to-hide-unhide-dock.jpg
aubertolivier.org/picture/macos/
382 KB
383 KB
Image
General
Full URL
https://aubertolivier.org/picture/macos/remove-mouse-over-events-to-hide-unhide-dock.jpg
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca05f28587cd8ab461b3a23855e358f65f320316d92796cbbd78a1e333df4f7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
391307
last-modified
Tue, 19 Jan 2021 12:04:06 GMT
server
cloudflare
etag
"5f88b-5b93fa2a1da8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2Kt%2Fb%2FbIRj7PuGIF%2Bexmklox%2FlnH2U8ovnKceSGrNHpGAeZ6NFv%2B0V8TBqhkvx0qKo6b%2BYl4WZEhsHe%2FNfGm0rF%2FQg909yqMCr2DEbI1oy%2Fhgwa6shBQzKtpSElZshJ%2FfkyFeSPLbrnjt9SEsAGog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
70a34d7ca92059ad-MXP
expires
Fri, 12 May 2023 12:54:23 GMT
connecting-to-ethernet-device-with-fixed-ip-via-linksys-router.jpg
aubertolivier.org/picture/networking/
100 KB
101 KB
Image
General
Full URL
https://aubertolivier.org/picture/networking/connecting-to-ethernet-device-with-fixed-ip-via-linksys-router.jpg
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed346aadaaa10ee12546c574b52cf9298cc205d9249e4548385987921cad563

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102735
last-modified
Tue, 19 Jan 2021 12:04:10 GMT
server
cloudflare
etag
"1914f-5b93fa2e4aff5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PW6dC9xYQfCm084YkMXP27iHPKOxppVyKxvVnPbO0GDK4FWqiFOSG67Tn8sH6egQYCvw407X17PoIBN5CgKTH3Wr7sfETROASz64VAFaLBq7DXyGggxDrfMUH807uhQWh56WRr6oiCa7EXRIoLVBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
70a34d7ca92559ad-MXP
expires
Fri, 12 May 2023 12:54:23 GMT
abs.js
cdn.zx-adnet.com/adx/
220 B
221 B
Script
General
Full URL
https://cdn.zx-adnet.com/adx/abs.js?0.5224263024803322
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Wed, 27 Apr 2022 20:26:02 GMT
x-timer
S1652360063.334651,VS0,VE93
etag
"5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
x-served-by
cache-hhn4020-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Thu, 12 May 2022 12:54:23 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
107
x-cache-hits
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205090101/
308 KB
110 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3890713886363470&plah=tr.aubertolivier.org&bust=31067536
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b592693b3325a2c86be47818423b13daaebf598ca354533a513c6212da412bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112606
x-xss-protection
0
server
cafe
etag
7905179207311812207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 12 May 2022 12:54:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/ Frame 3F73
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.aubertolivier.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47484
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 May 2022 23:42:59 GMT
etag
1428802124239944296
expires
Wed, 25 May 2022 23:42:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
cdn.zx-adnet.com/consent/
341 KB
66 KB
Script
General
Full URL
https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.9994472506106054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Wed, 27 Apr 2022 20:26:02 GMT
x-timer
S1652360063.411945,VS0,VE0
etag
"903d4e9708a69e8cc899413e10c8bd8c12ff0e8553c05df46fc83d843518567b-br"
x-served-by
cache-hhn4020-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=315000
date
Thu, 12 May 2022 12:54:23 GMT
accept-ranges
bytes
content-length
67057
x-cache-hits
84
51pb.json
newrrb.bid/
59 B
610 B
XHR
General
Full URL
https://newrrb.bid/51pb.json
Requested by
Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f3ace908ae9e42d0c48fc1228e66dccfd019362d603878e983b66994251944
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.aubertolivier.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxgXGJfKz9AcBfMXH10OZ8ceauHjTp5RtjE38VFHapT2PNbzZWf93q7OQFO%2FqGOYltbtbBawqBTZ5mAFfuWr769qpgTLDj%2BzFZeoIw4RjlBxscy7eIHFARkq0KOc4YOoVxtMR3LQsO6S"}],"group":"cf-nel","max_age":604800}
cf-ray
70a34d7c9c0e739f-MRS
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js
cdn.zx-adnet.com/consent/
230 KB
37 KB
Script
General
Full URL
https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Wed, 27 Apr 2022 20:26:02 GMT
x-timer
S1652360064.503629,VS0,VE85
etag
"dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by
cache-hhn4020-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=315000
date
Thu, 12 May 2022 12:54:23 GMT
accept-ranges
bytes
content-length
37832
x-cache-hits
0
truncated
/
41 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/webp
pxiByp8kv8JHgFVrLCz7V1g-1.woff
template/s021/fonts/
0
0

pxiByp8kv8JHgFVrLGT9V1g-1.woff
template/s021/fonts/
0
0

6xKhdSpbNNCT-vWL.woff
template/s021/fonts/
0
0

0QI6MX1D_JOuGQbT0gvTJPa787weuyJF.woff
template/s021/fonts/
0
0

pxiByp8kv8JHgFVrLDz8V1g-1.woff
template/s021/fonts/
0
0

pxiEyp8kv8JHgFVrFJM-1.woff
template/s021/fonts/
0
0

51pb.json
newrrb.bid/
59 B
575 B
XHR
General
Full URL
https://newrrb.bid/51pb.json
Requested by
Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8659f379589f8b898c0c3adf8cabdabbb4bf6d1f649d29410b5f8345a88727ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.aubertolivier.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2y7kHJ0zGXAAzHV2WSNRnSLPZWwNPOYi1zFdhy8mofkPE3ls%2Bl5%2BgIVO1l4N2sI6m%2BdgnlOAt4Aui2vLINDXuaAJmEMaiVPIiD7NkcPm1a9Iqg1lIkk%2BzAkdITNniuDdkuNhhnAJt7nF"}],"group":"cf-nel","max_age":604800}
cf-ray
70a34d7d9ed2739f-MRS
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checkabuse
cdn.zx-adnet.com/
56 B
349 B
Script
General
Full URL
https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Ftr.aubertolivier.org%2F
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.5224263024803322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
etag
W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
x-cache
MISS
content-length
65
x-served-by
cache-hhn4020-HHN
server
Google Frontend
x-timer
S1652360064.625541,VS0,VE154
date
Thu, 12 May 2022 12:54:23 GMT
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
x-cloud-trace-context
9d86ff01e601940c83a2e30ccc7074e6
cache-control
max-age=3600,public
function-execution-id
y4i40nhlvqwi
accept-ranges
bytes
x-orig-accept-language
de-DE,de;q=0.9
x-country-code
DE
x-cache-hits
0
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//tr.aubertolivier.org/;0.8758350718472803
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tr.aubertolivier.org/;0.8758350718472803
43 B
528 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tr.aubertolivier.org/;0.8758350718472803
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
HTTP/1.1
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host210.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 12:54:23 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 11 May 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 12 May 2022 12:54:23 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tr.aubertolivier.org/;0.8758350718472803
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 11 May 2021 21:00:00 GMT
adManager.m.js
js.wpadmngr.com/static/
83 KB
30 KB
Script
General
Full URL
https://js.wpadmngr.com/static/adManager.m.js
Requested by
Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
90c825e2825c27f08293bd32e7c0a4ea19e880bc38bd88190ea8eb1f7c48cd97

Request headers

Referer
https://tr.aubertolivier.org/
Origin
https://tr.aubertolivier.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
gzip
last-modified
Fri, 06 May 2022 07:46:35 GMT
server
nginx/1.18.0
etag
W/"6274d25b-14cd2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 12 May 2022 12:59:23 GMT
cache-control
max-age=300
x-proxy-cache
HIT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
tag.js
mc.yandex.ru/metrika/
202 KB
69 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 13:09:00 GMT
etag
"6274f3bc-1149e"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
70814
expires
Thu, 12 May 2022 13:54:23 GMT
cookie.js
partner.googleadservices.com/gampad/
221 B
649 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=tr.aubertolivier.org&callback=_gfp_s_&client=ca-pub-3890713886363470
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3890713886363470&plah=tr.aubertolivier.org&bust=31067536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
3a9c1bc51c023863c9d694f94328751698c7836e6e352ecfd22d099c2d1133b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=tr.aubertolivier.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3890713886363470&plah=tr.aubertolivier.org&bust=31067536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tr.aubertolivier.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3890713886363470&plah=tr.aubertolivier.org&bust=31067536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8421
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPY4iL-PY4iL-AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3890713886363470&output=html&adk=1812271804&adf=1573534164&lmt=1652360063&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftr.aubertolivier.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652360063387&bpp=2&bdt=111&idt=242&shv=r20220509&mjsv=m202205090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=928116508211&frm=20&pv=2&ga_vid=80802282.1652360064&ga_sid=1652360064&ga_hid=1407932583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067536%2C31067525%2C31062931&oid=2&pvsid=830655573324336&pem=829&tmod=1523819917&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=533
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3890713886363470&plah=tr.aubertolivier.org&bust=31067536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.aubertolivier.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 12:54:24 GMT
expires
Thu, 12 May 2022 12:54:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
427cf530861f76c89c9a5a767cd4c0a9cd81e2a19880cfb8ee0aa6b4f8ce4788
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28412
x-xss-protection
0
server
sffe
etag
"1212 / 716 of 1000 / last-modified: 1652353523"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 12 May 2022 12:54:23 GMT
gpt.js
www.googletagservices.com/tag/js/
81 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js?zx
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ec235c72059ac01875452439de68c849fa9bddd8bafd91e04ad72910272ec04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28427
x-xss-protection
0
server
sffe
etag
"1212 / 625 of 1000 / last-modified: 1652353556"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 12 May 2022 12:54:23 GMT
/
mc.yandex.ru/watch/70676614/DRM56/
43 B
83 B
Image
General
Full URL
https://mc.yandex.ru/watch/70676614/DRM56/?r=0.08575299390647428
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 12:54:23 GMT
last-modified
Thu, 12-May-2022 12:54:23 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 12-May-2022 12:54:23 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22tr.aubertolivier.org%22:{%22https://tr.aubertolivier.org/%22:%22%22}}}&r=0.02783642910510764
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tr.aubertolivier.org%22%3A%7B%22https%3A%2F%2Ftr.aubertolivier.org%2F%22%3A%22%22%7D%7D%7D&r=0.02783642910510764
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tr.aubertolivier.org%22%3A%7B%22https%3A%2F%2Ftr.aubertolivier.org%2F%22%3A%22%22%7D%7D%7D&r=0.02783642910510764
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 12:54:23 GMT
last-modified
Thu, 12-May-2022 12:54:23 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tr.aubertolivier.org%22%3A%7B%22https%3A%2F%2Ftr.aubertolivier.org%2F%22%3A%22%22%7D%7D%7D&r=0.02783642910510764
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Thu, 12-May-2022 12:54:23 GMT
/
mc.yandex.ru/watch/70676614/DRM56/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/70676614/DRM56/?r=0.6349480962177545
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 12:54:23 GMT
last-modified
Thu, 12-May-2022 12:54:23 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 12-May-2022 12:54:23 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22tr.aubertolivier.org%22:{%22https://tr.aubertolivier.org/%22:%22%22}}}&r=0.8817649858297176
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tr.aubertolivier.org%22%3A%7B%22https%3A%2F%2Ftr.aubertolivier.org%2F%22%3A%22%22%7D%7D%7D&r=0.8817649858297176
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tr.aubertolivier.org%22%3A%7B%22https%3A%2F%2Ftr.aubertolivier.org%2F%22%3A%22%22%7D%7D%7D&r=0.8817649858297176
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 12:54:23 GMT
last-modified
Thu, 12-May-2022 12:54:23 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22tr.aubertolivier.org%22%3A%7B%22https%3A%2F%2Ftr.aubertolivier.org%2F%22%3A%22%22%7D%7D%7D&r=0.8817649858297176
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Thu, 12-May-2022 12:54:23 GMT
1930
na.nawpush.com/tags/
962 B
675 B
XHR
General
Full URL
https://na.nawpush.com/tags/1930
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d38fe7a2b3f982950cf7d11c0a07ee81df110b0b8199a65cb588428c0b629fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 12 May 2022 12:54:23 GMT
cache-control
max-age=300, public
content-type
application/json
server
nginx/1.18.0
content-encoding
gzip
x-proxy-cache
HIT
wp-banners.js
js.wpadmngr.com/npc/sdk/
0
238 B
Script
General
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:23 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 12 May 2022 12:59:23 GMT
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9636.Yt1Rp-9jmIylANTUSvsVBhCgUICNTYWtmfOyYXGIODHZBjYSiIb73chK3CaaKIAH.fn66LAXJ0KwiDBdZ0VPCGTtxnyk%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9636.5F1GFndj4Fd_ilaZyNwPzqfBtaqSGEfPl-0L5VsVtTwJITX81c4MOaKXmIyFbUyjgRpNzxU-nmeD8v8DuwgK2qYddLcFGKTjI3oRDjDA4f0%2C.P_Dc0h914tJ61evbkaAnMM8vZ30%2C
43 B
333 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9636.5F1GFndj4Fd_ilaZyNwPzqfBtaqSGEfPl-0L5VsVtTwJITX81c4MOaKXmIyFbUyjgRpNzxU-nmeD8v8DuwgK2qYddLcFGKTjI3oRDjDA4f0%2C.P_Dc0h914tJ61evbkaAnMM8vZ30%2C
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:24 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9636.5F1GFndj4Fd_ilaZyNwPzqfBtaqSGEfPl-0L5VsVtTwJITX81c4MOaKXmIyFbUyjgRpNzxU-nmeD8v8DuwgK2qYddLcFGKTjI3oRDjDA4f0%2C.P_Dc0h914tJ61evbkaAnMM8vZ30%2C
date
Thu, 12 May 2022 12:54:24 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
124 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: tr.aubertolivier.org
URL: https://tr.aubertolivier.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:24 GMT
last-modified
Fri, 06 May 2022 13:09:00 GMT
etag
"6274f3bc-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 12 May 2022 13:54:24 GMT
pubads_impl_2022051101.js
securepubads.g.doubleclick.net/gpt/
368 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051101.js?cb=31067573
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
18671558a91f2408ed8f4fe539dc92741d4c3678e8f57ee3f1a53d09d69a9067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 08:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127621
x-xss-protection
0
last-modified
Wed, 11 May 2022 08:34:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 12 May 2023 08:28:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
53 B
90 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tr.aubertolivier.org
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
fceb4273c3dbb34bcce33c592977e314e2d864c65854bb2d03e3810a5a8cb7b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 12:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65
x-xss-protection
0
expires
Thu, 12 May 2022 12:54:24 GMT
fp
fp.metricswpsh.com/ Frame
0
0
Preflight
General
Full URL
https://fp.metricswpsh.com/fp?tag_id=1930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.6.85.88.23.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://tr.aubertolivier.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://tr.aubertolivier.org
Connection
keep-alive
Date
Thu, 12 May 2022 12:54:24 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
fp
fp.metricswpsh.com/
0
373 B
XHR
General
Full URL
https://fp.metricswpsh.com/fp?tag_id=1930
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.6.85.88.23.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.aubertolivier.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Thu, 12 May 2022 12:54:24 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://tr.aubertolivier.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
tags
notification.tubecup.net/
0
190 B
XHR
General
Full URL
https://notification.tubecup.net/tags?tag_id=1930&timezone_olson=Etc/Unknown
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.204.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-204-168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 12:54:24 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=tr.aubertolivier.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051101.js?cb=31067573
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 12:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tr.aubertolivier.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051101.js?cb=31067573
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 12:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
122 KB
32 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=830655573324336&correlator=521250030093550&eid=31067573%2C31067525%2C31062931%2C44755509&output=ldjh&gdfp_req=1&vrg=2022051101&ptt=17&impl=fif&gdpr_consent=CPY4iL-PY4iL-AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_drm56&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&adks=3452446671&sfv=1-0-38&ecs=20220512&ists=1&fas=8&fsapi=false&prev_scp=ad_format%3Dinterstitial&cust_params=site_domen%3Dtr.aubertolivier.org%26site_topdomen%3Daubertolivier.org%26site_referrer%3D%26site_hash%3D%26keywords%3DBilimsel%2520ve%2520e%2520itsel%2520web%2520sitesi%2520Aubertolivier%2520sadece%2520ger%2520ekler%2520Aubertolivier&sc=1&cookie=ID%3D894ed6d0b3bfa5a7-2281c00291cd00a9%3AT%3D1652360063%3ART%3D1652360063%3AS%3DALNI_MZBUoadwne-xX1yy7_W12k69mKAHg&abxe=1&dt=1652360064212&lmt=1652360064&dlt=1652360063276&idt=904&biw=1600&bih=1200&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ftr.aubertolivier.org%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=80802282.1652360064&ga_sid=1652360064&ga_hid=1407932583&ga_fc=false&btvi=-1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051101.js?cb=31067573
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ae12e78cf641c1ea834abcb6656f2ce52728fec84e07ac9f1b957e6af9399d8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33232
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tr.aubertolivier.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
419 B
256 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=830655573324336&correlator=521250030093550&eid=31067573%2C31067525%2C31062931%2C44755509&output=ldjh&gdfp_req=1&vrg=2022051101&ptt=17&impl=fif&gdpr_consent=CPY4iL-PY4iL-AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_drm56&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1600x90&ifi=3&adks=4119595564&sfv=1-0-38&ecs=20220512&fsapi=false&cust_params=site_domen%3Dtr.aubertolivier.org%26site_topdomen%3Daubertolivier.org%26site_referrer%3D%26site_hash%3D%26keywords%3DBilimsel%2520ve%2520e%2520itsel%2520web%2520sitesi%2520Aubertolivier%2520sadece%2520ger%2520ekler%2520Aubertolivier%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Ftr.aubertolivier.org%252F&sc=1&cookie=ID%3D894ed6d0b3bfa5a7-2281c00291cd00a9%3AT%3D1652360063%3ART%3D1652360063%3AS%3DALNI_MZBUoadwne-xX1yy7_W12k69mKAHg&abxe=1&dt=1652360064216&lmt=1652360064&dlt=1652360063276&idt=904&biw=1600&bih=1200&adxs=0&adys=1345&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ftr.aubertolivier.org%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=80802282.1652360064&ga_sid=1652360064&ga_hid=1407932583&ga_fc=false&btvi=1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051101.js?cb=31067573
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
2f17268f318b3c75e9d1a0fe20203fbba289ea0fd2e4290e22fa68bcc7b85706
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tr.aubertolivier.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EBA6
6 KB
4 KB
Document
General
Full URL
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051101.js?cb=31067573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.aubertolivier.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 12:54:24 GMT
expires
Fri, 12 May 2023 12:54:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022051101.js
securepubads.g.doubleclick.net/gpt/
36 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022051101.js?cb=31067573
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051101.js?cb=31067573
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
50a897de75bdd70ce9553f392452dde4204b135a36370814e5d29b9e80364ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 10:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
94433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13426
x-xss-protection
0
last-modified
Wed, 11 May 2022 08:34:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 11 May 2023 10:40:31 GMT
track
55e0337459.92333cc277.com/in/
0
199 B
XHR
General
Full URL
https://55e0337459.92333cc277.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIzOTA4Mzg4NDkwNzAxMjAxNDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMjUuMCIsInRhZ19pZCI6MTkzMCwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMjcsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6MH0=
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 12:54:24 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
build.m.js
js.cabnnr.com/banner-admanager/
29 KB
11 KB
Script
General
Full URL
https://js.cabnnr.com/banner-admanager/build.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
54cb8e486da94f8781faaf1f7d40d3f9533094059080406bc5eeb20d627e71eb

Request headers

Referer
https://tr.aubertolivier.org/
Origin
https://tr.aubertolivier.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:24 GMT
content-encoding
gzip
last-modified
Thu, 12 May 2022 09:59:16 GMT
server
nginx/1.18.0
etag
W/"627cda74-725b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 12 May 2022 12:59:24 GMT
cache-control
max-age=300
x-proxy-cache
HIT
csub.m.js
js.wpushsdk.com/npc/sdk/wpu/
33 KB
9 KB
Script
General
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d841724e5f355abec9cbf6eb3369b68a948b1b3a663828af811cea0a42bce90

Request headers

Referer
https://tr.aubertolivier.org/
Origin
https://tr.aubertolivier.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:24 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 12:09:15 GMT
server
nginx/1.18.0
etag
W/"626a83eb-8272"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 12 May 2022 12:59:24 GMT
cache-control
max-age=300
x-proxy-cache
HIT
1
mc.yandex.com/watch/71323803/
Redirect Chain
  • https://mc.yandex.com/watch/71323803?wmode=7&page-url=https%3A%2F%2Ftr.aubertolivier.org%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1...
  • https://mc.yandex.com/watch/71323803/1?wmode=7&page-url=https%3A%2F%2Ftr.aubertolivier.org%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3...
338 B
665 B
XHR
General
Full URL
https://mc.yandex.com/watch/71323803/1?wmode=7&page-url=https%3A%2F%2Ftr.aubertolivier.org%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A599%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A442771435995%3Ahid%3A47907720%3Az%3A0%3Ai%3A20220512125424%3Aet%3A1652360064%3Ac%3A1%3Arn%3A97634989%3Arqn%3A1%3Au%3A1652360064377118755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652360062709%3Ads%3A0%2C49%2C88%2C1%2C427%2C0%2C%2C442%2C15%2C%2C%2C%2C1007%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652360064%3At%3ABilimsel%20ve%20e%C4%9Fitsel%20web%20sitesi%20Aubertolivier&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
03e1b5dc0a9145745ba68c1f4986d36f6b09a55787d71dc8e6b87b4b2fd6b328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 12:54:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 12-May-2022 12:54:24 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tr.aubertolivier.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Thu, 12-May-2022 12:54:24 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 12:54:24 GMT
last-modified
Thu, 12-May-2022 12:54:24 GMT
location
/watch/71323803/1?wmode=7&page-url=https%3A%2F%2Ftr.aubertolivier.org%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A599%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A442771435995%3Ahid%3A47907720%3Az%3A0%3Ai%3A20220512125424%3Aet%3A1652360064%3Ac%3A1%3Arn%3A97634989%3Arqn%3A1%3Au%3A1652360064377118755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652360062709%3Ads%3A0%2C49%2C88%2C1%2C427%2C0%2C%2C442%2C15%2C%2C%2C%2C1007%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652360064%3At%3ABilimsel%20ve%20e%C4%9Fitsel%20web%20sitesi%20Aubertolivier&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://tr.aubertolivier.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 12-May-2022 12:54:24 GMT
51pb.json
newrrb.bid/
59 B
575 B
XHR
General
Full URL
https://newrrb.bid/51pb.json
Requested by
Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2dede7f555e008c8d5809e3bf6f18b8edb5636f9e0671ee920685a3eb8ab1e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.aubertolivier.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 12 May 2022 12:54:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taUirB%2Fmm8JwBuDtvWbfIuREz%2BT5frTZBaVpHuLspqktyeLOgtocgr%2F0vvVAfy2U4AZY3i9MhDkk2sMHAsIp6uDfHw8ZjOvHbg8%2FAuuee93KtFAIosFr4duDrjwq1J%2BAURa2d1LQbSM6"}],"group":"cf-nel","max_age":604800}
cf-ray
70a34d825d00739f-MRS
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220509&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3890713886363470&plah=tr.aubertolivier.org&bust=31067536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3a58d2453738bf7d524834b83a8d8d588a06b41b0b84b9248761fac156643c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 12:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10502
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3890713886363470&plah=tr.aubertolivier.org&bust=31067536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 May 2022 12:54:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CE9B
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.aubertolivier.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 12:11:09 GMT
expires
Fri, 12 May 2023 12:11:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 28E4
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6fd81d1401ac4a0eb40ca3ec1251c9e41320be43cd57c3e2c29235b59912f72e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-d7AXQEX1seEnA8srVsKjCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tr.aubertolivier.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-d7AXQEX1seEnA8srVsKjCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 12:54:24 GMT
expires
Thu, 12 May 2022 12:54:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 28E4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220509&jk=830655573324336&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

87D0VuGGyd8o4x1zT1VlOmQj8xrGMl1xcSeEyGhgSwY.js
pagead2.googlesyndication.com/bg/ Frame CE9B
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/87D0VuGGyd8o4x1zT1VlOmQj8xrGMl1xcSeEyGhgSwY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3b0f456e186c9df28e31d734f55653a6423f31ac6325d71712784c868604b06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 07:35:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
191961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13472
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 May 2023 07:35:03 GMT
generate_204
tpc.googlesyndication.com/ Frame CE9B
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?d0n7HA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D122
6 KB
3 KB
Document
General
Full URL
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051101.js?cb=31067573
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.aubertolivier.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 12:54:24 GMT
expires
Fri, 12 May 2023 12:54:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame D122
4 KB
634 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 May 2022 11:31:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 12 May 2022 12:54:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 May 2022 12:54:24 GMT
css
fonts.googleapis.com/ Frame C505
8 KB
892 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 May 2022 11:26:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 12 May 2022 12:54:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 May 2022 12:54:24 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame C505
2 KB
904 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:52:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 12:52:22 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/ Frame C505
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/abg_lite_fy2019.js
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 12:49:23 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame C505
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 12:36:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C505
120 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652096384767712"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 May 2022 12:54:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame C505
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 12:49:52 GMT
937d951ae0167fdfcf48a5545b1fd715.js
www.gstatic.com/mysidia/ Frame C505
30 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/937d951ae0167fdfcf48a5545b1fd715.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 08:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12375
x-xss-protection
0
last-modified
Thu, 12 May 2022 07:58:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 08:18:49 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/elements/html/ Frame D122
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
387
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8280
x-xss-protection
0
server
cafe
etag
1405619832300133377
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 12:47:57 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D122
205 B
294 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:12:15 GMT
x-content-type-options
nosniff
age
2529
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 12 May 2023 12:12:15 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D122
604 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:01:48 GMT
x-content-type-options
nosniff
age
3156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 12 May 2023 12:01:48 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5C72
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2798
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 12:07:46 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5C72
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
URL: https://655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 12:54:25 GMT
expires
Thu, 12 May 2022 12:54:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 12:54:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220509&jk=830655573324336&bg=!s7ClsPTNAAZX5TVhd-U7ACkAdvg8WgtHmU17qITwNI3sbHEwASr3VnvvdGPf7qOj--681M2N3hsXSwIAAAB1UgAAAANoAQeZAqksZYBUfmnjNK64k9bKKacATrtD0HcxUrysB-HLnxdnL2iqoJ3RDKTWi5JrvfxJ8nQUm8gq7Bbc3_oXur39k9fHRL1vqJDFkdnSBz9k51h4Rw83vYW_dUXi3uWsH58Jrn3Hsf0uQsZq-t1a4OuyPBgQRNpM3QsfjdeYAzRxy4Eb-3UYyLY44Br8vhmMDwqodf61JGkuvFv7NJZwP89wXVYdmSn5XFSCGzKJD5O9NBOdZfRhChJJUTiXeZXS267QRefavVAvSVAGSN-J4E5CjRAytk-Bo-NNt9-FCNlckdwDgAhVvGGKKaVb4ZEBVHLMWNql4B0o8qGw5s33ZjGSOd7EWFgk2XFHkLtYq4c37Jx26qRscqAIDDYTs2drqWMp7bvuo40SVD0TZIsqLFJXVagD1O8V6TQpiqWNuBY-GJ_NK_xJ-QKTSF6JEUd9oFjoi2kxJMRAvpmawYQJRgU5IRJKxsRg-lgc8GUgH9W_46-jIr85MRPf8nDtSkhHvzcczd_OitjgFdyh-jM8SPDIHNm2gOsWN-bu6s73X9Y08mT4QsIS2utHX8im0GY5iWmifkofhC4VB3KvsiEEbfkU3oCEpMZ8FNiPu0pnxGOx293ym8QoIWZ_yS4fTia3gAWZOe0ArFLXzS2NMrtKSpOwHSYnVqbU35F-CzIXf3oRA-EJq2FdgXwCRa626CyrAWyGsHXipNwapfZ_xVN8HsfgTWdVniwU-aaaQcEFEHqNQeFovh7CLLBSelWa2RaPvonAnPPLRpBaZyYY3e_URnPW6lE_7K36TuML3yS2TTAEV101BwYV3CkL2Q0b_BCIjlK5z2J9OA732-75Y8SEeAoK4DXS1ZXIH0j_2NwMCV_vN16tpJpLtqLbU0hkc027HyoggQTbHzFwsh2X3yI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.aubertolivier.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ls
stream.bantgoau.com/yt/ Frame BC85
Redirect Chain
  • https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksMjYsNDYs...
  • https://rtbrennab.com/banner/in/show/?mid=98132581&pid=0&site=10667&sc=DE&usage_type=DCH&subid=804035056&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.035&ecpm=0.035&crid=&crtid=d41d8cd98f00b204e9800998ec...
  • https://tcimp.zog.link/in/banners?katds_ep=6NhloIx0qcanw3U3lahsuOXusUCF2HjMMR3KqKUafakn-wKG9IjrH9s9_zEsZ7qrqS7uClMyedMrWpg1Tyu85Srx1mxoYfhgxhvw0aHpcsnO_n_iMbDsHxPkoaKuMTBu0uukUuHCLgZ137C0eSyFFoSEsN...
  • https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.043750&katds_labels=&utm1=tcb&utm2=803629811-1&utm3=195-21720-0&utm4=0-9033275-14&ts=1652360067
  • https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FflXyC3-fY_w%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%2...
8 KB
4 KB
Document
General
Full URL
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FflXyC3-fY_w%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.0160&oid=1850965&sp=0.043750&spp=1000&se=impression&vi=flXyC3-fY_w&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652360067&utm1=tcb&utm2=803629811-1&utm3=195-21720-0&utm4=0-9033275-14
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e7526ec98fb4a0ab22658f4c4087976db130e641ad297fbeb88bbbc6f97cf7

Request headers

Referer
https://tr.aubertolivier.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70a34d97e82f59a1-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 12 May 2022 12:54:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvkmkusBO%2FjXb0CgxQqiqp6LR%2BlgyoriPEOPS%2BRilBXQb6Y2%2B381Uj3QI%2FND8SZDZFtA%2FhiI2d%2F6ymFhyHBTvg65xSSkkUQpjHghLGiVZEVgDe4O12PUdJRqSEIGP3Fz0KxFPTUcdxOBrCiVQyEjFCLT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 12:54:27 GMT
location
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FflXyC3-fY_w%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.0160&oid=1850965&sp=0.043750&spp=1000&se=impression&vi=flXyC3-fY_w&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652360067&utm1=tcb&utm2=803629811-1&utm3=195-21720-0&utm4=0-9033275-14
pragma
no-cache
server
nginx/1.20.1
vary
*
71323803
mc.yandex.com/webvisor/
43 B
160 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/71323803?wmode=0&wv-part=1&wv-hit=47907720&page-url=https%3A%2F%2Ftr.aubertolivier.org%2F&rn=474901145&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652360067%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220512125427%3Au%3A1652360064377118755%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652360067&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tr.aubertolivier.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 May 2022 12:54:27 GMT
last-modified
Thu, 12-May-2022 12:54:27 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://tr.aubertolivier.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 12-May-2022 12:54:27 GMT
71323803
mc.yandex.com/webvisor/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/71323803?wmode=0&wv-part=1&wv-hit=47907720&page-url=https%3A%2F%2Ftr.aubertolivier.org%2F&rn=868506182&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1652360068%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220512125427%3Au%3A1652360064377118755%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652360068&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tr.aubertolivier.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 May 2022 12:54:27 GMT
last-modified
Thu, 12-May-2022 12:54:27 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://tr.aubertolivier.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 12-May-2022 12:54:27 GMT
ff159683dbce452dbc41714cc48a496d4bb58468-b.js
stream.bantgoau.com/files/ytls/ Frame BC85
2 MB
656 KB
Script
General
Full URL
https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FflXyC3-fY_w%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.0160&oid=1850965&sp=0.043750&spp=1000&se=impression&vi=flXyC3-fY_w&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652360067&utm1=tcb&utm2=803629811-1&utm3=195-21720-0&utm4=0-9033275-14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FflXyC3-fY_w%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.0160&oid=1850965&sp=0.043750&spp=1000&se=impression&vi=flXyC3-fY_w&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652360067&utm1=tcb&utm2=803629811-1&utm3=195-21720-0&utm4=0-9033275-14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Feb 2022 13:23:05 GMT
server
cloudflare
age
2361
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gkrMi%2FSsDUuvZQDntCxrzZ7Uiq0B%2FfQLcYpeGgXHt2CZUDcVtwXItDxa1uATiND2pC1qu1Fq%2FvFIg9snW9smnQVxBPq8t0Ai8tS0ZfcPZWY65hGNcBx5dNw9RXcH5ZSIJ6nNyCKwryjXUQ6xQhuzeBB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70a34d98ce2e739f-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 12 May 2022 16:54:27 GMT
VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
lh3.googleusercontent.com/ Frame BC85
39 KB
39 KB
Image
General
Full URL
https://lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FflXyC3-fY_w%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.0160&oid=1850965&sp=0.043750&spp=1000&se=impression&vi=flXyC3-fY_w&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652360067&utm1=tcb&utm2=803629811-1&utm3=195-21720-0&utm4=0-9033275-14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 11:22:56 GMT
x-content-type-options
nosniff
age
5491
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39552
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 12 May 2022 19:22:43 GMT
/
vs.bantgoau.com/sts/ Frame BC85
2 B
229 B
XHR
General
Full URL
https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FflXyC3-fY_w%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.0160&oid=1850965&sp=0.043750&spp=1000&se=impression&vi=flXyC3-fY_w&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652360067&utm1=tcb&utm2=803629811-1&utm3=195-21720-0&utm4=0-9033275-14&type=impression&g_referer=https://tr.aubertolivier.org
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:128:7:5241::2 -, , ASN (),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 12 May 2022 12:54:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
2
content-type
application/json
ff159683dbce452dbc41714cc48a496d4bb58468-v.js
stream.bantgoau.com/files/ytls/ Frame 503E
151 KB
57 KB
Script
General
Full URL
https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FflXyC3-fY_w%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.0160&oid=1850965&sp=0.043750&spp=1000&se=impression&vi=flXyC3-fY_w&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652360067&utm1=tcb&utm2=803629811-1&utm3=195-21720-0&utm4=0-9033275-14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:54:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Feb 2022 13:22:57 GMT
server
cloudflare
age
4929
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpyAp6SOyblEJqbPKeZqlkEVLo0iEsoAA9Qt7N2lu0GYmyt7YP33fguGuSljhdxCnwiR840Ftdc%2FH6aPWjuInEgv0%2B9UtiuebL%2Fz0sW52kHwq%2B9G6XXekDs0ZjjfIH8ihM%2F9BcRsh5RXjboAAxfHZPzN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70a34d9e3ddf739f-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
71323803
mc.yandex.com/webvisor/
43 B
145 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/71323803?wmode=0&wv-part=2&wv-hit=47907720&page-url=https%3A%2F%2Ftr.aubertolivier.org%2F&rn=75856530&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652360069%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220512125429%3Au%3A1652360064377118755%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652360069&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tr.aubertolivier.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 May 2022 12:54:29 GMT
last-modified
Thu, 12-May-2022 12:54:29 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://tr.aubertolivier.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 12-May-2022 12:54:29 GMT
url
www.google.com/ Frame 2D90
603 B
625 B
Document
General
Full URL
https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/flXyC3-fY_w%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
1be4ed72667d6620a97cf1b079960a02c05070065267f1910667c93f2c08d7b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://stream.bantgoau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in
unload
cache-control
private
content-length
603
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 12:54:29 GMT
expires
Thu, 12 May 2022 12:54:29 GMT
location
https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
flXyC3-fY_w
www.youtube.com/embed/ Frame 2D90
62 KB
27 KB
Document
General
Full URL
https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/flXyC3-fY_w%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
7b637e637fb35c706d2463ab5ddf729614d39fc5e108219adc0df310a84ad0b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 12 May 2022 12:54:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/8a298c38/ Frame 2D90
335 KB
46 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/8a298c38/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
877bfd2d71649f8bf5fca798c7b0100d50e7e5440c72eaed4528688e1626102f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 14:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
79057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47172
x-xss-protection
0
last-modified
Wed, 11 May 2022 00:16:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 May 2023 14:56:52 GMT
www-embed-player.js
www.youtube.com/s/player/8a298c38/www-embed-player.vflset/ Frame 2D90
278 KB
86 KB
Script
General
Full URL
https://www.youtube.com/s/player/8a298c38/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
35e84aafa79fca84178a0755bd9f5a1812fd0fcf926bdec4e502d4eeaf376324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 14:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
79057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87680
x-xss-protection
0
last-modified
Wed, 11 May 2022 00:16:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 May 2023 14:56:52 GMT
base.js
www.youtube.com/s/player/8a298c38/player_ias.vflset/de_DE/ Frame 2D90
2 MB
528 KB
Script
General
Full URL
https://www.youtube.com/s/player/8a298c38/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
8cb73692ebb021a4d99dd8b835299bf7ee1e5cdee5412eab380419aeaf2b6024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 14:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
79057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
540841
x-xss-protection
0
last-modified
Wed, 11 May 2022 00:16:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 May 2023 14:56:52 GMT
fetch-polyfill.js
www.youtube.com/s/player/8a298c38/fetch-polyfill.vflset/ Frame 2D90
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/8a298c38/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 14:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
79057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 11 May 2022 00:16:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 11 May 2023 14:56:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2D90
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/flXyC3-fY_w?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 11:18:05 GMT
x-content-type-options
nosniff
age
178584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 10 May 2023 11:18:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
template
URL
https://template/s021/fonts/pxiByp8kv8JHgFVrLCz7V1g-1.woff
Domain
template
URL
https://template/s021/fonts/pxiByp8kv8JHgFVrLGT9V1g-1.woff
Domain
template
URL
https://template/s021/fonts/6xKhdSpbNNCT-vWL.woff
Domain
template
URL
https://template/s021/fonts/0QI6MX1D_JOuGQbT0gvTJPa787weuyJF.woff
Domain
template
URL
https://template/s021/fonts/pxiByp8kv8JHgFVrLDz8V1g-1.woff
Domain
template
URL
https://template/s021/fonts/pxiEyp8kv8JHgFVrFJM-1.woff

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| zxConsentParams object| t object| e object| rbConfig object| _0xb25d number| zxadflg_rich_stat boolean| cs_flg string| zxmngname_ext string| yamId string| zx_domaine_ext string| zxadblockmng_ext number| zx_ad_flg boolean| zx_flgCap number| zx_gcWrk number| zx_flgOverlay boolean| zx_flgNative function| ZxStartMainModule string| zx_type_ad string| zxadpartner_ext object| __ZXNT number| zxCheckAbsStart object| __ZXCONSENT object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| _0xe9ce object| $jscomp function| $jscomp$lookupPolyfilledValue function| ZxStartMainModule21 object| __ZXCONSENT21 number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg number| ZxConsentCheckStatus string| didomiCountry object| didomiGeoRegulations object| didomiOnReady string| _CSS object| didomiRemoteConfig number| SesEOa2m2OKxd56JECgK string| rulvW5gntb function| updateRbDisplays object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| didomiEventListeners object| dataLayer function| __tcfapi object| didomiState function| google_sa_impl object| googleToken object| googleIMState function| $ function| jQuery boolean| sbi_js_exists function| Cookies object| addComment object| wp function| sbi_init object| mc4wp function| ym object| Sk boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| zxCheckAbs object| ZXNT object| ABS_URL object| DATAZXNT string| slot_ext string| zxadblock_ext string| domen string| site_topdomen number| prtintstlprocent string| zxAdUnit77 object| googletag string| zx_network_prefix string| zx_ad_slot_default object| adx_dfp_bloks string| zx_banner_w_default string| zx_banner_h_default string| BannerSize_default number| flg_dfp object| t2 object| e2 string| url1 string| url2 string| url3 string| zx_ad_place string| zx_ad_width string| zx_ad_height string| zx_ad_slot string| zx_ad_id string| ins_targets string| zx_ad_place1 string| css object| bsz string| adblock_html object| tt98 object| bsw90 number| cw number| ch object| bsh90 string| BannerSize1 object| __adFormats object| __formatsGetters object| AdManager object| a3klsam object| Ya object| yaCounter71323803 function| getCs function| __banner-init object| GoogleGcLKhOms object| ed object| google_image_requests

28 Cookies

Domain/Path Name / Value
.load02.biz/ Name: uuid
Value: a11415dd-f8c1-47a8-86a5-74bba804328c
.aubertolivier.org/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTgwYjg1NWEtOWNiMi02MGExLWI2OGUtOGFmN2MxYzgyMzEwIiwiY3JlYXRlZCI6IjIwMjItMDUtMTJUMTI6NTQ6MjMuODA5WiIsInVwZGF0ZWQiOiIyMDIyLTA1LTEyVDEyOjU0OjIzLjgwOVoiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.aubertolivier.org/ Name: euconsent-v2
Value: CPY4iL-PY4iL-AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.yadro.ru/ Name: FTID
Value: 1YVGD_3d92OJ1YVGD_000UHp
.yadro.ru/ Name: VID
Value: 2vWb3h3BIOeJ1YVGD_000UKh
.yandex.ru/ Name: ymex
Value: 1683896063.yrts.1652360063#1683896063.yrtsi.1652360063
.yandex.ru/ Name: yandexuid
Value: 1385782261652360063
.yandex.ru/ Name: yuidss
Value: 1385782261652360063
mc.yandex.ru/ Name: yabs-sid
Value: 516868621652360063
.yandex.ru/ Name: i
Value: CF6mVcNcEobZHw8QEdsNxulHiDVuaaYxe6Hp8Zgr1XUHGlApBKj4Z1fQ8+rt5FQdMIpBhuHZor28WTaQBJkHP6EirdA=
.aubertolivier.org/ Name: _ym_uid
Value: 1652360064377118755
.aubertolivier.org/ Name: _ym_d
Value: 1652360064
.aubertolivier.org/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 560322783fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1456894105fake
fp.metricswpsh.com/ Name: id
Value: 9622756661836167289
.yandex.com/ Name: yandexuid
Value: 1385782261652360063
.yandex.com/ Name: yuidss
Value: 1385782261652360063
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 1742183171652360064
.yandex.com/ Name: i
Value: As2J2Z1sUkWoyamSncR1D3FEy6Ctbn/Zz/gKS9Cl9xy3rIJ3J85whhqSm69BdgrHHHPD2TRleMCTgJkTnLNLhuFZPqM=
.yandex.com/ Name: ymex
Value: 1683896064.yrts.1652360064#1683896064.yrtsi.1652360064
.aubertolivier.org/ Name: _ym_visorc
Value: w
.aubertolivier.org/ Name: __gads
Value: ID=894ed6d0b3bfa5a7:T=1652360063:S=ALNI_MbgEbc_MPmS3yiRgPgdqG4UJi2iNA
.doubleclick.net/ Name: IDE
Value: AHWqTUlIHnfWaxuDUdQN4XPA_2woj5Kio1rGoRcYeM-1yM4nGJm00QmJmu6M1CRUuYs
.doubleclick.net/ Name: DSID
Value: NO_DATA
tcimp.zog.link/ Name: 750.0
Value: 1
tb.baimgfroggd.site/ Name: 1816.1850965
Value: 1

7 Console Messages

Source Level URL
Text
network error URL: https://template/s021/fonts/pxiByp8kv8JHgFVrLCz7V1g-1.woff
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://template/s021/fonts/pxiByp8kv8JHgFVrLGT9V1g-1.woff
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://template/s021/fonts/6xKhdSpbNNCT-vWL.woff
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://template/s021/fonts/0QI6MX1D_JOuGQbT0gvTJPa787weuyJF.woff
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://template/s021/fonts/pxiByp8kv8JHgFVrLDz8V1g-1.woff
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://template/s021/fonts/pxiEyp8kv8JHgFVrFJM-1.woff
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error
Message:
A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

55e0337459.92333cc277.com
655e8b01c4dbf2e385cbe038645e7099.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
aubertolivier.org
cdn.zx-adnet.com
code.jquery.com
counter.yadro.ru
cst.cstwpush.com
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
googleads.g.doubleclick.net
js.cabnnr.com
js.wpadmngr.com
js.wpushsdk.com
lh3.googleusercontent.com
load02.biz
mc.yandex.com
mc.yandex.ru
na.nawpush.com
newrrb.bid
notification.tubecup.net
pagead2.googlesyndication.com
partner.googleadservices.com
rtbrennab.com
securepubads.g.doubleclick.net
stream.bantgoau.com
tb.baimgfroggd.site
tcimp.zog.link
template
tpc.googlesyndication.com
tr.aubertolivier.org
vs.bantgoau.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
template
142.250.186.34
143.198.248.63
151.101.65.195
2001:4de0:ac18::1:a:3a
23.88.85.6
2606:4700:3031::6815:22c2
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2003
2a01:4f8:252:564d::2
2a02:128:7:4910::2
2a02:128:7:4931::2
2a02:128:7:5241::2
2a02:6b8::1:119
2a06:98c1:3120::a
2a06:98c1:3121::a
45.133.44.24
45.133.44.25
88.198.204.168
88.212.201.210
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
03e1b5dc0a9145745ba68c1f4986d36f6b09a55787d71dc8e6b87b4b2fd6b328
04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89
074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf
09826b400604cc624c1b66800896ddca207d4e1e93e7fa51c0b5dace3cfac723
0eb92f4478f8e38f9f62a2c23fa58ec27aff2cb92fc820f5544312073de4c69f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18671558a91f2408ed8f4fe539dc92741d4c3678e8f57ee3f1a53d09d69a9067
1a2bd42bc7fbd2e7c718771e120ebbd8073aafb021026fb34331f6e735023652
1be4ed72667d6620a97cf1b079960a02c05070065267f1910667c93f2c08d7b3
1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d
1f8d1575e642f5bf742ca3680f8c9b09b17ea98f3801d494fdb9ece009412654
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f17268f318b3c75e9d1a0fe20203fbba289ea0fd2e4290e22fa68bcc7b85706
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
35e84aafa79fca84178a0755bd9f5a1812fd0fcf926bdec4e502d4eeaf376324
3a9c1bc51c023863c9d694f94328751698c7836e6e352ecfd22d099c2d1133b0
3b592693b3325a2c86be47818423b13daaebf598ca354533a513c6212da412bf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
427cf530861f76c89c9a5a767cd4c0a9cd81e2a19880cfb8ee0aa6b4f8ce4788
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d841724e5f355abec9cbf6eb3369b68a948b1b3a663828af811cea0a42bce90
50a897de75bdd70ce9553f392452dde4204b135a36370814e5d29b9e80364ff4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cb8e486da94f8781faaf1f7d40d3f9533094059080406bc5eeb20d627e71eb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e7526ec98fb4a0ab22658f4c4087976db130e641ad297fbeb88bbbc6f97cf7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6661ec634c913aee431e00c8d5619097c3a6978882bc61044c257701a49d731c
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
6fd81d1401ac4a0eb40ca3ec1251c9e41320be43cd57c3e2c29235b59912f72e
74f3ace908ae9e42d0c48fc1228e66dccfd019362d603878e983b66994251944
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b637e637fb35c706d2463ab5ddf729614d39fc5e108219adc0df310a84ad0b8
7ec235c72059ac01875452439de68c849fa9bddd8bafd91e04ad72910272ec04
814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
8659f379589f8b898c0c3adf8cabdabbb4bf6d1f649d29410b5f8345a88727ed
877bfd2d71649f8bf5fca798c7b0100d50e7e5440c72eaed4528688e1626102f
87ff2962bd99caa469e4c3b923b9a8a676b2c46f209b80ff4ac5579019ab495d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cb73692ebb021a4d99dd8b835299bf7ee1e5cdee5412eab380419aeaf2b6024
8f866e8257d53e6044641208c2e1094963571f7978ff4bf2f7a4b68b95985251
90c825e2825c27f08293bd32e7c0a4ea19e880bc38bd88190ea8eb1f7c48cd97
94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc
9664817e847880ba537d08c0a3bb7ec3c1f9776110e78406a24f748d2417b5eb
9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a2dede7f555e008c8d5809e3bf6f18b8edb5636f9e0671ee920685a3eb8ab1e7
a3ffe2b152a7828b7f491db25c8560b2796a69617176b8dfc9e669adfa59f652
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6490749576364e3a3bd85ac9cb33bb0470df4937c8eafb9135acae57c5e8055
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ae12e78cf641c1ea834abcb6656f2ce52728fec84e07ac9f1b957e6af9399d8b
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4
b9aecddc90a23bdd5e76d6c361918f09324585216949484eb05cb03bb7c7be3e
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
ca05f28587cd8ab461b3a23855e358f65f320316d92796cbbd78a1e333df4f7b
ca59097e658f4a32803ef2560bde74368e7f4e0559a635e85aeffc89c8202406
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
d38fe7a2b3f982950cf7d11c0a07ee81df110b0b8199a65cb588428c0b629fd1
da5cf6d16bdefe5c557e9960738168b2fede23ae02a3ce2925a93a2c06fc0315
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10fd88c3496b700fe1bf3cf205d6e10d635331860d9b809c9d107861914288f
f3a58d2453738bf7d524834b83a8d8d588a06b41b0b84b9248761fac156643c1
f3b0f456e186c9df28e31d734f55653a6423f31ac6325d71712784c868604b06
fceb4273c3dbb34bcce33c592977e314e2d864c65854bb2d03e3810a5a8cb7b5
fed346aadaaa10ee12546c574b52cf9298cc205d9249e4548385987921cad563
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68