tsgos.com Open in urlscan Pro
2606:4700:3030::ac43:94d3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tsgos.com/
Effective URL:
https://tsgos.com/
Submission Tags: falconsandbox
Submission: On December 23 via api (December 23rd 2021, 4:31:57 am UTC) from US — Scanned from DE

Summary HTTP 90 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3030::ac43:94d3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tsgos.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2021. Valid for: a year.

This is the only time tsgos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 43	2606:4700:303... 2606:4700:3030::ac43:94d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	104.20.229.67 104.20.229.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
90	15

43 2606:4700:3030::ac43:94d3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tsgos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	tsgos.com 1 redirects tsgos.com	771 KB
24	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	340 KB
7	doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	75 KB
4	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	gstatic.com www.gstatic.com	13 KB
2	googletagservices.com www.googletagservices.com	74 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	google.co.uk adservice.google.co.uk	914 B
2	statcounter.com secure.statcounter.com c.statcounter.com	14 KB
1	2mdn.net s0.2mdn.net	34 KB
1	googleadservices.com partner.googleadservices.com	643 B
0	juquery.com Failed www.juquery.com Failed
90	12

	Domain	Requested by
43	tsgos.com	1 redirects tsgos.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net tsgos.com tpc.googlesyndication.com pagead2.googlesyndication.com
11	pagead2.googlesyndication.com	tsgos.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	tsgos.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.statcounter.com	secure.statcounter.com
1	secure.statcounter.com	tsgos.com
0	www.juquery.com Failed	tsgos.com
90	16

This site contains links to these domains. Also see Links.

Domain
wordpress.org
facebook.com
plus.google.com
twitter.com
pinterest.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-06` - `2022-12-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://tsgos.com/
Frame ID: 1235759CA372D9C7DF6B280FA73ECE56
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: BC8C164DE9327581DABC6741C7406244
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&adk=1812271804&adf=3025194257&lmt=1640233911&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftsgos.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640233911784&bpp=3&bdt=272&idt=84&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5392927221095&frm=20&pv=2&ga_vid=1355121973.1640233912&ga_sid=1640233912&ga_hid=236855332&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066434&oid=2&pvsid=2485798871800098&pem=166&tmod=327&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99
Frame ID: F233C5BD43DFD0C6EF2B6435F2A86220
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&h=600&slotname=2458497676&adk=646582030&adf=45027081&pi=t.ma~as.2458497676&w=175&fwrn=4&fwrnh=100&lmt=1640233911&rafmt=1&psa=0&format=175x600&url=https%3A%2F%2Ftsgos.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640233911787&bpp=1&bdt=274&idt=100&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5392927221095&frm=20&pv=1&ga_vid=1355121973.1640233912&ga_sid=1640233912&ga_hid=236855332&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=306&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066434&oid=2&pvsid=2485798871800098&pem=166&tmod=327&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=1ubGRgtFtv&p=https%3A//tsgos.com&dtd=104
Frame ID: 6A24A66920AAAD620D8D514ECA270AB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 77DA8C7FFCF6A9E45D3A74642EA99713
Requests: 5 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstE8IeJBRWWU96ACGREEiktrzRNkYN6Y8ZV-JJPVthfOZYDRY8i54BkduuitFU2KmxV0lMdMOGor_ZyO_8csBjuMWnwIgZSr8MFIo6wxSKOMUEVdZ008kHT41kmbF_e778_VhRvVuOVjaDlNF8zN8L3kzpXNp8gJvS-5Ae9cRJ6Y3llJWd9hydKUalCsrneTFkdmwKVxTPvFOc89D_SUA6wsY8tTZ4pCjpAGHxBcCJEvW7cc72_74CCSAF-VxcbnLKrqkiTx5gr-haJh3tuKmMwAKFgFHHob3Hz6bEqSxQN7tNnR5imdGRVuLajczKbNjd9h1yv6tfKpfStGaIuPDbS2IvciPlMlq7QjRqF4NRUfx4LehrT8yfKakATvmmp9JRrIcTGu8nb_QMCbgaRZwNkiQyplcFafDsC4meizHTVXgQIxRVxCOq_VX5zarjKtp-_LE_cA6-M0Ro-JtAR5BPsjxMKrJtHuqLsOCmeSl_rayEFvft7tVjmcyQtMjqQQlF1ao16vYZR32oUxt-gGBp45bKPs2SETDsZKt5wOiXT1BxyhNujcUA0lV5oza0yshnmK5pLkF35nfCrDUPDMK12l7W_wixg3aTuX34bUsPtPnTpGy_7pE8mPQReBXyQGr0CzsjLhbyHObM1kUkEIDZCWJmLlDWehRXhfTh3Y6nZCHBZZJuzOEMMhiS_OnObnNMka2xG-lmnVMIagFymsx-DaQ0ge88X3x_321GzDomgyWePbkQhjypzdQEuSOyY9jzlNxvqtFQc1z8idaiO_Im589RYFIA6PiB2xqchbT343yoCuLjSWbSsU0bphxXaLzB59biI4NRna-wlQWCFC1TbxBNaA0fl7c1bJZyMZJlihhmVWSu1gg1BraSk3GHpU75BAeNsy1qIpn6ZOM_zpi8boJpsckZr6nmeS4ugmA&sai=AMfl-YS_lDYQlRxFPIJWpUL0B-k-YgjnyUn4bl8oAu4av60aGDAq57p1RDDELA&sig=Cg0ArKJSzPWccYVl2E3SEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 85DBBCE44E413C8ADE534A0A848EFF57
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1947B30D9A2BD16F62C477D44E510A8B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6DC429C441A684987250F49F22996ECA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6D1160AA4C9783F24956CEE04923F661
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Frame ID: EBC6BD9DC1C971D4C9F833DA833C034A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DBD2E98F9D57EAF4694B250747CBF798
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 735EA210A4EC322C015B54A363320B89
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TSgos.com - Mom And Kids Activity

Page URL History Show full URLs

http://tsgos.com/ HTTP 301
https://tsgos.com/ Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

90
Requests

99 %
HTTPS

79 %
IPv6

12
Domains

16
Subdomains

15
IPs

3
Countries

1324 kB
Transfer

2480 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: https://facebook.com/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://plus.google.com/
Title: Google+

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/
Title: Pinterest

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tsgos.com/ HTTP 301
https://tsgos.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

90 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tsgos.com/
Redirect Chain

http://tsgos.com/
https://tsgos.com/

49 KB
9 KB

2325ms
2307ms

Document
text/html

2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e333c73bc41a62e48f5365575c6bbcf5146c4f536b840f33c74def783063217f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-type: text/html; charset=UTF-8
link: <https://tsgos.com/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=0
expires: Thu, 23 Dec 2021 04:31:54 GMT
vary: Accept-Encoding
x-ua-compatible: IE=edge
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrwXwYc6tPM%2FY%2Br1Vx3gScGrsrOLCK009pNAkgFGTGkKiBkFGrprvdYOWBZKPsoEAUn4bTLLCZZNxHBAWLHs%2F50fN9i0yzB1gQTaBNuR4U2aVKyJRvUF1G55FSgqcenUOMMp8NI%2B%2BwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c1edccc8ee04ec8-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 23 Dec 2021 04:31:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 23 Dec 2021 05:31:49 GMT
Location: https://tsgos.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjgf7ieP8Hv29qllgfwqFXyxYMmd%2BnqnQQeRnvrV%2BaTWgucB%2BVLZR6hVRFMC7ZdlprOmvswa5as%2BNxoPeM2PKWToAZVZHV7RfOPB%2FXnabebAaN0uCfbI2RlJh1pzL4nW4NaIuBPNw%2B0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6c1edccc583d4a74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
tsgos.com/wp-content/themes/tsgos/ 16 KB
5 KB 16ms
15ms Stylesheet
text/css 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/themes/tsgos/style.css
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b0d0e7c5b7486e204d94e5d9b025cbbc9291940522228972d3076d204008f0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jun 2021 06:39:40 GMT
server: cloudflare
age: 3005463
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12CjXDJmMyzF5W6eDd0buaHgc%2F8v%2BNvinC6SluCRfsSj9NuM5Mke7nS5%2FPv2x7kH3WQ28XXF7DKOTCQbKb7fmyNxyqy7ONjh05aALP9W6n3Jz%2FUe3u%2Bqa1WucdLP4MwgpOZ8MTS24wQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdb3d304ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 18 Nov 2022 09:41:00 GMT

GET
H2 200 style.min.css
tsgos.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 15ms
14ms Stylesheet
text/css 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: cloudflare
age: 3623554
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlMywCmr4W9Us%2FvsuC8JUoxu%2FjGDHekS06Jzh1mqkUTYBjk5DiJ1QqgMQDU%2BRVnKHTnDTWzeV3xjFhdnZXJCOV92UVBliWKlSLXo9OPNRn6Uf5fwTSSdESQ%2FdMTEq0k2m%2BsHus9C0Qc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdb3d314ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 11 Nov 2022 05:59:27 GMT

GET
H2 200 wpautoterms.css
tsgos.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 547 B
482 B 17ms
16ms Stylesheet
text/css 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=5.7.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 01:55:15 GMT
server: cloudflare
age: 3623554
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0SxUa8Qzm2K%2FVE7d9J5JjYnZUnuAgJAtjIYFog8kUeWoSgO5J%2FHa8cQOwYt4jEcF99tWoPxrU75LHVRZWHz2Z%2Fdr0gAyzYm3abAp2zrxsqMOiYi1gbWVeRRQVvRjxszhJEabPb7dn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdb3d324ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 11 Nov 2022 05:59:27 GMT

GET
H2 200 styles.css
tsgos.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 15ms
14ms Stylesheet
text/css 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Nov 2021 01:54:48 GMT
server: cloudflare
age: 2062903
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4h9ipw70KGw6k%2F7Eiv9PQJ2gP9LymNmfQ37EJLVvWuo3t77%2BNXf4nUgim65HzNntQbLYYYP2tPitGrOF%2F9KLcJi7HSy0LEkcBV3ltcCiPvSSjr7OK6l5fEk3b7GrKazaCkHQvdgamM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdb3d344ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 29 Nov 2022 07:30:08 GMT

GET
H2 200 jquery.min.js Show response
tsgos.com/wp-includes/js/jquery/ 87 KB
32 KB 20ms
19ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: cloudflare
age: 6030478
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Km7Sts7fwMpPsFLqeE9zjesDuCzPLuot437j15iZCqq3wcHBLaEaRYR%2BpjpLLDOmkajFHm5i0sdq6fq7OU6iwmfFkeCEOWv7YS0myvjRRfe1au5mqic02XdlxoYuIlydlRjmh7KU4kM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdb3d364ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 14 Oct 2022 09:23:57 GMT

GET
H2 200 jquery-migrate.min.js Show response
tsgos.com/wp-includes/js/jquery/ 11 KB
5 KB 16ms
16ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: cloudflare
age: 4837909
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfjwTYXXaOTsrcasIQjyknDPEFtotq7OlWC2M2zNKTdWZquV3qO0zkcvkcnF8a2jIqnhP2Je9T95TRPTMhMUbuP7no7x1vR1h8ioyh1l5EJ7riHhSXyfB36rRYkUkSZM4u9V35zPmRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdb3d374ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 28 Oct 2022 04:40:09 GMT

GET
H2 200 wp-polyfill.min.js Show response
tsgos.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 24ms
23ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 11:50:29 GMT
server: cloudflare
age: 6030479
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQNDE5%2BUZoMR5uVQk2ZiUmfqX%2B6lmsEuxDSjNEVvP%2B9d8RceNndL6Udi%2BAjMathb5jN8Tk%2BxamEN0FImZ%2BDt8Ko15US6eQpTT6bimwSqDQQ3aGQNuV%2B0Q1FimXIrVzzUszt4dy8U3qc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdb3d384ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 14 Oct 2022 09:23:56 GMT

GET
H2 200 dom-ready.min.js Show response
tsgos.com/wp-includes/js/dist/ 1 KB
939 B 16ms
15ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/dist/dom-ready.min.js?ver=93db39f6fe07a70cb9217310bec0a531
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4213eba6c464b3ca6fc71c748e2ba99f63f7f0b624199fd44127da67e40a3003

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Sep 2021 13:55:41 GMT
server: cloudflare
age: 6030479
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68uM%2FNhCwtkqkkZ3eWVxi9voXYePnunh6OX8FLqT7XQ7urq%2FyuN%2BMh%2FjGhSifplcJtM7rg6I0ss%2FSZOEkwLe2axqMwU%2B48CVnPEdpIoj0iZuYAgsZtVTpmtejnukjfSRLhr%2Fgg9vN%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdb3d3a4ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 14 Oct 2022 09:23:56 GMT

GET
H2 200 base.js Show response
tsgos.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 720 B
832 B 18ms
17ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.9
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Dec 2021 13:54:52 GMT
server: cloudflare
age: 160503
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLsojr9L0FmtbP3sLjKj2aBO4VbHV%2FFEFWmeTHNrj%2BaI4dQ8sqWoQ7yk2fbsff8Yd0KPhbcVQ%2FP5HAk2p%2Fi9p5dBTLG6VztJk9Ppzo2iPCtl32F1MHtR28AogSjILGuKapw91KNcEHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdb3d3b4ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 21 Dec 2022 07:56:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 53ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3047704409027046

Requested by

Host: tsgos.com
URL: https://tsgos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ebe7eae381b0f4eaa45660d262fecd6b2e5e3eeddac6d8ba533fcdb52c7084b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsgos.com/
Origin: https://tsgos.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51806
x-xss-protection: 0
server: cafe
etag: 10198231155243139456
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 04:31:51 GMT

GET
H3 200 LOGOTSGOS.png
tsgos.com/wp-content/uploads/2020/03/ 17 KB
18 KB 13ms
13ms Image
image/png 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2020/03/LOGOTSGOS.png
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d455fbe48a68f48891359a4545c4e3ef5096b24fab909fde8bd534cf9192eef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 845092
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17413
last-modified: Wed, 01 Apr 2020 02:35:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wwjNle5B27VBIqzNk8G11yESlD6mdE8wjcdXsYvhQ0UVC6KWVvNZpA6OSdrwJkzR8fzZ68Aeg%2Fjiyy0dEnuQz4ikelqmfh%2BAIfgkSA3REY5ux7MiIYFhHRPB24ogkN6BZc70VwTV%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c1edcdbcf5143b8-FRA
expires: Wed, 12 Jan 2022 09:47:02 GMT

GET
H2 200 counter.js Show response
secure.statcounter.com/counter/ 39 KB
13 KB 47ms
15ms Script
application/x-javascript 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.statcounter.com/counter/counter.js
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 11:08:17 GMT
server: cloudflare
age: 34077
etag: W/"61656ca1-9cdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 6c1edcdbf9227027-FRA
expires: Thu, 23 Dec 2021 07:03:54 GMT

GET
H3 200 jquery.modal.min.css
tsgos.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/ 3 KB
2 KB 18ms
17ms Stylesheet
text/css 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.css?ver=4.3.23
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Oct 2021 01:20:06 GMT
server: cloudflare
age: 148794
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrYU8iGgXFgrsg%2FhLGN2QdEJUJr9QtObwIvcd5K3QDeowk%2FfpvS1JlMrJGDkpI9%2Bb3HFDx4OES7mMBeiUM8MliXKimTSJGxSmeZv5VFhkOIkYuus%2B2lL7IppPyOFfT3yKvXYho2KKhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdb7ebd43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 21 Dec 2022 11:12:02 GMT

GET
H3 200 index.js Show response
tsgos.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Nov 2021 01:54:48 GMT
server: cloudflare
age: 2062903
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiR%2B9Zosu51lqlcfp%2FUOc9RDT%2Fc6r8jLbQy9z50mkNEU%2BchA4ViUvz0lsbY0mFqzHRPPd9Rd9VBm%2BOt9iM%2FHZNOgmEATTZAPWvvZ6c6SUDWAAbvrwQ%2Bq86fde0UzoN0kOi6%2BVBEJJ6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdb8ef143b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 29 Nov 2022 07:30:08 GMT

GET
H3 200 js-mainmenu.js Show response
tsgos.com/wp-content/themes/tsgos/js/ 845 B
1 KB 21ms
20ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/themes/tsgos/js/js-mainmenu.js?ver=5.7.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b994007d2f4abb80074dd18e5f3352a319857554ac530dceb5f110f329a1f2da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 30 Oct 2019 20:19:52 GMT
server: cloudflare
age: 3623553
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEEwPBsx7B4iB7tDnki17qRpecgLJol%2FMaJHtF0ecYEVWTkvE7SyXG4ynC3RjrLC9OfGNp4%2FNsTGuU0vx4wdtp%2BZ1R1r4EL1W3gq4FdSwgiOZ7HnabJiN0ouzTpYFMlA84MSkVf%2FzcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdbcf4a43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 11 Nov 2022 05:59:29 GMT

GET
H3 200 wp-embed.min.js Show response
tsgos.com/wp-includes/js/ 1 KB
1 KB 31ms
30ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/wp-embed.min.js?ver=5.7.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
age: 165544
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8K4nAVKG6bfWZgjJLGBhUcs63SgSKTkVuEJzvujA3rkkDV8p3RjEDB00tOoFqvbVblnwxvkD2rtrKcJ8wPKNy9XyDj1WR2rnQSqWRESZUQi5rNnV1882WrKIsKOnI9TwpYU5VCA%2F1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdbcf4e43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 21 Dec 2022 06:32:52 GMT

GET
H3 200 jquery.modal.min.js Show response
tsgos.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/ 5 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.js?ver=4.3.23
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Oct 2021 01:20:06 GMT
server: cloudflare
age: 1147166
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQihDNnP7%2BjJCgFYYMYx6STTPGmYCiKUY2xPV4EGYVdBcVl%2BeL6CY7YQjE9CkrsIYDEYFCHIEWAE4vO0lhDbi60dIx0jw6sm84OsX8zInp%2FVultIBRqViUbz8CoruaLjZHVkntOmboI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdbcf4f43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 09 Dec 2022 21:52:28 GMT

GET
H3 200 wp-emoji-release.min.js Show response
tsgos.com/wp-includes/js/ 14 KB
5 KB 23ms
22ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
age: 3623550
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07WoRk0zUp9qfUVQGHZwUukBmyQDNBI4OwVE9fP68Bs37K%2FlmffZ1WTQjUvXOoANE8%2BOVv77kuGiRuc7WCf7Gdi5S8I9NHDK4pA9FMR7gOBY4z1eJ0favDiXImxGJEh%2Fjd2FwE%2BnJ2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c1edcdbcf5443b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 11 Nov 2022 05:59:32 GMT

GET
H3 200 list.png
tsgos.com/wp-content/themes/tsgos/img/ 107 B
696 B 24ms
23ms Image
image/png 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/themes/tsgos/img/list.png
Requested by: Host: tsgos.com
URL: https://tsgos.com/wp-content/themes/tsgos/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90f27b76217a9b142f9f3c5157294d3f2e978045b2ac8c42545949b0ed9915c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/wp-content/themes/tsgos/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 845092
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107
last-modified: Wed, 30 Oct 2019 20:19:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltl%2FmRmCeQ%2Fa9vTqM%2BETjwTaG1Vlms6yMa%2FZAa2pUCghVaXZz7xtXcRtKhf2d2VN6aUXJCfcNPfy07Sj31wFwmjLEKRSsnTXYMC8jlX78dqujoHFe5SnfRF%2F86oA0lgSM69yn%2BNxAJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c1edcdc1ff543b8-FRA
expires: Wed, 12 Jan 2022 09:47:03 GMT

GET
DATA 200
OK truncated
/ 202 B
0 Other
image/svg+xml

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db8d2ade6dc2d26b101bba3127d3476bfacfabf1148cccc34adc654fd6cd448a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cute-dashi-octonauts-christmas-coloring-page-300x350.jpg
tsgos.com/wp-content/uploads/2021/12/ 15 KB
16 KB 750ms
748ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/12/cute-dashi-octonauts-christmas-coloring-page-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2129d4f113bddb54138e7ba84247fac83bfc43e3794fc6b9913beb03b14b7d22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Dec 2021 07:50:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49lLxI5Zbcjal%2FNQi7gJWOIE9KQFtpDmubhf8x8aLQsqPpi%2Fz5RQ22uymUAmO5viB3kPmMvvDtExxJGxpWwQ%2BLmy1jRvYEwCpfiVjzB%2FeB7ur8GtTKX2a7ZK0eYs3USOkrJK6jJ5Bw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc583943b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15423
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 otis-the-tractor-coloring-page-300x350.jpg
tsgos.com/wp-content/uploads/2021/12/ 23 KB
24 KB 849ms
848ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/12/otis-the-tractor-coloring-page-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa6da378536786b920c80c12674408789e0d83a619ff727b7d752660bea90f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 07:35:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3O50RCd5LrCUX8DXJS8TIqMXxYKBQiOi2mFV1ZZJp1Sb1YuXmQs7s8wGpQodhHPSsoNJ1azfDTMLG3DrEEmrxnI%2B2KtIEPKHJDAG7aeiqcaUrDNvw0YHwoOEfVEkf3%2F%2FzRUtWs4Ql2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc583d43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23865
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Kids-Love-Grinch-Coloring-Page-Printable-With-Tree-300x350.jpg
tsgos.com/wp-content/uploads/2021/12/ 39 KB
39 KB 942ms
940ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/12/Kids-Love-Grinch-Coloring-Page-Printable-With-Tree-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ef36c23fc3bb975205898dffb3ce93e30598f632ef71100c5c99d63c07ad26f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 01:17:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kn0w063pqmkh0lGQMZV42RyeLrBJkpltPs%2BR5N59odzRvl2O0cHCuNuRTdo3kZ2g11M7OhUiMVikmQ%2Fg4CjvZGxrpNS0YcvuMbFCdg1AlK%2BT72WaHmZQ0wGLSk9ftR1zcr1KN8q3XMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc584043b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39693
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Among-Us-Coloring-Page-Special-For-Christmas-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 32 KB
33 KB 809ms
807ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Among-Us-Coloring-Page-Special-For-Christmas-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20445967c2d0b2ccdb216b16a2952bf07d5d0acc8901e412d02222effbd8d4db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Nov 2021 01:57:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AONiW6I2tJBSFwjGeyKk4a3B4TnkohxbDZZQGg3jEdBy6uVBTplQu8iAiQ4exg%2FjIABAsBFst1jKsx1rmew7%2FCHOhnZ4jWhmjIsSyA1TuWmYTgef4UKlfQJO%2FeOoaNg7NAt9HONXHYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc584143b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33045
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 happy-thanksgiving-turkey-tsgos-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 13 KB
13 KB 681ms
680ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/happy-thanksgiving-turkey-tsgos-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1074e3f2a00d8da8377da439fe8e2a1e49d61e2af6d2c4ab34de4dbd5e4baa1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Mon, 15 Nov 2021 03:52:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjuB55nLHB16lmqJfkuob%2FxfKp0nM%2F5tCUhjscrnafOAfjoftZugSShAg4V6KtWRmfOkIuQN8Nw0b3lli46XkxKfbRpLjDpgL7h929JBzGbk3EnO8%2Fm5uguCaYEq%2FjI7CtUEo0ZMLKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc584343b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13161
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Among-Us-Special-Thanksgiving-Day-Coloring-Page-Printable-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 37 KB
37 KB 945ms
944ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Among-Us-Special-Thanksgiving-Day-Coloring-Page-Printable-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aeac5cb758cd5903c8b911426ac4ab780c51e55b655d4874cfaefd5f8710058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Thu, 04 Nov 2021 01:42:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcTjvRWIFA8%2F3tHZVSZNVzDZKe5pTdAsFKVn%2Fl7z0SqWr8xUAtif7nIjdRODd%2F4w9CnDvDhgJQdMk4PIrZsKtJtIkDH%2BLP%2FoYLw0YotPicpwVxndx28HpqTGV9%2F7TkSObXJxtlD0FMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc584443b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 37502
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Unique-Skin-Among-Us-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 29 KB
29 KB 815ms
813ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Unique-Skin-Among-Us-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8648530f2dbd2de47da2cb5489a0235e44e5f86b36446a5c7ed52d99f458e7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Thu, 04 Nov 2021 01:25:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZp44uphi4eTDKSDNlBnRCxcfQbBtllrJqkPCCUlXRm6vMTCJWT2rc3hOdaxZBGhVpWF9a2ys%2BQld1jYB3r77XMVCiVAi6lut23huF%2FQJnOhQ%2FHP9lA8qLiyPYsNo4%2Fvx0cMaYPPmKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc584543b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29615
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Kawaii-Little-Mermaid-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 30 KB
30 KB 807ms
806ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Kawaii-Little-Mermaid-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed16a2a968148428297b2997f50da2acd51ce125a73ad642f017a0429ae53119

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 02:09:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpTxcHAisx%2BST1MBMdnJy2gzflwL%2F%2BUaavcbCifjIpunD8FbVB96eTw9bQTadZKuok8sVarJhuwvYU3pPXL1LU2%2B32hgIsrx%2FuDhiOa7B4AThyU0pNXV2%2Fn1VrxRpbOxUzznVg4ZzVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc685943b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30237
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Pokemon-Charizard-Free-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 29 KB
29 KB 818ms
817ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Pokemon-Charizard-Free-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98acb50a63047f16eac68d34144d1c73ee9fcc80bb9d0767785d5c39bbe4b5a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 01:00:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anDoe7NROglDgalZzJAIxkh%2B8sIiCBsYJSNwFYfdgVVDo5YCW7cLaHMypaNZoiUkgsgC4PZpB2XUibNzUoRLK2ZPWWm1%2BGIcVFgKeYZSRx5mJldNq6SwIn41SwuBSaT8gbWcEkC%2B220%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc685a43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29538
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Cornucopia-Happy-Thanksgiving-Coloring-Page-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 32 KB
33 KB 939ms
938ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Cornucopia-Happy-Thanksgiving-Coloring-Page-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b85ab9c5d80e81f67926eb6f08dfa51fb59352a973a8b9e676ca7174754b6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 01:21:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hz6M7ZETaT25euj%2FPgGlCLOnuv8V3FrC3zIslx79Ve1M75aDtv13voUcoyGe%2BzIcCjsTG2PkE3BJR04p72E2JAFNqqZnY%2BzwRijbT0Hggs17wbe%2F8K25QLxSm1cNDr75OHnRHMhb0b8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc685e43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32985
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Super-Kawaii-Pizza-Coloring-Page-For-Toddler-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 29 KB
29 KB 871ms
870ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Super-Kawaii-Pizza-Coloring-Page-For-Toddler-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 366f102bbfed041461b6ecafcac7c00dd4f6be3da40aa69da2f00a31775093eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Nov 2021 09:20:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aB5fQ51UP2rYb2H%2FFOOhsT7zS%2BjkTXdfTk%2BBFB3mJMVMKgl5qywsni9s5HgznOKEsgqwsHiAz2cP0OFglCn0BeO%2F61ponZPQhw5I8GfWHT9txD2QltmLWBnKZghyzjplSndYuKn2hU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc685f43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29598
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Mom-and-Baby-Turkey-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 26 KB
27 KB 821ms
820ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Mom-and-Baby-Turkey-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9be255b79e70eaae1d5c45ee10a575dcd07e37edf54ee8b5a229c9dfd29cfbbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Nov 2021 07:36:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iUJv2Xi%2FveEW6W8Je3WjUQW87v1VQ56am5o1aiFmNaW%2FqHkrVdo4EMy5WdnbrMQ1LgmVf8B7mV4eOmq8UGPtAj1Zow5C9JYQApibHj%2B61R%2B5qmNBbLWWdek7lJfdRS06TUyJMBiLVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc686143b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26830
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Simple-and-Easy-Turkey-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 28 KB
28 KB 784ms
781ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Simple-and-Easy-Turkey-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3cbeabb5b498ceab8db507fe474af38aeadfe18ece9449cc25513e261a02cd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Nov 2021 05:14:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAQC9usUmn3GY%2Fz78l2nk3qun4qp%2FhdQJJA%2BMDZLFO2zPmO%2ByszsMZfDT%2B7wly4ItPo2EBZ8V8nw57edZoM5eKXtFwh%2BzVP%2B%2FbwVESjISpp9cdmU1OuIh35i5zHFVqgy4Z0%2Fs9lPI5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc686943b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28583
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Printable-Fall-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/10/ 35 KB
36 KB 869ms
864ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/10/Printable-Fall-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 693beb315db9c326590dc470b805e69d750382319626d598cd94f05a73168995

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Oct 2021 06:40:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FQmZpV%2BxAITVKaENEKE%2FGt%2BIPJNVoP2f%2Fi80w0DlBp9ZNA6XPPR7LXUkBr48e1SpWUQUj3%2Bt2rzCQE%2Bx83O5JVVfySo2qK5lmRZmSzBPOhLuaFvqvUV4FvVJacF8Qsx2esikgp64Ik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc787a43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36057
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Free-November-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/10/ 34 KB
34 KB 928ms
923ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/10/Free-November-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd6c8d0a9dd980b006b40c5194663fef45dd69875c38630bb91d5b5c9dfdca6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Oct 2021 07:09:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSxUOjPtngaEyrIwgjiiczfcdms5lrDcfx5tjKBuihJNjXVFsncFT81mV3EjpZiZFTsKjmCkQaTst045ora9TZ6MaGJU02SQrXS2VXbrAKSSN93Yp%2Bu5EcNusVm%2Bt5WLO4k56OB7GMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc787b43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34619
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Kawaii-Cat-Girls-Free-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/10/ 22 KB
22 KB 794ms
790ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/10/Kawaii-Cat-Girls-Free-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff32526e7a5abbb6b4ada1892114802b03c79a6c0fa73279e17feb67c3397eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Thu, 21 Oct 2021 01:20:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzLO1bxcV5x7kliSuewFusQgQoHCPY7Ap9ZtoKUVvle6GrOE5wdKS5IVbam%2F8DqGgNNgH8sU0m9Bvcnn%2FvV%2BZjyRPejQ2d01W87yfWgFM1Yxmi%2Bq2fg5iW%2FYvF2noXRunw%2FyNwbID34%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc787c43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22264
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Free-Naruto-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/10/ 30 KB
30 KB 822ms
817ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/10/Free-Naruto-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 253dc9f5554d2293f37923923dee95b6d425c51adf1f107e1c10690c905d65e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Oct 2021 01:17:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oM7wMMvVp3yZrt9yfbhYoC5cdwuP%2BfS86GvIlUbOo7B3Gg7Ex7R2Q1wPG9y5k5GNInKbeeS%2B%2FgAuJGCyNmN4LI6424Dh8rU%2Fp00I0KbMcP86f3rNfgs%2Bx%2FnzknmvXdtAj8FWOLrQf8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc787d43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30512
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Halloween-Ghost-Coloring-Page-300x350.jpg
tsgos.com/wp-content/uploads/2021/10/ 33 KB
34 KB 872ms
867ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/10/Halloween-Ghost-Coloring-Page-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480e61d81c24f80ac4730a5e07ceb2ad97d1ae2355a72fb30af33db6004ffbf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Oct 2021 07:06:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPmUS1fiknkLSVp1tgpGVenqAIuysdp5AjNmpPDQ2kGVctRpB4chzlno4m1YFGslm9yA3wadGdwQsajBm7vcXYfMsWg50gEayb5KRjecU0WN6eVMU7XOw1LCdAvp%2BZOg6rlYhP4Tjc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc787e43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34041
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Butterfly-Printable.-For-personal-and-educational-use-only.-Commercial-use-232x300.jpg
tsgos.com/wp-content/uploads/2019/07/ 22 KB
23 KB 839ms
835ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2019/07/Butterfly-Printable.-For-personal-and-educational-use-only.-Commercial-use-232x300.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9551e4b7898d3763077900b33eb5c6818bc0d8216ce55a619989e671ba806911

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jul 2019 04:19:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8CyYAvJ2%2F8uUN3TmfsIK7Hlbkvg55%2FjoL%2B1uGUf0JrP1mk7me1xWcSXaiJoxVEJTtYeBoEGHUpl4%2BlefjyJLAp6rskn9kN8fOuQPW8Po0ay0NVQbU55nm0EKwveuY%2FxWCAulChwwEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc787f43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22532
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 miss-baby-lol-doll-coloring-pages-c0ba6300c3ba96f5e27da62bac3bea8b-AypDZr-212x300.jpg
tsgos.com/wp-content/uploads/2020/06/ 12 KB
13 KB 768ms
765ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2020/06/miss-baby-lol-doll-coloring-pages-c0ba6300c3ba96f5e27da62bac3bea8b-AypDZr-212x300.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc52d07150647db640b0ef2984ef0571ae73d0265eb8609feddd1022040850e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Sun, 14 Jun 2020 12:33:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xu25bMYWMKi9X3H1wS4M2XrGcI3Y%2BFWjdVNWM19M%2BmzuvvXTjLyBwgSJbwSJfxr%2BoBq8%2Bys%2B7J%2FisouZQoL5jUGAKHAhjqHQ8WXmVnucgUCVH9vAMYR%2FYxjFAMqFQcNUD31t04AOgis%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc788043b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12460
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Dinosaur-coloring-sheets-Crocodile-245x300.jpg
tsgos.com/wp-content/uploads/2019/07/ 17 KB
18 KB 803ms
800ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2019/07/Dinosaur-coloring-sheets-Crocodile-245x300.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976856d5f80fe23264cd960eb74d979ece14adbfa6ab250ecf8abde3b873e92e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jul 2019 19:29:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2otjY9zqSqp7Z55kfr2fDGyE0ftscZzbbQ1fyN7Gy0nDyULdLdnxlfLpY9k5kJiNCHiT%2FUU3YUvj%2FWo%2B72v%2FJXjnLor2%2Bzzij7Ws7z9SMegHuuKfQWDn9e0T5TbAcDt1cl2Ly01bnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc788443b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17788
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 flower-214x300.jpg
tsgos.com/wp-content/uploads/2019/07/ 10 KB
11 KB 754ms
751ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2019/07/flower-214x300.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c3511e97b19d768e8952e76e36f592facf6ea410431079cfcea7f9312baddbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Jul 2019 19:21:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7E5R10JHvKtw6XO%2B6gkFW%2BbO45a1zlIBj77FFW7y20eVX6G5p%2FUhfMbTLkElXXMALFJqsQDvd4OfbpqRDHXDLEG%2FXjDsoJmLJef%2BXMXiov0Ihg2tGgNX1djaiZy82X9YJ5sZvjOhCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc788543b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10184
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Ninja-Series-Roblox-Coloring-Page-For-Kids-175x200.jpg
tsgos.com/wp-content/uploads/2021/09/ 24 KB
25 KB 833ms
831ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/09/Ninja-Series-Roblox-Coloring-Page-For-Kids-175x200.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17a2752aa440d9866604fad17e39957f3775a0ac135f6a800c8bda0e68df0d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Sep 2021 13:57:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYn4FZbo2GtP0OPoIlbIQ9K8DBg7J5bISANzYhvz4OpSZz8e7z2u1m3BUwxQQ4QwJZTa5GXbghI75jrgR%2F2A5UBKQ%2Fso5Lp4vufAFzWaL5v23eiE3NlyjRdlsEtkiz5QwdfV%2BA6y9a0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc788643b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24800
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET
H3 200 Peony-Flower-Art-PRINT-of-Pen-Illustration-Flower-Drawing-Floral-233x300.jpg
tsgos.com/wp-content/uploads/2019/07/ 25 KB
25 KB 852ms
850ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2019/07/Peony-Flower-Art-PRINT-of-Pen-Illustration-Flower-Drawing-Floral-233x300.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 835b6e913c63128e18d30ab2c4f3a4f4d762ac32114a16ed695feba6f9d72d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Jul 2019 14:44:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0x34mLXzY3lUoiKC%2FutzVan%2BSJsXcrJ6bAJa5APfsQeJJ4eqUJR5OYsnkMkQJspaG3rhl5%2B%2B1yK14Hj57xRSpT%2B9XrjY0Z2wLvSC0znsAobk9IpsW4TqoEq4A%2BrKKjQzGSjEr9oDjg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c1edcdc788743b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25304
expires: Sat, 22 Jan 2022 04:31:57 GMT

GET compability.php
www.juquery.com/ 0
0

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
563 B 156ms
148ms XHR
application/json 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11968710&u1=FBA2B0A3E1C44F906EE9F0BEF6678560&java=1&security=603b59ef&sc_snum=1&sess=30eed3&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//tsgos.com/&t=TSgos.com%20-%20Mom%20And%20Kids%20Activity&invisible=1&sc_rum_e_s=2623&sc_rum_e_e=2626&sc_rum_f_s=0&sc_rum_f_e=2543&get_config=true
Requested by: Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c1edcdcaa027027-FRA
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://tsgos.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
99 KB 44ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3047704409027046&plah=tsgos.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3047704409027046

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101736
x-xss-protection: 0
server: cafe
etag: 6975236974516728872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 04:31:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame BC8C 11 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3047704409027046

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 22 Dec 2021 18:36:45 GMT
expires: Wed, 05 Jan 2022 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 35706
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
643 B 50ms
14ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tsgos.com&callback=_gfp_s_&client=ca-pub-3047704409027046

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3047704409027046&plah=tsgos.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f537ac51b8fa3c71017bd8627d21b86a95e21c1b3057d1cc2f2df5fbef26ede3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 52ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=tsgos.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tsgos.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Dec 2021 04:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F233 153 KB
41 KB 456ms
442ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&adk=1812271804&adf=3025194257&lmt=1640233911&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftsgos.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640233911784&bpp=3&bdt=272&idt=84&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5392927221095&frm=20&pv=2&ga_vid=1355121973.1640233912&ga_sid=1640233912&ga_hid=236855332&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066434&oid=2&pvsid=2485798871800098&pem=166&tmod=327&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d97806899e0fb2b10dc1215b7f4454f5e91bca2886cb59916c520ccb267b2610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 23 Dec 2021 04:31:52 GMT
server: cafe
content-length: 42089
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Dec 2021 04:31:52 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A24 54 KB
23 KB 549ms
542ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&h=600&slotname=2458497676&adk=646582030&adf=45027081&pi=t.ma~as.2458497676&w=175&fwrn=4&fwrnh=100&lmt=1640233911&rafmt=1&psa=0&format=175x600&url=https%3A%2F%2Ftsgos.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640233911787&bpp=1&bdt=274&idt=100&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5392927221095&frm=20&pv=1&ga_vid=1355121973.1640233912&ga_sid=1640233912&ga_hid=236855332&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=306&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066434&oid=2&pvsid=2485798871800098&pem=166&tmod=327&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=1ubGRgtFtv&p=https%3A//tsgos.com&dtd=104

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4a72899ffeab9a5a16e702695d24037d2a2c18e078f286a6352b6dab00e6f2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 23 Dec 2021 04:31:52 GMT
server: cafe
content-length: 23909
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Dec 2021 04:31:52 GMT
cache-control: private

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 149 KB
53 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbea79f2df0b90afb4a54efb447d86eeb387be30ca8387fb69b069a46ae4896a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54388
x-xss-protection: 0
server: cafe
etag: 7489837695308457557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 04:31:52 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=tsgos.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Dec 2021 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tsgos.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Dec 2021 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame 77DA 11 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 22 Dec 2021 18:38:26 GMT
expires: Wed, 05 Jan 2022 18:38:26 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 35606
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 77DA 4 KB
1 KB 41ms
20ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 04:11:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Dec 2021 04:31:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Dec 2021 04:31:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 77DA 205 B
744 B 38ms
10ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 00:02:38 GMT
x-content-type-options: nosniff
age: 102554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Dec 2022 00:02:38 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 77DA 604 B
696 B 38ms
11ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 08:05:52 GMT
x-content-type-options: nosniff
age: 159960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 21 Dec 2022 08:05:52 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 77DA 19 KB
8 KB 44ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 00:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
server: cafe
etag: 3177319193432224586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 00:25:48 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 85DB 0
0 77ms
28ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstE8IeJBRWWU96ACGREEiktrzRNkYN6Y8ZV-JJPVthfOZYDRY8i54BkduuitFU2KmxV0lMdMOGor_ZyO_8csBjuMWnwIgZSr8MFIo6wxSKOMUEVdZ008kHT41kmbF_e778_VhRvVuOVjaDlNF8zN8L3kzpXNp8gJvS-5Ae9cRJ6Y3llJWd9hydKUalCsrneTFkdmwKVxTPvFOc89D_SUA6wsY8tTZ4pCjpAGHxBcCJEvW7cc72_74CCSAF-VxcbnLKrqkiTx5gr-haJh3tuKmMwAKFgFHHob3Hz6bEqSxQN7tNnR5imdGRVuLajczKbNjd9h1yv6tfKpfStGaIuPDbS2IvciPlMlq7QjRqF4NRUfx4LehrT8yfKakATvmmp9JRrIcTGu8nb_QMCbgaRZwNkiQyplcFafDsC4meizHTVXgQIxRVxCOq_VX5zarjKtp-_LE_cA6-M0Ro-JtAR5BPsjxMKrJtHuqLsOCmeSl_rayEFvft7tVjmcyQtMjqQQlF1ao16vYZR32oUxt-gGBp45bKPs2SETDsZKt5wOiXT1BxyhNujcUA0lV5oza0yshnmK5pLkF35nfCrDUPDMK12l7W_wixg3aTuX34bUsPtPnTpGy_7pE8mPQReBXyQGr0CzsjLhbyHObM1kUkEIDZCWJmLlDWehRXhfTh3Y6nZCHBZZJuzOEMMhiS_OnObnNMka2xG-lmnVMIagFymsx-DaQ0ge88X3x_321GzDomgyWePbkQhjypzdQEuSOyY9jzlNxvqtFQc1z8idaiO_Im589RYFIA6PiB2xqchbT343yoCuLjSWbSsU0bphxXaLzB59biI4NRna-wlQWCFC1TbxBNaA0fl7c1bJZyMZJlihhmVWSu1gg1BraSk3GHpU75BAeNsy1qIpn6ZOM_zpi8boJpsckZr6nmeS4ugmA&sai=AMfl-YS_lDYQlRxFPIJWpUL0B-k-YgjnyUn4bl8oAu4av60aGDAq57p1RDDELA&sig=Cg0ArKJSzPWccYVl2E3SEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: tsgos.com
URL: https://tsgos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 23 Dec 2021 04:31:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 23 Dec 2021 04:31:52 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 85DB 41 KB
15 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tsgos.com
URL: https://tsgos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 02:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Dec 2022 02:16:22 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 85DB 32 KB
13 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&h=600&slotname=2458497676&adk=646582030&adf=45027081&pi=t.ma~as.2458497676&w=175&fwrn=4&fwrnh=100&lmt=1640233911&rafmt=1&psa=0&format=175x600&url=https%3A%2F%2Ftsgos.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640233911787&bpp=1&bdt=274&idt=100&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5392927221095&frm=20&pv=1&ga_vid=1355121973.1640233912&ga_sid=1640233912&ga_hid=236855332&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=306&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C21066434&oid=2&pvsid=2485798871800098&pem=166&tmod=327&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=1ubGRgtFtv&p=https%3A//tsgos.com&dtd=104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13177
x-xss-protection: 0
server: cafe
etag: 14559802278604478720
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 04:22:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 85DB 2 KB
1 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 04:23:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85DB 119 KB
37 KB 56ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Dec 2021 04:31:52 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 85DB 15 KB
6 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 04:02:51 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 85DB 19 KB
8 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 04:30:51 GMT

GET
H2 200 5470728021862204340
s0.2mdn.net/simgad/ Frame 85DB 33 KB
34 KB 34ms
7ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5470728021862204340

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ea1295ae8f1c679a88a7ad0a4ee48dbad8bea58b666436ddbce418fbc256b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 01:35:41 GMT
x-content-type-options: nosniff
age: 10571
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33892
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 19:59:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 01:35:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1947 3 KB
579 B 31ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 04:08:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Dec 2021 04:31:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Dec 2021 04:31:52 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1947 1 KB
880 B 23ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 03:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 03:57:21 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 1947 19 KB
8 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 04:26:19 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1947 2 KB
1 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 03:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 03:22:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1947 119 KB
37 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Dec 2021 04:31:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1947 15 KB
6 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jan 2022 04:02:51 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 1947 27 KB
11 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 14:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 20 Mar 2022 14:37:35 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6DC4 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 22 Dec 2021 10:40:17 GMT
expires: Thu, 22 Dec 2022 10:40:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 64295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6D11 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 23 Dec 2021 04:04:45 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 85DB 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 931ed3414c837fa6e09caa20eba5cd94ab9f8c520d16a51529659d45fa44df1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 41ms
26ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

735653903b6f292f0f194f80babf30e7a2c05a581777ab0e6d24caf8ab24ac8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Dec 2021 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8606
x-xss-protection: 0

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DC4 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 22:59:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 22:59:41 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6D11
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

27ms
26ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 23 Dec 2021 04:31:52 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Dec 2021 04:31:52 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 23 Dec 2021 04:31:52 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame EBC6 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tsgos.com
URL: https://tsgos.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 22:59:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 22:59:41 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 23 Dec 2021 04:31:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DBD2 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 22 Dec 2021 23:28:18 GMT
expires: Thu, 22 Dec 2022 23:28:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 735E 783 B
534 B 34ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

17acf8629ca339849e01de2055bcb4f829ffe2887819dd8512da977b35e268f4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TlGWVk2PYyA/7OiTsotaOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 23 Dec 2021 04:31:52 GMT
date: Thu, 23 Dec 2021 04:31:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-TlGWVk2PYyA/7OiTsotaOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame DBD2 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 22:59:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 22:59:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 735E 0
0 32ms
32ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=2485798871800098&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DC4 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9tn1t_vDYfL7N_mnx_AP24as0AkAAAAAOAHgBAI&bg=!JSalJmLNAAZKWFskSlg7ACkAdvg8WnRKbTx-72Z8mpPr1pDxMlJrU9fcDsq5HcACVrSkoF095Kvk5AIAAACmUgAAAItoAQcKAD4ycfs9YrAKFHFmWflJ3x7M_snmr-0ptgTkpTzq5O6FcgNa909fbJ_BkRzzY60nd58bizQpM_lQuzrbgozQR5kC-gTZLTyGx9wUjH1pupH5GXX8zDhnlnHcQs55JCLtpBHD5zGV89d4NaUt1QVI6HTfKAsO8ZHinmRvuZ7wL1DS7vkHBc1jdxSj7ifPyMD-OAb0G5wlb6iYH_Hr7cnOENLMnSL2YwqYNDE2W4NMRAOYm0qZgEMgkjmFx3y6HktuYcfZjBJdSvmkJNb2E4pewKaF-O-6S6Hl7vf6wOSQB-i3vqJlteuUAJ8yA_JuUtdMuL2C02z1wXZ9hPP5wCmb5UL2BgAdpPMpgEFAsyyeGFjCi7JkR9AamAFxWGexZ7KkGmTQLViJ2C0Hw0aCiBl-e5syJFD2wogCD9yUGTDMwlLnMXKvHDU3VCFRQdJNCTguScnQp9Ie9MNBP5xWPExGDI_Qaveql4K8a5elvnNjUb_4m0RbEX6iMXUM8AQHNHoNOSbxof3PwlxGz4MAZ5dR5v8KkIEmX5-Gx07bO66YKn2n0OwpAKjNquPyV2wB2YbuVt3ZKLnj_g4UHFfDrm9dF9l8XkZL2yKL0MgyRzBUrETnC_tzu5DMG3r_p0hwLTveXEC98DkkmDEbVDIkTtF9bDmCOPwRsqtx-kWpjVoIznCK6jA98qhIJinVSv4eByIgJHF37BEFU3hfQxhSB7wo-oHttKEb6n_Xq5u0ODgDpRFIj1riPLWT76Ep8Q5RjzhZpzDP4WQzcZbLocQaTWdEJb9EsoI3nzNXjMrgylXG8nXZ2RvNABhza3u_6WpdoFHtx2B6u4g5Jo3PkThCq4Vr1O1pqdlvJzzru1N9eit-dpiH4Ow1DyEC7qXV7gKfFYyVyiknVyBK6SFfLMySWa1of4k1IN1UoWdhs9NAeniTTrgFt5eq57pUhEtfLPtQtDkQ7eMyM6Mt0YesagD_xZVbxrzQlqZOPObT5eoSbFC9OEDuMoq_1hFY8iNIKaUDJYGqIaOcQPCm85x-KtxjWTPIlHj8a0YfL9QGLjrtz4gm3yc7nN_E7LMBbWgjIs1kObj3lA6-fqK2ZbjsxBuJzg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 04:31:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=2485798871800098&bg=!NjWlNXHNAAZKWFskSlg7ACkAdvg8Wsk8SC0O1hQdFkLopPhcoBlo2RWkwKSpWwwf8tTqKw0X90zYNAIAAADKUgAAAAdoAQeZAqjbGTJ2_r4XArvtIiulM7Vxewq1JADjNB69rfjV6Qyqt1iUPkp8lS00-daiyrVzoXFyEI9CJ3XtzxQnESzuASkdhvfDBEySF4y3BxVOIzw1DFTV32M_Q_FIlakZ228_By8BGJBYz6EN8QS0T_9fnxUOMwfP57W0W6Mqau2lGwnASK64d8TB0-gp1Smd1aKV-pkt5xwwqWO3sAoFpnv6ld6R1Z5LvHMDfY41n-7CYA5WewMXtAx-zryTp8S0UFFEp98fIOtW4pdp1VvqOoQdj-YHei9wMfObUU0b8-FRtgY6o38LTnJ5AA3Gmp_fVwAufbBSq2KbE_udjdLt0yqRUMAGqRU7VqjJk3--bE2Jn22fVjjFlDxPHKD2bSl5P7HD4wFd4c8f2r78My1aOfJkcBXLkGIs9Fu-zh1V5Sunlq7nzO90WRzX6Bs_r5F1n05eC9PTO7RkumMX4ea_4porP8N5vnaeTxhAHFkiGUrtr8QybkMfi02NzmBUXGy7za7j469K5JTOoc-YZ5J3yYha5aczAb5Sqh76ypMBQ4EhNH7dp4PGRL-SctEOxj9ESCazX3_zzD38m87WGNFGC3rpxqP5kZQin-_j7p1PL6n7Hq4Kxh1AR8Fm1NuAk9ufd4zvI4MLIBwWzXz-Y_yZc0mHFe2PH7yjt76liY9f0JocisYOuZ5pAhQO0XQyyYdz9yfdA3OY3xBZIG5uemv8aOkvQ1pyLU6TJ5dUEsOQ8M8ho5mB-u7cJrDf-okbQCK2PrxPBkCiQXydLAGKSgHUdnmOc_WG8lq-qpqQCztHe1Nt8A401cJI_xnqt6upolSE6GsnLT2uFye7ij23165r_ZhsS0LubhTr-PWhCOGduKdYKZVVLwCiKsRb1sg945Jo0S0Erk_otla85pv1QQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 04:31:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 85DB 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUALUTjT71gLNCMytGPV0Mylx9PZ5Ram6g5Gv_zop6hjK8lRCg9IqUEsKq5T_9d5fEtarj2vwh8SRRqYmg8Kxzqn_cgKUJMosEGU5KrCUpHysvmaP4AmwIg3NLISaPXBq7LflvgwhX8ntPJKLctvcfBKqiggisid9ieMkUzYvceA&sai=AMfl-YQjGr3QQXbYk8YDp9lzmDnsOlvIIRx8PUo6gdS8PMA-3G_hcEEGEQXLtXmOPrafnldlyhIKLKD9wdZU&sig=Cg0ArKJSzCZ4c-m-7P-OEAE&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=646582030&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640233912451&rpt=142&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 04:31:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.juquery.com
URL: http://www.juquery.com/compability.php?0.22987124476738208

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tsgos.com/	1970-01-20 17:08:25	Name: sc_is_visitor_unique Value: rx11968710.1640233912.FBA2B0A3E1C44F906EE9F0BEF6678560.1.1.1.1.1.1.1.1.1
.tsgos.com/	1970-01-20 08:58:49	Name: __gads Value: ID=d5c8a10d0c4cf885-22811a4e0ecd00ed:T=1640233911:RT=1640233911:S=ALNI_Mb2eODljdh8EV1rVH5KclWKbw3RNg
.statcounter.com/	1970-01-21 19:25:39	Name: is_unique Value: sc11968710.1640233911.0
.statcounter.com/	1970-01-20 17:08:51	Name: is_visitor_unique Value: 1640233911128912263
.doubleclick.net/	1970-01-20 08:58:49	Name: IDE Value: AHWqTUmNeOhkf8q6p5Tcsxjgbl6dQ6zuFRn_OgHXgbvgBqBQTGX8p-7VIA3URPRrQHw
.doubleclick.net/	1970-01-19 23:37:17	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://tsgos.com/wp-content/themes/tsgos/js/js-mainmenu.js?ver=5.7.4 Message: Mixed Content: The page at 'https://tsgos.com/' was loaded over HTTPS, but requested an insecure script 'http://www.juquery.com/compability.php?0.22987124476738208'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
c.statcounter.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
secure.statcounter.com
tpc.googlesyndication.com
tsgos.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.juquery.com
www.juquery.com
104.20.229.67
142.250.185.130
142.250.185.66
2606:4700:3030::ac43:94d3
2a00:1450:4001:801::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2006
2a00:1450:4001:829::2004
2a00:1450:4001:830::2002
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d455fbe48a68f48891359a4545c4e3ef5096b24fab909fde8bd534cf9192eef
0dc52d07150647db640b0ef2984ef0571ae73d0265eb8609feddd1022040850e
1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5
1074e3f2a00d8da8377da439fe8e2a1e49d61e2af6d2c4ab34de4dbd5e4baa1f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17a2752aa440d9866604fad17e39957f3775a0ac135f6a800c8bda0e68df0d80
17acf8629ca339849e01de2055bcb4f829ffe2887819dd8512da977b35e268f4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20445967c2d0b2ccdb216b16a2952bf07d5d0acc8901e412d02222effbd8d4db
2129d4f113bddb54138e7ba84247fac83bfc43e3794fc6b9913beb03b14b7d22
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
253dc9f5554d2293f37923923dee95b6d425c51adf1f107e1c10690c905d65e1
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2ff32526e7a5abbb6b4ada1892114802b03c79a6c0fa73279e17feb67c3397eb
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
366f102bbfed041461b6ecafcac7c00dd4f6be3da40aa69da2f00a31775093eb
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3aa6da378536786b920c80c12674408789e0d83a619ff727b7d752660bea90f0
3ef36c23fc3bb975205898dffb3ce93e30598f632ef71100c5c99d63c07ad26f
4213eba6c464b3ca6fc71c748e2ba99f63f7f0b624199fd44127da67e40a3003
480e61d81c24f80ac4730a5e07ceb2ad97d1ae2355a72fb30af33db6004ffbf9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ebe7eae381b0f4eaa45660d262fecd6b2e5e3eeddac6d8ba533fcdb52c7084b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c3511e97b19d768e8952e76e36f592facf6ea410431079cfcea7f9312baddbb
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
693beb315db9c326590dc470b805e69d750382319626d598cd94f05a73168995
735653903b6f292f0f194f80babf30e7a2c05a581777ab0e6d24caf8ab24ac8e
7aeac5cb758cd5903c8b911426ac4ab780c51e55b655d4874cfaefd5f8710058
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
835b6e913c63128e18d30ab2c4f3a4f4d762ac32114a16ed695feba6f9d72d1d
8648530f2dbd2de47da2cb5489a0235e44e5f86b36446a5c7ed52d99f458e7a3
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8b0d0e7c5b7486e204d94e5d9b025cbbc9291940522228972d3076d204008f0a
931ed3414c837fa6e09caa20eba5cd94ab9f8c520d16a51529659d45fa44df1a
9551e4b7898d3763077900b33eb5c6818bc0d8216ce55a619989e671ba806911
970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894
976856d5f80fe23264cd960eb74d979ece14adbfa6ab250ecf8abde3b873e92e
98acb50a63047f16eac68d34144d1c73ee9fcc80bb9d0767785d5c39bbe4b5a7
9be255b79e70eaae1d5c45ee10a575dcd07e37edf54ee8b5a229c9dfd29cfbbc
9ea1295ae8f1c679a88a7ad0a4ee48dbad8bea58b666436ddbce418fbc256b45
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b3cbeabb5b498ceab8db507fe474af38aeadfe18ece9449cc25513e261a02cd0
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b90f27b76217a9b142f9f3c5157294d3f2e978045b2ac8c42545949b0ed9915c
b994007d2f4abb80074dd18e5f3352a319857554ac530dceb5f110f329a1f2da
b9b85ab9c5d80e81f67926eb6f08dfa51fb59352a973a8b9e676ca7174754b6c
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
cd6c8d0a9dd980b006b40c5194663fef45dd69875c38630bb91d5b5c9dfdca6a
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d97806899e0fb2b10dc1215b7f4454f5e91bca2886cb59916c520ccb267b2610
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
db8d2ade6dc2d26b101bba3127d3476bfacfabf1148cccc34adc654fd6cd448a
dbea79f2df0b90afb4a54efb447d86eeb387be30ca8387fb69b069a46ae4896a
e333c73bc41a62e48f5365575c6bbcf5146c4f536b840f33c74def783063217f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a72899ffeab9a5a16e702695d24037d2a2c18e078f286a6352b6dab00e6f2f
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ed16a2a968148428297b2997f50da2acd51ce125a73ad642f017a0429ae53119
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f537ac51b8fa3c71017bd8627d21b86a95e21c1b3057d1cc2f2df5fbef26ede3
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

tsgos.com Open in urlscan Pro 2606:4700:3030::ac43:94d3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

99 %HTTPS

79 %IPv6

12 Domains

16 Subdomains

15 IPs

3 Countries

1324 kBTransfer

2480 kBSize

6 Cookies

5 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tsgos.com Open in urlscan Pro
2606:4700:3030::ac43:94d3 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

99 %
HTTPS

79 %
IPv6

12
Domains

16
Subdomains

15
IPs

3
Countries

1324 kB
Transfer

2480 kB
Size

6
Cookies

90 HTTP transactions
2 data transactions