dico.me Open in urlscan Pro
158.247.215.120 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dico.me/
Effective URL:
https://dico.me/
Submission: On January 07 via api (January 7th 2022, 2:19:54 pm UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 51 HTTP transactions. The main IP is 158.247.215.120, located in Seoul, Korea, Republic Of and belongs to AS-CHOOPA, US. The main domain is dico.me.
TLS certificate: Issued by R3 on January 7th 2022. Valid for: 3 months.

This is the only time dico.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	158.247.215.120 158.247.215.120	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	211.249.221.246 211.249.221.246	9457 (DREAMX-AS...) (DREAMX-AS DREAMLINE CO.)
1	2606:4700::68... 2606:4700::6811:8cba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	185.199.109.154 185.199.109.154	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
51	19

12 158.247.215.120 (Seoul, Korea, Republic Of) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 158.247.215.120.vultr.com

dico.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
file.dico.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.249.221.246 (Korea, Republic Of)

ASN9457 (DREAMX-AS DREAMLINE CO., KR)

developers.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:8cba (United States)

ASN13335 (CLOUDFLARENET, US)

www.vultr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.109.154 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-154.github.com

opengraph.githubassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 127	250 KB
12	dico.me 1 redirects dico.me file.dico.me	1 MB
7	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 122 adservice.google.com — Cisco Umbrella Rank: 69 accounts.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 8	68 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	32 KB
2	githubassets.com opengraph.githubassets.com — Cisco Umbrella Rank: 150254	128 KB
2	gstatic.com fonts.gstatic.com ssl.gstatic.com	71 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 151	37 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8579	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 745	643 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	341 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	61 KB
1	vultr.com www.vultr.com — Cisco Umbrella Rank: 299881	14 KB
1	kakao.com developers.kakao.com — Cisco Umbrella Rank: 43452	37 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1021 B
51	14

	Domain	Requested by
9	pagead2.googlesyndication.com	dico.me pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	dico.me	1 redirects dico.me
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	file.dico.me	dico.me
2	www.google.com	1 redirects tpc.googlesyndication.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	opengraph.githubassets.com	dico.me
2	apis.google.com	dico.me apis.google.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ssl.gstatic.com	accounts.google.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	dico.me
1	www.vultr.com	dico.me
1	developers.kakao.com	dico.me
1	fonts.googleapis.com	dico.me
51	20

This site contains links to these domains. Also see Links.

Domain
github.com
creativecommons.org
www.vultr.com

Subject Issuer	Validity	Valid
dico.me R3	`2022-01-07` - `2022-04-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.kakao.com Thawte TLS RSA CA G1	`2021-09-17` - `2022-09-30`	a year	crt.sh
*.vultr.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-08` - `2022-12-09`	a year	crt.sh
file.dico.me R3	`2022-01-07` - `2022-04-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.githubassets.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-10-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://dico.me/
Frame ID: 21E94C0510059C0C95A5F5F00AF03682
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Frame ID: C1024FE2F44FDECFB920230F8E70A50B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462918799278586&output=html&h=280&slotname=6476132187&adk=2567948506&adf=670494000&pi=t.ma~as.6476132187&w=728&fwrn=4&fwrnh=100&lmt=1641565188&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fdico.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641565188415&bpp=5&bdt=1489&idt=78&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=6275738542039&frm=20&pv=2&ga_vid=1299102262.1641565188&ga_sid=1641565189&ga_hid=1959756217&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062930&oid=2&pvsid=623628191163419&pem=40&tmod=277&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yQXiFnYht2&p=https%3A//dico.me&dtd=99
Frame ID: C64536D2A3329C4C7B67C8D4C703A6D5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462918799278586&output=html&adk=1812271804&adf=3025194257&lmt=1641565188&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdico.me%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641565188422&bpp=1&bdt=1496&idt=100&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=6275738542039&frm=20&pv=1&ga_vid=1299102262.1641565188&ga_sid=1641565189&ga_hid=1959756217&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062930&oid=2&pvsid=623628191163419&pem=40&tmod=277&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=110
Frame ID: 1DF76E4B98EA850634C97FFB5A697FBB
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 2BEABBD2F97D16C3B2AC7587DF262C66
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 67D6D61ADB116ACB6A32014C538EE9CD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Frame ID: 461B7CEA158508D09EB08CDAEC817A51
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0F78E270EA3799C8B2042BD641938A5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 630F27D4E20EF7549329334127C0A91B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dico

Page URL History Show full URLs

http://dico.me/ HTTP 301
https://dico.me/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
apis\.google\.com/js/platform\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

51
Requests

100 %
HTTPS

78 %
IPv6

14
Domains

20
Subdomains

19
IPs

3
Countries

2085 kB
Transfer

2975 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/squizlabs/PHP_CodeSniffer/wiki
Title: Home · squizlabs/PHP_CodeSniffer Wiki PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards. - Home · squizlabs/PHP_CodeSniffer Wiki github.com

Search URL Search Domain Scan URL

URL: https://github.com/squizlabs/PHP_CodeSniffer
Title: GitHub - squizlabs/PHP_CodeSniffer: PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards. PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards. - GitHub - squizlabs/PHP_CodeSniffer: PHP_CodeSniffer tokenizes PHP files and detects violations of ... github.com

Search URL Search Domain Scan URL

URL: https://github.com/PHPCompatibility/PHPCompatibility
Title: GitHub - PHPCompatibility/PHPCompatibility: PHP Compatibility check for PHP_CodeSniffer PHP Compatibility check for PHP_CodeSniffer. Contribute to PHPCompatibility/PHPCompatibility development by creating an account on GitHub. github.com

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by-nc-nd/4.0/deed.ko

Search URL Search Domain Scan URL

URL: https://www.vultr.com/?ref=8755477

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dico.me/ HTTP 301
https://dico.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dico.me/
Redirect Chain

http://dico.me/
https://dico.me/

38 KB
13 KB

1017ms
436ms

Document
text/html

158.247.215.120
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://dico.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.215.120 Seoul, Korea, Republic Of, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 158.247.215.120.vultr.com
Software: nginx / PHP/7.4.14
Resource Hash: e06a55730ccc0e6fba8ed07c6273006d3df95005ce37b88a0cf25145e384a530

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Fri, 07 Jan 2022 14:19:46 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.14
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 07 Jan 2022 14:19:45 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://dico.me/

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1021 B 45ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inconsolata:wght@400;600;700&display=swap

Requested by

Host: dico.me
URL: https://dico.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

348b1ba2d7a7272bbbb184ce8089ce2696d1b7408709286e7911caeee75de7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 14:19:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 07 Jan 2022 14:19:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jan 2022 14:19:47 GMT

GET
H2 200 common.min.css
dico.me/css/ 42 KB
42 KB 351ms
350ms Stylesheet
text/css 158.247.215.120
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://dico.me/css/common.min.css
Requested by: Host: dico.me
URL: https://dico.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.215.120 Seoul, Korea, Republic Of, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 158.247.215.120.vultr.com
Software: nginx /
Resource Hash: 8a6ef816adce5fb9392bdb3c1f8bffc178c2dec3207f55b68fb1f806a4a35446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:47 GMT
last-modified: Thu, 29 Jul 2021 02:07:31 GMT
server: nginx
accept-ranges: bytes
etag: "61020d63-a791"
content-length: 42897
content-type: text/css

GET
H2 200 dragonEditorViewer.css
dico.me/css/ 25 KB
25 KB 766ms
766ms Stylesheet
text/css 158.247.215.120
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://dico.me/css/dragonEditorViewer.css
Requested by: Host: dico.me
URL: https://dico.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.215.120 Seoul, Korea, Republic Of, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 158.247.215.120.vultr.com
Software: nginx /
Resource Hash: f4bdb23dc16a42db3e43af36545c260e8b9fb2a0ab4d5c5630922d8a929d1475

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:47 GMT
last-modified: Tue, 08 Jun 2021 00:20:35 GMT
server: nginx
accept-ranges: bytes
etag: "60beb7d3-643c"
content-length: 25660
content-type: text/css

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 70ms
34ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dico.me
URL: https://dico.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1de28b54123eef87e0e9653132526015af33eb4015b6b5b5af12540bf835c3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51810
x-xss-protection: 0
server: cafe
etag: 16293149192722868826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Jan 2022 14:19:48 GMT

GET
H2 200 kakao.min.js Show response
developers.kakao.com/sdk/js/ 109 KB
37 KB 819ms
267ms Script
application/javascript 211.249.221.246
DREAMX-AS DREAMLI...

General

Check archive.org

Show headers Download Go to

Full URL

https://developers.kakao.com/sdk/js/kakao.min.js

Requested by

Host: dico.me
URL: https://dico.me/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

211.249.221.246 , Korea, Republic Of, ASN9457 (DREAMX-AS DREAMLINE CO., KR),

Reverse DNS

Software

Resource Hash

b59c9d0efa1bbd29229270129ef0c6eb81d22034dd9c3704bc70a598acbf16fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:47 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 02:58:29 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
strict-transport-security: max-age=15724800; includeSubDomains
expires: Fri, 07 Jan 2022 15:19:47 GMT

GET
H2 200 banner_728x90.png
www.vultr.com/media/banners/ 14 KB
14 KB 130ms
61ms Image
image/webp 2606:4700::6811:8cba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vultr.com/media/banners/banner_728x90.png

Requested by

Host: dico.me
URL: https://dico.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8cba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

144ab6e93703c6f56a738f57728ba43eba620d05779d83f40755d994bd6f1479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12316
cf-polished: origFmt=png, origSize=18438
content-disposition: inline; filename="banner_728x90.webp"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14144
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Dec 2021 18:25:44 GMT
server: cloudflare
x-frame-options: DENY
etag: "61afa728-4806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 08 Jan 2022 14:19:48 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6c9dd2bae9f23753-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 1500479770_cat1.png
file.dico.me/img/upload/2018/ 9 KB
9 KB 964ms
352ms Image
image/png 158.247.215.120
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.dico.me/img/upload/2018/1500479770_cat1.png
Requested by: Host: dico.me
URL: https://dico.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.215.120 Seoul, Korea, Republic Of, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 158.247.215.120.vultr.com
Software: nginx /
Resource Hash: ae9ae3651f1463dc589d88a6dff5358339b150453094ee013f3c374b1e9ccbd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:49 GMT
last-modified: Mon, 11 Jan 2021 01:39:49 GMT
server: nginx
accept-ranges: bytes
etag: "5ffbac65-2352"
content-length: 9042
content-type: image/png

GET
H2 200 common.min.js Show response
dico.me/js/ 17 KB
18 KB 335ms
335ms Script
application/javascript 158.247.215.120
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://dico.me/js/common.min.js
Requested by: Host: dico.me
URL: https://dico.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.215.120 Seoul, Korea, Republic Of, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 158.247.215.120.vultr.com
Software: nginx /
Resource Hash: 5b653e8e06bd633e21b6fe1e0f114d9a21dd04a13875d6b6b741f664d1718893

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:47 GMT
last-modified: Wed, 24 Nov 2021 00:10:39 GMT
server: nginx
accept-ranges: bytes
etag: "619d82ff-45ea"
content-length: 17898
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 67ms
37ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CTGQS5PKTR

Requested by

Host: dico.me
URL: https://dico.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf6105ca92b96f9c6f5190cf240885db8814bf61cfec915ae62d13aa40f7c594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62266
x-xss-protection: 0
expires: Fri, 07 Jan 2022 14:19:48 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 89ms
50ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: dico.me
URL: https://dico.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e308b920200e70975a47529366c166d3fa167655d345779e7fa1b8d3c8e737ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iYq8TKQkoEtadjlKhA1cRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "9e73b2cd9b08c6b34a7273789934d4e5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-iYq8TKQkoEtadjlKhA1cRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 07 Jan 2022 14:19:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/ Frame C102 11 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 06 Jan 2022 16:07:35 GMT
expires: Thu, 20 Jan 2022 16:07:35 GMT
content-type: text/html; charset=UTF-8
etag: 2196020943555189384
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4873
x-xss-protection: 0
age: 79933
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Pretendard-Regular.subset.woff2
dico.me/font/ 277 KB
277 KB 480ms
480ms Font
font/woff2 158.247.215.120
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://dico.me/font/Pretendard-Regular.subset.woff2
Requested by: Host: dico.me
URL: https://dico.me/css/common.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.215.120 Seoul, Korea, Republic Of, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 158.247.215.120.vultr.com
Software: nginx /
Resource Hash: 24b123a0dc45723581f53fc599fd9698415fb3065ee00c2704a1ac569424f63d

Request headers

Referer: https://dico.me/css/common.min.css
Origin: https://dico.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:48 GMT
last-modified: Thu, 29 Jul 2021 02:07:31 GMT
server: nginx
accept-ranges: bytes
etag: "61020d63-4532c"
content-length: 283436
content-type: font/woff2

GET
H2 200 Pretendard-Bold.subset.woff2
dico.me/font/ 294 KB
295 KB 313ms
312ms Font
font/woff2 158.247.215.120
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://dico.me/font/Pretendard-Bold.subset.woff2
Requested by: Host: dico.me
URL: https://dico.me/css/common.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.215.120 Seoul, Korea, Republic Of, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 158.247.215.120.vultr.com
Software: nginx /
Resource Hash: 8f02ec58fcea2debe6347fb5bbee575477f45f431eb0b92d06b8e3770f32167c

Request headers

Referer: https://dico.me/css/common.min.css
Origin: https://dico.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:48 GMT
last-modified: Thu, 29 Jul 2021 02:07:31 GMT
server: nginx
accept-ranges: bytes
etag: "61020d63-498fc"
content-length: 301308
content-type: font/woff2

GET
H2 200 QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2
fonts.gstatic.com/s/inconsolata/v21/ 31 KB
32 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inconsolata/v21/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inconsolata:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be6e83ef241f060e8fca55002f6994af05bf2360ebc74c9b6165721ffea6bfc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dico.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 11:21:05 GMT
x-content-type-options: nosniff
age: 183523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31716
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:36:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 11:21:05 GMT

GET
H2 200 Pretendard-Medium.subset.woff2
dico.me/font/ 292 KB
292 KB 863ms
863ms Font
font/woff2 158.247.215.120
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://dico.me/font/Pretendard-Medium.subset.woff2
Requested by: Host: dico.me
URL: https://dico.me/css/common.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.215.120 Seoul, Korea, Republic Of, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 158.247.215.120.vultr.com
Software: nginx /
Resource Hash: ef2e5613bec143fa6cdd0858efa2a42174d73d0bfa8b986cc23b8f9c5760b2ea

Request headers

Referer: https://dico.me/css/common.min.css
Origin: https://dico.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:48 GMT
last-modified: Thu, 29 Jul 2021 02:07:31 GMT
server: nginx
accept-ranges: bytes
etag: "61020d63-48f6c"
content-length: 298860
content-type: font/woff2

GET
H2 200 Pretendard-SemiBold.subset.woff2
dico.me/font/ 291 KB
291 KB 863ms
863ms Font
font/woff2 158.247.215.120
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://dico.me/font/Pretendard-SemiBold.subset.woff2
Requested by: Host: dico.me
URL: https://dico.me/css/common.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.215.120 Seoul, Korea, Republic Of, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 158.247.215.120.vultr.com
Software: nginx /
Resource Hash: 4bc70dcfd48f7c7b85493a286214618bfa7e4cb7e677b81b6f27a06c8795d4c7

Request headers

Referer: https://dico.me/css/common.min.css
Origin: https://dico.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:48 GMT
last-modified: Thu, 29 Jul 2021 02:07:31 GMT
server: nginx
accept-ranges: bytes
etag: "61020d63-48b30"
content-length: 297776
content-type: font/woff2

GET
H2 200 20211210065604_000.webp
file.dico.me/private/2021/12/ 96 KB
96 KB 1256ms
764ms Image
image/webp 158.247.215.120
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.dico.me/private/2021/12/20211210065604_000.webp
Requested by: Host: dico.me
URL: https://dico.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.215.120 Seoul, Korea, Republic Of, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 158.247.215.120.vultr.com
Software: nginx / PHP/7.4.14
Resource Hash: aa202ff487776f04499b8fe67978276ab62132c8185b6c272aa008012101ae39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:49 GMT
server: nginx
x-powered-by: PHP/7.4.14
content-length: 97532
content-disposition: inline
content-type: image/webp

GET
H2 200 PHP_CodeSniffer
opengraph.githubassets.com/27699209a765dc967818a9dd5802db8396f317ddf6cffd5946a9b47e3c1daaea/squizlabs/ 79 KB
79 KB 132ms
111ms Image
image/png 185.199.109.154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opengraph.githubassets.com/27699209a765dc967818a9dd5802db8396f317ddf6cffd5946a9b47e3c1daaea/squizlabs/PHP_CodeSniffer

Requested by

Host: dico.me
URL: https://dico.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.109.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-109-154.github.com

Software

Resource Hash

c3256fc93b0a4a0cdb6aa3c4c39e79a35e62aad50f51afbd26186d14bb3cca34

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-fastly-request-id: 4eb77502e855cf9a93bc2e541a96362fa03b4694
content-security-policy: default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 7550
x-dns-prefetch-control: off
x-cache: HIT, MISS
x-ratelimit-reset: 1641531672
strict-transport-security: max-age=31536000
content-length: 80860
x-github-backend: Kubernetes
x-served-by: cache-iad-kjyo7100040-IAD, cache-hhn4043-HHN
referrer-policy: no-referrer
x-github-request-id: A194:79B6:3E149:1D7EEE:61D7C842
x-frame-options: SAMEORIGIN
date: Fri, 07 Jan 2022 14:19:48 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 63
x-download-options: noopen
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 0
cache-control: public, max-age=21600, immutable
etag: W/"13bdc-dto0oBdInmar3Kwkf6EQwDjVczY"
x-ratelimit-limit: 100
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 20211210071605_000.webp
file.dico.me/private/2021/12/ 25 KB
25 KB 1073ms
580ms Image
image/webp 158.247.215.120
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.dico.me/private/2021/12/20211210071605_000.webp
Requested by: Host: dico.me
URL: https://dico.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 158.247.215.120 Seoul, Korea, Republic Of, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 158.247.215.120.vultr.com
Software: nginx / PHP/7.4.14
Resource Hash: 502d34d6009ba3a3e9cf35c5237dc3c2b4fe9e620c0bd15c243647755468e0ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:49 GMT
server: nginx
x-powered-by: PHP/7.4.14
content-length: 24922
content-disposition: inline
content-type: image/webp

GET
H2 200 PHPCompatibility
opengraph.githubassets.com/1969fe8575b29eabb019ba4d0afd503b5a63ad1e8ffe9f307aa4b684e9af931d/PHPCompatibility/ 48 KB
48 KB 128ms
107ms Image
image/png 185.199.109.154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opengraph.githubassets.com/1969fe8575b29eabb019ba4d0afd503b5a63ad1e8ffe9f307aa4b684e9af931d/PHPCompatibility/PHPCompatibility

Requested by

Host: dico.me
URL: https://dico.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.109.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-109-154.github.com

Software

Resource Hash

250c6924205b190875c53ac87901ea333ff0b0091982d8d835f66b160d20ea4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-fastly-request-id: bf410108d90ab66255889b6351445e716298e35d
content-security-policy: default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 7550
x-dns-prefetch-control: off
x-cache: HIT, MISS
x-ratelimit-reset: 1641449729
strict-transport-security: max-age=31536000
content-length: 48739
x-github-backend: Kubernetes
x-served-by: cache-iad-kcgs7200143-IAD, cache-hhn4043-HHN
referrer-policy: no-referrer
x-github-request-id: 489C:1A4A:776A2:647E73:61D688FD
x-frame-options: SAMEORIGIN
date: Fri, 07 Jan 2022 14:19:48 GMT
expect-ct: max-age=0
x-ratelimit-remaining: 45
x-download-options: noopen
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 0
cache-control: public, max-age=21600, immutable
etag: W/"be63-pJZFVwajphORAfuKIdFgJkfWWJE"
x-ratelimit-limit: 100
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
100 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2462918799278586&plah=dico.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f90b1d6f886480f7a961aa071ac28fc98a8a7347812f0acd5b2d3c7a51215b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 6338342865683808284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jan 2022 14:19:48 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ 135 KB
45 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dbb0fc0e83b745af632ba1d0f81fc1450282d11055fef8f1c31e9d99db65bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 19:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46285
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 04:25:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 19:59:23 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
341 B 35ms
14ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CTGQS5PKTR&gtm=2oe150&_p=1959756217&sr=1600x1200&ul=en-us&cid=1299102262.1641565188&_s=1&dl=https%3A%2F%2Fdico.me%2F&dt=Dico&sid=1641565188&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&ep.page_herf=%2F&ep.page_url=%2F
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CTGQS5PKTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dico.me/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 14:19:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dico.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
643 B 60ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dico.me&callback=_gfp_s_&client=ca-pub-2462918799278586

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2462918799278586&plah=dico.me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c926b0dc7e8c0c292b3b40735bcf3ed4fba216d6961cb2c5804b0478a4554080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dico.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Jan 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dico.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Jan 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C645 69 KB
27 KB 642ms
616ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462918799278586&output=html&h=280&slotname=6476132187&adk=2567948506&adf=670494000&pi=t.ma~as.6476132187&w=728&fwrn=4&fwrnh=100&lmt=1641565188&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fdico.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641565188415&bpp=5&bdt=1489&idt=78&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=6275738542039&frm=20&pv=2&ga_vid=1299102262.1641565188&ga_sid=1641565189&ga_hid=1959756217&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062930&oid=2&pvsid=623628191163419&pem=40&tmod=277&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yQXiFnYht2&p=https%3A//dico.me&dtd=99

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57e117d69a89bb39881a44db25768724673c711d475b3f11c72fc9b88b19d504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 Jan 2022 14:19:49 GMT
server: cafe
content-length: 27438
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Jan 2022 14:19:49 GMT
cache-control: private

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fdico.me%2F&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: dico.me
URL: https://dico.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 14:19:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1DF7 0
19 B 20ms
15ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462918799278586&output=html&adk=1812271804&adf=3025194257&lmt=1641565188&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdico.me%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641565188422&bpp=1&bdt=1496&idt=100&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=6275738542039&frm=20&pv=1&ga_vid=1299102262.1641565188&ga_sid=1641565189&ga_hid=1959756217&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062930&oid=2&pvsid=623628191163419&pem=40&tmod=277&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=110

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 07 Jan 2022 14:19:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Jan 2022 14:19:48 GMT
cache-control: private

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 2BEA 513 B
903 B 52ms
22ms Document
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2226f6e29465a328a62d30b7e090d331efb3319333d36d40d2efc834666c3cbb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d+Jg3jPl7R8Q1hSy30iH7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 07 Jan 2022 14:19:48 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-d+Jg3jPl7R8Q1hSy30iH7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2013763852-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 2BEA 113 KB
40 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2013763852-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad66982d5e6c73df542a09d6f939bd3c8649b818f4935aa5a4f6f8e0ebb00d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 13:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39769
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 23:09:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 13:08:49 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 2BEA 14 B
58 B 47ms
30ms XHR
application/json 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdico.me&client_id=830980995388-ln8f56oold0g4lbonsl9acnvah8l380k.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/2013763852-idpiframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 07 Jan 2022 15:19:48 GMT

GET
H2 200 17132621054405913920
tpc.googlesyndication.com/daca_images/simgad/ Frame C645 26 KB
26 KB 52ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17132621054405913920

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462918799278586&output=html&h=280&slotname=6476132187&adk=2567948506&adf=670494000&pi=t.ma~as.6476132187&w=728&fwrn=4&fwrnh=100&lmt=1641565188&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fdico.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641565188415&bpp=5&bdt=1489&idt=78&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=6275738542039&frm=20&pv=2&ga_vid=1299102262.1641565188&ga_sid=1641565189&ga_hid=1959756217&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062930&oid=2&pvsid=623628191163419&pem=40&tmod=277&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yQXiFnYht2&p=https%3A//dico.me&dtd=99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eb5597c45a056d79991349df8e4f8972a90c7b77f81686da6df25cb259340f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 09:43:29 GMT
x-content-type-options: nosniff
age: 189380
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26269
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 17:34:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Jan 2023 09:43:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame C645 19 KB
8 KB 50ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 14:15:33 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame C645 2 KB
1 KB 46ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 14:04:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C645 120 KB
37 KB 70ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jan 2022 14:19:49 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame C645 15 KB
6 KB 45ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 14:15:05 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame C645 27 KB
11 KB 52ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf4e7ce8d3ef72d0c1df0b845ff9e3f7cfaa38c44de222afb3a31c6a2060075d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11451
x-xss-protection: 0
server: cafe
etag: 17863524699588884828
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 12:59:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C645 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5axoBEzYYemoIpPE-gbIsbKwBLeuuOddrJKql4wNuOzLlt0aEAEgttSRLmCV4pCCoAegAdTF2uoCyAECqQJN0ysQiveyPqgDAcgDyQSqBMUBT9DWhhCLX3OowyTnMZf55-1BDPaOcLL9JQ27IuDYC0MsUGEegrDXi33FGa3X5O_-rWCWLcxOi5M8Op0w4eVcGAXvGeZWyG-fznlnjX_4cRg2z0VwDyOXmDJtrLpvhpsTKgyUQZXJ-N0xOW1CcbqUZvJhey3YXfbuRM3NXlyuTS845blKmtRk5hDNebcosT8NW0AbzgfmFVXqBKLusvhDqK6JrxgaKLOb0GzuLIE0GXg8YwM1O6XcWzGU-vc4tpGErLQYtS_ABKmkn4n4ApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeUuqWVAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIepDtIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNDYyOTE4Nzk5Mjc4NTg2GAA&sigh=Msl8woII4HA&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462918799278586&output=html&h=280&slotname=6476132187&adk=2567948506&adf=670494000&pi=t.ma~as.6476132187&w=728&fwrn=4&fwrnh=100&lmt=1641565188&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fdico.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641565188415&bpp=5&bdt=1489&idt=78&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=6275738542039&frm=20&pv=2&ga_vid=1299102262.1641565188&ga_sid=1641565189&ga_hid=1959756217&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062930&oid=2&pvsid=623628191163419&pem=40&tmod=277&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yQXiFnYht2&p=https%3A//dico.me&dtd=99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 07 Jan 2022 14:19:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Jan 2022 14:19:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 67D6 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462918799278586&output=html&h=280&slotname=6476132187&adk=2567948506&adf=670494000&pi=t.ma~as.6476132187&w=728&fwrn=4&fwrnh=100&lmt=1641565188&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fdico.me%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641565188415&bpp=5&bdt=1489&idt=78&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=6275738542039&frm=20&pv=2&ga_vid=1299102262.1641565188&ga_sid=1641565189&ga_hid=1959756217&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062930&oid=2&pvsid=623628191163419&pem=40&tmod=277&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yQXiFnYht2&p=https%3A//dico.me&dtd=99

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 07 Jan 2022 14:02:27 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 67D6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

62ms
61ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 07 Jan 2022 14:19:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Jan 2022 14:19:49 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 07 Jan 2022 14:19:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C645 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1124850bcd0084497877339e79ff3e2a784eda45458bcc9ff5cea2aff6d8e2c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js Show response
pagead2.googlesyndication.com/bg/ Frame 461B 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 14:13:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 37ms
23ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220104&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2560dbe86545c5d649137ef945a015e6f5221c7dea9d21cf6f105c67bd44f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Jan 2022 14:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8506
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jan 2022 14:19:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B0F7 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 07 Jan 2022 14:13:14 GMT
expires: Sat, 07 Jan 2023 14:13:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 630F 783 B
535 B 40ms
16ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9483f65238dbd7e45522471a933c11404aa49fd39c040498d1ca20e73520b7a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AUMVQoQ3XsnFihq9r6+LPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 07 Jan 2022 14:19:50 GMT
date: Fri, 07 Jan 2022 14:19:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AUMVQoQ3XsnFihq9r6+LPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js Show response
pagead2.googlesyndication.com/bg/ Frame B0F7 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 14:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 14:13:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 630F 0
0 56ms
56ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220104&jk=623628191163419&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C645 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8u0Pb_NOZ2gmc53yo5sKvlhdd2oFMAfyiHNot_kF6jIHbw96ElG4-tbTq9fgv9rMf5-59bGFY1O9foy3-B50Xw5sdp4w4urmrOh4rDhNja00yhQLBfQ&sai=AMfl-YSZwE5QapMsPCXnR8yn_06ooJAL2_knzWEqqgSkEuoqpRHlsmNcEC-MZtA9cjxbIN25a_QxzaOZTWMl&sig=Cg0ArKJSzILCYOvVwr8vEAE&id=lidar2&mcvt=1001&p=0,0,188,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2567948506&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641565188517&rpt=854&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 14:19:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220104&jk=623628191163419&bg=!wMOlw4fNAAbDtiZlw7Y7ACkAdvg8WqqN1wwmcNG1i1fd0_W09mBtRS8WlQ9y-Fj791mNm6aEDF4dtQIAAABaUgAAAAhoAQeZAmnIn1o1YOuNEcoZclHG40mS5axoGPXnawc2DxcA85ZJ8jmwjOVG6UcUhKndBxlat_JL_od6do72xoPdvtt0380EQMvDcMGfxPET8MwsM-ltLjR_NYsOLvJGAGcEd8tg8_xKrl1qVbw3WjvAriDrNZpX_ZqX1uDu2h6SPrVkrh4WfoSmcur1SXkWZ81dqjGFSgqzr5lzYxJjDPg8_JXQrQIbTQ7rtoDt0ZmqjNFocq4nJgUhedBb6al2ev5MjZNaYAMM6elmwVbseq07m2I7Bfs0FFujHIKnPxNtyms6a4kJb91qmvESEKCUBsirElD4ooEpqImKl7kZ5hZTpXjCnrQT6IMStAVFs1uicTc66p04SpILc868JLLuPsp4naroyVO5m83L2-YJ4gLjp9B7dTTVjMmlf7X0FfxjFDBLo0P7mhZLmv_v_ebnH7WeAoO0uc5qmr7oznXch0zx4yvKuvH7QXAdgB1z3va-S5vsrPGNphTiheut1ucRrZwrsIGrrYgm4s-T2UxuTnpilc4IBG-FOeB1D0Hx58LnNk3k34cB8ZE9NTvXmickxRKn47cHjnczSkHCzhfIgjFhA0j5109xrmMlVbf2vd7TkqNCRYBg4x35KD7tyfHQAJwT0yVePzpkbccsEf4qJuqqbMc0Q7s6hFrW9dVGl-p8W9cdR0PW38gYtUekiYLh82B9kT7-UEOF7h-O8tECnVSq-r81vx4kdpXPNGIqN21b6OanLkDR9cSffEGSAjMhG5jQhiWwt563V_uP2GutS1MBTRGM3RMUH6qFd4YwHn32y0O3NSmFFjQfoUglldtq5Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dico.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 14:19:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dico.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 81c6bd7870d27c16385eff9005a3ef23
.google.com/	1970-01-20 04:22:56	Name: NID Value: 511=kBAq1lJjFZY17eKttc6TxgAhHpnby43DiG3s1TrSApmTd5eDXNn8R2nNzsj1jyI-efGy7Kd3QS4rksiidwZWg3cFrbfuyZh72jjmkamIYCVgBIkuN-aNvJ4SkAt9pkmqYuc2zhdOTx6iaIppIbPJva_uyEpPtjx-dGvedPMCaxk
.dico.me/	1970-01-20 17:30:37	Name: _ga_CTGQS5PKTR Value: GS1.1.1641565188.1.0.1641565188.0
.dico.me/	1970-01-20 17:30:37	Name: _ga Value: GA1.1.1299102262.1641565188
.dico.me/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
.dico.me/	1970-01-20 09:21:01	Name: __gads Value: ID=900bc574f1a902eb-226c396118cd003b:T=1641565188:RT=1641565188:S=ALNI_MZHTqlEzQUsHQLQx7X4ZtO9dURz1A
.doubleclick.net/	1970-01-20 09:21:01	Name: IDE Value: AHWqTUmaOKuqoTNOY1-j_NsXAxwHDRgePXILxxAiXcCCZsSdgWYG8n-dBd7F8XMbgsY
.doubleclick.net/	1970-01-19 23:59:28	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
developers.kakao.com
dico.me
file.dico.me
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
opengraph.githubassets.com
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.gstatic.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.vultr.com
142.250.184.194
158.247.215.120
185.199.109.154
211.249.221.246
2606:4700::6811:8cba
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:4001:831::200d
1124850bcd0084497877339e79ff3e2a784eda45458bcc9ff5cea2aff6d8e2c1
144ab6e93703c6f56a738f57728ba43eba620d05779d83f40755d994bd6f1479
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1de28b54123eef87e0e9653132526015af33eb4015b6b5b5af12540bf835c3a4
2226f6e29465a328a62d30b7e090d331efb3319333d36d40d2efc834666c3cbb
24b123a0dc45723581f53fc599fd9698415fb3065ee00c2704a1ac569424f63d
250c6924205b190875c53ac87901ea333ff0b0091982d8d835f66b160d20ea4e
348b1ba2d7a7272bbbb184ce8089ce2696d1b7408709286e7911caeee75de7d3
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
4bc70dcfd48f7c7b85493a286214618bfa7e4cb7e677b81b6f27a06c8795d4c7
502d34d6009ba3a3e9cf35c5237dc3c2b4fe9e620c0bd15c243647755468e0ee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e117d69a89bb39881a44db25768724673c711d475b3f11c72fc9b88b19d504
5b653e8e06bd633e21b6fe1e0f114d9a21dd04a13875d6b6b741f664d1718893
5dbb0fc0e83b745af632ba1d0f81fc1450282d11055fef8f1c31e9d99db65bfc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
7eb5597c45a056d79991349df8e4f8972a90c7b77f81686da6df25cb259340f3
8a6ef816adce5fb9392bdb3c1f8bffc178c2dec3207f55b68fb1f806a4a35446
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8f02ec58fcea2debe6347fb5bbee575477f45f431eb0b92d06b8e3770f32167c
9483f65238dbd7e45522471a933c11404aa49fd39c040498d1ca20e73520b7a3
9f90b1d6f886480f7a961aa071ac28fc98a8a7347812f0acd5b2d3c7a51215b8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa202ff487776f04499b8fe67978276ab62132c8185b6c272aa008012101ae39
ad66982d5e6c73df542a09d6f939bd3c8649b818f4935aa5a4f6f8e0ebb00d30
ae9ae3651f1463dc589d88a6dff5358339b150453094ee013f3c374b1e9ccbd3
b59c9d0efa1bbd29229270129ef0c6eb81d22034dd9c3704bc70a598acbf16fd
be6e83ef241f060e8fca55002f6994af05bf2360ebc74c9b6165721ffea6bfc9
bf4e7ce8d3ef72d0c1df0b845ff9e3f7cfaa38c44de222afb3a31c6a2060075d
bf6105ca92b96f9c6f5190cf240885db8814bf61cfec915ae62d13aa40f7c594
c3256fc93b0a4a0cdb6aa3c4c39e79a35e62aad50f51afbd26186d14bb3cca34
c926b0dc7e8c0c292b3b40735bcf3ed4fba216d6961cb2c5804b0478a4554080
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
e06a55730ccc0e6fba8ed07c6273006d3df95005ce37b88a0cf25145e384a530
e308b920200e70975a47529366c166d3fa167655d345779e7fa1b8d3c8e737ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e5613bec143fa6cdd0858efa2a42174d73d0bfa8b986cc23b8f9c5760b2ea
f2560dbe86545c5d649137ef945a015e6f5221c7dea9d21cf6f105c67bd44f67
f4bdb23dc16a42db3e43af36545c260e8b9fb2a0ab4d5c5630922d8a929d1475
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615

dico.me Open in urlscan Pro 158.247.215.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

78 %IPv6

14 Domains

20 Subdomains

19 IPs

3 Countries

2085 kBTransfer

2975 kBSize

8 Cookies

5 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dico.me Open in urlscan Pro
158.247.215.120 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

78 %
IPv6

14
Domains

20
Subdomains

19
IPs

3
Countries

2085 kB
Transfer

2975 kB
Size

8
Cookies

51 HTTP transactions
1 data transactions