workcompcentral.blogspot.com Open in urlscan Pro
2a00:1450:4001:813::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://workcompcentral.blogspot.com/
Submission: On April 21 via api (April 21st 2023, 4:11:03 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 13 domains to perform 57 HTTP transactions. The main IP is 2a00:1450:4001:813::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is workcompcentral.blogspot.com.

This is the only time workcompcentral.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2009	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2009	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
57	22

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

workcompcentral.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 763 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9652 csm.eu.criteo.net — Cisco Umbrella Rank: 6433	124 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	212 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	85 KB
5	blogspot.com workcompcentral.blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 15086 2.bp.blogspot.com — Cisco Umbrella Rank: 15895	585 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	15 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12727 ads.eu.criteo.com — Cisco Umbrella Rank: 6413 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 7993	51 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	1 KB
2	blogger.com www.blogger.com — Cisco Umbrella Rank: 7869	59 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	49 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5261	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	602 B
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 17739	46 KB
57	13

	Domain	Requested by
10	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
7	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	pagead2.googlesyndication.com	workcompcentral.blogspot.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.gstatic.com	workcompcentral.blogspot.com
3	www.gstatic.com	workcompcentral.blogspot.com
3	workcompcentral.blogspot.com	workcompcentral.blogspot.com
2	www.blogger.com	workcompcentral.blogspot.com
1	www.google.com	tpc.googlesyndication.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	resources.blogblog.com	workcompcentral.blogspot.com
1	2.bp.blogspot.com	workcompcentral.blogspot.com
1	4.bp.blogspot.com	workcompcentral.blogspot.com
57	22

This site contains links to these domains. Also see Links.

Domain
draft.blogger.com
www.workcompcentral.com
www.blogger.com

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://workcompcentral.blogspot.com/
Frame ID: 9DC55D8EB6765DB12A0792BCFEBC2CF2
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 8B24CC6AF1065321DAF094B8D41EEE9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4430198383785546&output=html&h=280&adk=585520014&adf=192311129&w=451&fwrn=4&fwrnh=100&lmt=1681988339&rafmt=1&format=451x280&url=http%3A%2F%2Fworkcompcentral.blogspot.com%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1682093456674&bpp=5&bdt=184&idt=303&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&correlator=2307179741973&frm=20&pv=2&ga_vid=1752421188.1682093457&ga_sid=1682093457&ga_hid=648921555&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=481&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010%2C44789762&oid=2&pvsid=3449059705970742&tmod=1917612011&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoEbr%7C&abl=CA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=tmgxQobsb3&p=http%3A//workcompcentral.blogspot.com&dtd=327
Frame ID: D6D0E8AC8CAAB2B961E0A875F31A9B17
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4430198383785546&output=html&adk=1812271804&adf=3025194257&lmt=1681988339&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fworkcompcentral.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&dt=1682093456711&bpp=2&bdt=221&idt=294&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=451x280&nras=1&correlator=2307179741973&frm=20&pv=1&ga_vid=1752421188.1682093457&ga_sid=1682093457&ga_hid=648921555&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010%2C44789762&oid=2&pvsid=3449059705970742&tmod=1917612011&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=313
Frame ID: B93020B0962314886910D19D6FBF6507
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEK1kQAA2qEH_ZPbAA6DoofvKhni0dAEfTxsvQ&u=%7CuFknKbJgAd1%2F1kqpXJS%2B9SJDyG3Qr40y5xUfWGkIvPg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8RH4AZeK9M7BVHlRS2chxEtoZwYmNkfS9Vfk_cEqH97wiBAIfPsoIMRpF-Cb0g2FxmOLY0xZGMjKdL4SS1S4iC4aU9keuF0ohHqGizKW3Witgf_0cRgmNDzYdbLKgyeMIceHBtdTaVIggnvDfR91g59It9by1OZZ_WWvGCH0PI28ZFNkc4QoFtgtdfEUt4DmQ9PwDbu2PfpzBz-V7hkB16LYnyMIy2B0dvVwOkXde5FfeIt5vviqXRzOSpxsQue07TAE1sS3CzTBYjzZb0bgRT3xwYmr0ZzuweJwoBgocD1cd45IrcRKaH9jRpaQd90pX3Wnw4rBLMQNuGR9y04ic5agIZR_yJyqRiHIb-f8zs_lqpjffibaCOjLdld-F-e8bLAHeIykZsrI-z1i8evYi9UtSEyHJQM2zJsFJeBj8iOMGG4SWEx2pkcd3RIRrjLe07VTLe_4IBTABAlMdfRobF9dpYKHMvN9Mcp9NOkP9B6rIFkDETf0raO_5w0dgkk4zV0_lvcrw7bcfi-goqHxZO79X8job7A1Yx58mEsp2PDHHMpS_tu5YFr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM1w6kbVCZKG1A9un9u8Pooe62ArJntKxXNX24taTAcCNtwEQASAAYNUFggEXY2EtcHViLTQ0MzAxOTgzODM3ODU1NDbIAQmpAizNCsMiZbI-qAMBqgSJAk_QsEFXqD61LyYpY8AI5C__gA9RWyvxTV_2Go6vWB796roeMqdN5Api4JcBFP0hlYFki1HqzGUglsVMzQg6HxDZw05L04gQEZtcYNLfjOrtmSsQ9V2In_aToD9ApeBPuOyG2P3ewcvyPJH33E92lXyyUrPDO5AotZ2vSYyrY5do1ug0R6PqSu6oOWYgZnSI7P6ST7kUms3gPhfRlPqRUf3dJ9bldNDm3Ip8i6NIXugcjA-IKkxt64QhSBMERSiAB1dzsHXkxhkUe6yQ-u1R-98T53QsXevpekrPxssr0lbLQJQRa3a1M7obc8Xvsf8lyNjmJ1wWFJb-6BegICoPm7gPOtrdk2Of_3WABqfkw_Kp5LbJYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rQK_jTxg-ytPd_2_15-eW4xZknw%26client%3Dca-pub-4430198383785546%26adurl%3D
Frame ID: BDD2E69D7B12DEFCEE3FED8E12167405
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9FB3A20A8E9D1F1589314D6C29BAEDF4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C36C9BD525DA9C2A05C07563800C0D4C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WCC's Work Comp World

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

57
Requests

84 %
HTTPS

95 %
IPv6

13
Domains

22
Subdomains

22
IPs

3
Countries

1234 kB
Transfer

2186 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://draft.blogger.com/
Title: Powered by Blogger

Search URL Search Domain Scan URL

URL: http://www.workcompcentral.com/
Title: WorkCompCentral

Search URL Search Domain Scan URL

URL: https://draft.blogger.com/profile/12320574522843438153

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/report-abuse
Title: Report Abuse

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
workcompcentral.blogspot.com/ 136 KB
22 KB 1038ms
786ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://workcompcentral.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad5551b10c9f0b908dcd1879f41003b486307bc6ef46f055402a144d00fec1cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 22207
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Apr 2023 16:10:56 GMT
ETag: W/"78647cad81856c7544f735b12a085c2b568388111620aeaa65f6f1e76c04c60d"
Expires: Fri, 21 Apr 2023 16:10:56 GMT
Last-Modified: Thu, 20 Apr 2023 10:58:59 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
50 KB 102ms
75ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0a4e37edde2ecc6704d5e72ca76207d7fc2251b196882987c2705ebe03cfb1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 16:10:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50674
X-XSS-Protection: 0
Server: cafe
ETag: 13673567213883533832
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 21 Apr 2023 16:10:56 GMT

GET
H2 200 imagesloaded-3.1.8.min.js Show response
www.gstatic.com/external_hosted/imagesloaded/ 7 KB
2 KB 100ms
31ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/imagesloaded/imagesloaded-3.1.8.min.js

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c0ddd5f84226a630de4cfacb523cc1a0821f50434466a8898d0ef6aecad3dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2088
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Apr 2023 16:10:56 GMT

GET
H2 200 masonry.pkgd.min.js Show response
www.gstatic.com/external_hosted/vanillamasonry-v3_1_5/ 25 KB
8 KB 97ms
28ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/vanillamasonry-v3_1_5/masonry.pkgd.min.js

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6942bbecde948a8e032fc1204e9fc6a8d6508a2c095785d3f68e2726dc2f1d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7630
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Apr 2023 16:10:56 GMT

GET
H2 200 clipboard.min.js Show response
www.gstatic.com/external_hosted/clipboardjs/ 12 KB
4 KB 87ms
18ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3475
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Apr 2023 16:10:56 GMT

GET
H/1.1 200
OK sprite_v1_6.css.svg
workcompcentral.blogspot.com/responsive/ 7 KB
3 KB 45ms
22ms Other
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://workcompcentral.blogspot.com/responsive/sprite_v1_6.css.svg

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 16:10:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Apr 2023 14:52:21 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: image/svg+xml
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2244
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Fri, 28 Apr 2023 16:10:56 GMT

GET
H/1.1 200
OK testheader3.png
4.bp.blogspot.com/-GN8JuYbeMfw/WWUFBHOYZ-I/AAAAAAAAAJ4/1ECcWyqOS9owuKVLdTg8TyGVGILYyzICgCK4BGAYYCw/w1680/ 556 KB
556 KB 927ms
905ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-GN8JuYbeMfw/WWUFBHOYZ-I/AAAAAAAAAJ4/1ECcWyqOS9owuKVLdTg8TyGVGILYyzICgCK4BGAYYCw/w1680/testheader3.png

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e7e5ab4177d6cd0d9c6cf0bfd472f3f9a122af10416cd23111f5298445f6979d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 16:10:57 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "va6"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="testheader3.png"
Timing-Allow-Origin: *
Content-Length: 569349
X-XSS-Protection: 0
Expires: Sat, 22 Apr 2023 16:10:57 GMT

GET
H/1.1 200
OK SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
fonts.gstatic.com/s/ebgaramond/v26/ 20 KB
21 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ebgaramond/v26/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

142d7e873b9d8d550b53e6e55bac7a11ed1f2c0aa5e2d49966cde5ce3c00faec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://workcompcentral.blogspot.com/
Origin: http://workcompcentral.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 20:42:09 GMT
X-Content-Type-Options: nosniff
Age: 156527
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 20512
X-XSS-Protection: 0
Last-Modified: Mon, 11 Jul 2022 19:16:42 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 18 Apr 2024 20:42:09 GMT

GET
H/1.1 200
OK JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://workcompcentral.blogspot.com/
Origin: http://workcompcentral.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 00:07:06 GMT
X-Content-Type-Options: nosniff
Age: 144230
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 30928
X-XSS-Protection: 0
Last-Modified: Mon, 11 Jul 2022 18:57:39 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 19 Apr 2024 00:07:06 GMT

GET
H/1.1 200
OK 0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v32/ 19 KB
20 KB 36ms
15ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ff7d3790060dcf14289ea0e50e7df1f00893e53e882ff3101e078b2f948589f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://workcompcentral.blogspot.com/
Origin: http://workcompcentral.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 02:05:31 GMT
X-Content-Type-Options: nosniff
Age: 50725
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 19300
X-XSS-Protection: 0
Last-Modified: Tue, 21 Feb 2023 21:45:57 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 20 Apr 2024 02:05:31 GMT

GET
H/1.1 200
OK Untitled-1.png
2.bp.blogspot.com/-bB-yO5_7ikA/WWUBrlh8GTI/AAAAAAAAAJI/Yl6bY2EOgxgzuyvH7FmfYwIZWV61NhbXQCK4BGAYYCw/s120-pf/ 1 KB
1 KB 337ms
315ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-bB-yO5_7ikA/WWUBrlh8GTI/AAAAAAAAAJI/Yl6bY2EOgxgzuyvH7FmfYwIZWV61NhbXQCK4BGAYYCw/s120-pf/Untitled-1.png

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

76418ec633133efeb7bba8da52f4c90b51de2232682a5902912da1c9a80476f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 16:10:56 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "va6"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Untitled-1.png"
Timing-Allow-Origin: *
Content-Length: 1078
X-XSS-Protection: 0
Expires: Sat, 22 Apr 2023 16:10:56 GMT

GET
H2 200 3147507343-fancy_compiled.js Show response
resources.blogblog.com/blogblog/data/res/ 134 KB
46 KB 114ms
15ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.blogblog.com/blogblog/data/res/3147507343-fancy_compiled.js

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58e6a23aebbf63e48822df286d55cb5923aa8aa8798c4ca48b5259d54b09aaec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47015
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 01:58:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 26 Apr 2023 02:36:35 GMT

GET
H/1.1 200
OK cookienotice.js Show response
workcompcentral.blogspot.com/js/ 6 KB
3 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://workcompcentral.blogspot.com/js/cookienotice.js

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 16:10:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Apr 2023 14:52:21 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Fri, 28 Apr 2023 16:10:56 GMT

GET
H2 200 1402304232-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 99ms
18ms Script
text/javascript 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1402304232-widgets.js

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cba483e3a3f212d6738b572d07a84bb3e1d8e9c5f917b321f694b5ff4642a271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56936
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 09:58:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 20 Apr 2024 02:07:39 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/ 345 KB
116 KB 140ms
75ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4430198383785546&plah=workcompcentral.blogspot.com&bust=31074010

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90553a80e1de7164bcaf2a6489dfaae17f8b43522ae6e294ca1e85cdbd987ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118230
x-xss-protection: 0
server: cafe
etag: 8428171565952414242
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 16:10:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 8B24 10 KB
5 KB 65ms
22ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://workcompcentral.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 14:08:38 GMT
etag: 2378337311435320485
expires: Fri, 05 May 2023 14:08:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 blogger_logo_round_35.png
www.blogger.com/img/ 2 KB
3 KB 15ms
13ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/blogger_logo_round_35.png

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:03:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Apr 2023 22:52:30 GMT
server: sffe
age: 133619
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2531
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 27 Apr 2023 03:03:57 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
602 B 75ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=workcompcentral.blogspot.com&callback=_gfp_s_&client=ca-pub-4430198383785546

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4430198383785546&plah=workcompcentral.blogspot.com&bust=31074010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3653607d79a567716544837951b5aa8260652c54f84021ecddcbf61eccff9706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 74ms
24ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=workcompcentral.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 75ms
25ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=workcompcentral.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D6D0 23 KB
10 KB 186ms
184ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4430198383785546&output=html&h=280&adk=585520014&adf=192311129&w=451&fwrn=4&fwrnh=100&lmt=1681988339&rafmt=1&format=451x280&url=http%3A%2F%2Fworkcompcentral.blogspot.com%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1682093456674&bpp=5&bdt=184&idt=303&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&correlator=2307179741973&frm=20&pv=2&ga_vid=1752421188.1682093457&ga_sid=1682093457&ga_hid=648921555&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=481&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010%2C44789762&oid=2&pvsid=3449059705970742&tmod=1917612011&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoEbr%7C&abl=CA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=tmgxQobsb3&p=http%3A//workcompcentral.blogspot.com&dtd=327

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f78e9989e7fe114e2f9c016b3358c329edd01107a2236a9392ece7c897f699d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://workcompcentral.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10237
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 16:10:57 GMT
expires: Fri, 21 Apr 2023 16:10:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 56ms
55ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: workcompcentral.blogspot.com
URL: http://workcompcentral.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 16:10:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B930 0
171 B 28ms
26ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4430198383785546&output=html&adk=1812271804&adf=3025194257&lmt=1681988339&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fworkcompcentral.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&dt=1682093456711&bpp=2&bdt=221&idt=294&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=451x280&nras=1&correlator=2307179741973&frm=20&pv=1&ga_vid=1752421188.1682093457&ga_sid=1682093457&ga_hid=648921555&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010%2C44789762&oid=2&pvsid=3449059705970742&tmod=1917612011&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=313

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://workcompcentral.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 16:10:57 GMT
expires: Fri, 21 Apr 2023 16:10:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D6D0 3 KB
1 KB 72ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4430198383785546&output=html&h=280&adk=585520014&adf=192311129&w=451&fwrn=4&fwrnh=100&lmt=1681988339&rafmt=1&format=451x280&url=http%3A%2F%2Fworkcompcentral.blogspot.com%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1682093456674&bpp=5&bdt=184&idt=303&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&correlator=2307179741973&frm=20&pv=2&ga_vid=1752421188.1682093457&ga_sid=1682093457&ga_hid=648921555&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=481&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010%2C44789762&oid=2&pvsid=3449059705970742&tmod=1917612011&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoEbr%7C&abl=CA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=tmgxQobsb3&p=http%3A//workcompcentral.blogspot.com&dtd=327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 14:20:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 14:20:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D6D0 19 KB
8 KB 70ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 06:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6D0 159 KB
49 KB 83ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 16:10:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D6D0 0
0 66ms
65ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwgjzkbVCZKG1A9un9u8Pooe62ArJntKxXNX24taTAcCNtwEQASAAYNUFggEXY2EtcHViLTQ0MzAxOTgzODM3ODU1NDbIAQmpAizNCsMiZbI-qAMBqgSGAk_QsEFXqD61LyYpY8AI5C__gA9RWyvxTV_2Go6vWB796roeMqdN5Api4JcBFP0hlYFki1HqzGUglsVMzQg6HxDZw05L04gQEZtcYNLfjOrtmSsQ9V2In_aToD9ApeBPuOyG2P3ewcvyPJH33E92lXyyUrPDO5AotZ2vSYyrY5do1ug0R6PqSu6oOWYgZnSI7P6ST7kUms3gPhfRlPqRUf3dJ9bldNDm3Ip8i6NIXugcjA-IKkxt64QhSBMERSiAB1dzsHXkxhkUe6yQ-u1R-98T53QsXevpekrPxssr0lbLApYw-fE6r6mk79FMYcKDMNHyLeocOo58XN-dhtiwhZQXv3BZgNyABqfkw_Kp5LbJYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDQzMDE5ODM4Mzc4NTU0NhgA&sigh=mFrGSbkI4x4&uach_m=[UACH]&cid=CAQSGwBygQiDlqRGzRzDxycFe2og1VKO1zak_r5tkBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4430198383785546&output=html&h=280&adk=585520014&adf=192311129&w=451&fwrn=4&fwrnh=100&lmt=1681988339&rafmt=1&format=451x280&url=http%3A%2F%2Fworkcompcentral.blogspot.com%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1682093456674&bpp=5&bdt=184&idt=303&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&correlator=2307179741973&frm=20&pv=2&ga_vid=1752421188.1682093457&ga_sid=1682093457&ga_hid=648921555&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=481&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010%2C44789762&oid=2&pvsid=3449059705970742&tmod=1917612011&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoEbr%7C&abl=CA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=tmgxQobsb3&p=http%3A//workcompcentral.blogspot.com&dtd=327
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 16:10:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 16:10:57 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame D6D0 0
0 49ms
15ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kK3ECMz6RMMDmAKdg2ICAgAAACGVyhGflwEcEJC1QmRHR5GsL1Ou2PXoAAASAAAKCkFRVURBUUVCQVE&wp=ZEK1kQAA2qEH_ZPbAA6DoofvKhni0dAEfTxsvQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:56 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 166031
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame BDD2 156 KB
51 KB 119ms
82ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEK1kQAA2qEH_ZPbAA6DoofvKhni0dAEfTxsvQ&u=%7CuFknKbJgAd1%2F1kqpXJS%2B9SJDyG3Qr40y5xUfWGkIvPg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8RH4AZeK9M7BVHlRS2chxEtoZwYmNkfS9Vfk_cEqH97wiBAIfPsoIMRpF-Cb0g2FxmOLY0xZGMjKdL4SS1S4iC4aU9keuF0ohHqGizKW3Witgf_0cRgmNDzYdbLKgyeMIceHBtdTaVIggnvDfR91g59It9by1OZZ_WWvGCH0PI28ZFNkc4QoFtgtdfEUt4DmQ9PwDbu2PfpzBz-V7hkB16LYnyMIy2B0dvVwOkXde5FfeIt5vviqXRzOSpxsQue07TAE1sS3CzTBYjzZb0bgRT3xwYmr0ZzuweJwoBgocD1cd45IrcRKaH9jRpaQd90pX3Wnw4rBLMQNuGR9y04ic5agIZR_yJyqRiHIb-f8zs_lqpjffibaCOjLdld-F-e8bLAHeIykZsrI-z1i8evYi9UtSEyHJQM2zJsFJeBj8iOMGG4SWEx2pkcd3RIRrjLe07VTLe_4IBTABAlMdfRobF9dpYKHMvN9Mcp9NOkP9B6rIFkDETf0raO_5w0dgkk4zV0_lvcrw7bcfi-goqHxZO79X8job7A1Yx58mEsp2PDHHMpS_tu5YFr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM1w6kbVCZKG1A9un9u8Pooe62ArJntKxXNX24taTAcCNtwEQASAAYNUFggEXY2EtcHViLTQ0MzAxOTgzODM3ODU1NDbIAQmpAizNCsMiZbI-qAMBqgSJAk_QsEFXqD61LyYpY8AI5C__gA9RWyvxTV_2Go6vWB796roeMqdN5Api4JcBFP0hlYFki1HqzGUglsVMzQg6HxDZw05L04gQEZtcYNLfjOrtmSsQ9V2In_aToD9ApeBPuOyG2P3ewcvyPJH33E92lXyyUrPDO5AotZ2vSYyrY5do1ug0R6PqSu6oOWYgZnSI7P6ST7kUms3gPhfRlPqRUf3dJ9bldNDm3Ip8i6NIXugcjA-IKkxt64QhSBMERSiAB1dzsHXkxhkUe6yQ-u1R-98T53QsXevpekrPxssr0lbLQJQRa3a1M7obc8Xvsf8lyNjmJ1wWFJb-6BegICoPm7gPOtrdk2Of_3WABqfkw_Kp5LbJYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rQK_jTxg-ytPd_2_15-eW4xZknw%26client%3Dca-pub-4430198383785546%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6010ff99f66f1e3ac6fb8ccfa0238597e9e3412d22da524644d1e5da7d9df855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 16:10:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=bxKMVE20RaP9Muxm54XjIQ1qi0Q1YSjFSsgw0ktRSX833ZVvtaRehnbA5iO712Qrj7w48N40UVsTeKzVouy0v1NUa0MKKvlT9eZnr81W3Ceys6KweK_B-iw89-aD0s2mZF152YQLWfHquvcJgxvVmW_vYz519Et-gRJE1VAHGoCFsL3ap0am4-Wee5iKqOtD1X9Ad7PL-6Z6rtWfwwiuAcQVyL6_zNVy0PTkgzS12WbRPLCZ0T_WPvOv8SuTrbSDf8oP_g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 64677373
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame D6D0 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f03713b01a7a147349bc350f3046f8cc2301e96c434a7eba109fefc99c2b89b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BDD2 2 KB
1 KB 49ms
18ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEK1kQAA2qEH_ZPbAA6DoofvKhni0dAEfTxsvQ&u=%7CuFknKbJgAd1%2F1kqpXJS%2B9SJDyG3Qr40y5xUfWGkIvPg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8RH4AZeK9M7BVHlRS2chxEtoZwYmNkfS9Vfk_cEqH97wiBAIfPsoIMRpF-Cb0g2FxmOLY0xZGMjKdL4SS1S4iC4aU9keuF0ohHqGizKW3Witgf_0cRgmNDzYdbLKgyeMIceHBtdTaVIggnvDfR91g59It9by1OZZ_WWvGCH0PI28ZFNkc4QoFtgtdfEUt4DmQ9PwDbu2PfpzBz-V7hkB16LYnyMIy2B0dvVwOkXde5FfeIt5vviqXRzOSpxsQue07TAE1sS3CzTBYjzZb0bgRT3xwYmr0ZzuweJwoBgocD1cd45IrcRKaH9jRpaQd90pX3Wnw4rBLMQNuGR9y04ic5agIZR_yJyqRiHIb-f8zs_lqpjffibaCOjLdld-F-e8bLAHeIykZsrI-z1i8evYi9UtSEyHJQM2zJsFJeBj8iOMGG4SWEx2pkcd3RIRrjLe07VTLe_4IBTABAlMdfRobF9dpYKHMvN9Mcp9NOkP9B6rIFkDETf0raO_5w0dgkk4zV0_lvcrw7bcfi-goqHxZO79X8job7A1Yx58mEsp2PDHHMpS_tu5YFr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM1w6kbVCZKG1A9un9u8Pooe62ArJntKxXNX24taTAcCNtwEQASAAYNUFggEXY2EtcHViLTQ0MzAxOTgzODM3ODU1NDbIAQmpAizNCsMiZbI-qAMBqgSJAk_QsEFXqD61LyYpY8AI5C__gA9RWyvxTV_2Go6vWB796roeMqdN5Api4JcBFP0hlYFki1HqzGUglsVMzQg6HxDZw05L04gQEZtcYNLfjOrtmSsQ9V2In_aToD9ApeBPuOyG2P3ewcvyPJH33E92lXyyUrPDO5AotZ2vSYyrY5do1ug0R6PqSu6oOWYgZnSI7P6ST7kUms3gPhfRlPqRUf3dJ9bldNDm3Ip8i6NIXugcjA-IKkxt64QhSBMERSiAB1dzsHXkxhkUe6yQ-u1R-98T53QsXevpekrPxssr0lbLQJQRa3a1M7obc8Xvsf8lyNjmJ1wWFJb-6BegICoPm7gPOtrdk2Of_3WABqfkw_Kp5LbJYqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3rQK_jTxg-ytPd_2_15-eW4xZknw%26client%3Dca-pub-4430198383785546%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Apr 2024 16:10:57 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame BDD2 2 KB
1 KB 45ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Apr 2024 16:10:57 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BDD2 308 B
637 B 43ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 15 Apr 2024 16:10:57 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BDD2 293 B
621 B 44ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 15 Apr 2024 16:10:57 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame BDD2 43 B
348 B 60ms
20ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Iw5HzSH8p5ggP-M40HQtTOhcm69RJ7A_cbLmejU3ybTX3vMzWyamxSaTAGNmV_GsORw5gx9BgFILsh_t54bxbvIR_kn7QTCUU6hQANc4qgy-rdNZMH7adX3rFBtLUZJFFzE_ZPmfdeyugv3XkMoi_4d_U60PNZu1Rah-HVvKKVvoBOW_MdTVNyKVb9zTx2TSbEK7YLLdJKJ4mBniDT7vz6mP1u-ZRg36jdMcmoZAACh-dxvc321DNpREhT0GQGlZzimMLwXyvfd12pSqymrgAn0RnMP2ZeM2yIyjFxrOPI3_wTnfqhKSlWHSdrP68sa5PQgytWa6JZSfQzfLaIutmVEEm3wZiKUVSX5LL_2cgje9rTtP-VM1NiV1h1IMNF_awQH-jGK17-O-cQMFrSEbWvpdl0KFw4KZ2JiFB46PVTcAGhgo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 16:10:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1919832
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BDD2 12 KB
5 KB 55ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 42767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62F6GQOz8bkSyvgIbAJ5gTkW69%2BTfwAdnlokZ%2FJZ%2Bpk26h18rtcgpkFv9bjZ9wiGFug3a2gIpxmPpHjPu4NsGjNbM2AfY7fMAWydaJ6SELpj8B5HYpvK%2FNFMCLuIUyUhHezxfL0cE8QlglTNBGl6Xb8g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bb6e66cbe5fb8c0-AMS
expires: Wed, 10 Apr 2024 16:10:57 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BDD2 12 KB
6 KB 40ms
19ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Apr 2024 16:10:57 GMT

GET
H2 200 87c32c6c727d4e84a9edbf2d82fc5b4c_montserrat-medium.woff
static.criteo.net/design/dt/ Frame BDD2 54 KB
54 KB 56ms
29ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/87c32c6c727d4e84a9edbf2d82fc5b4c_montserrat-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

293c0759f28a7c7c87ee2551994bb3f956ce544da2ba978a49cffdec05403dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 01 Mar 2019 11:22:02 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c7915da-d614"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Apr 2024 16:10:57 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BDD2 4 KB
5 KB 76ms
37ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=6320&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F6320%2F220104%2F3af8020fd32a47039c4e083fbae03470_imp_logo_1000x1000px.png&v=3&w=196&s=XTsk8MhaWYnJzCWR2Vd3PkFM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

286ac88d3b220f24d066d9825737244016ed5b696c98c3b196037daebe584115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 4449
expires: Sat, 30 Mar 2024 13:11:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BDD2 7 KB
7 KB 70ms
31ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F859c06cc7ba0533ce1c97b710af14d9b%2Fimpre-bettwaesche-0001796916.jpg&v=3&w=400&s=vn1kprBsCpigeUDU0MYZQu93&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

86690992bf63df1916a4dec6e545bac7537e51ffd43a2a8755e2744742d43b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 7424
expires: Sat, 09 Mar 2024 09:20:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BDD2 4 KB
4 KB 54ms
16ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F3a756cfe4b2b2e8fbdbbee2c15fb36e6%2Fimpre-haenger-set-6-tlg-eier-0001506347.jpg&v=3&w=400&s=PhLlH6k3e7-lVK_ifnToCOH_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6b35de3b0c2eed898fe133d7f8aae9d3d45806137d9f439abd198e31ca10b32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3586
expires: Sun, 10 Mar 2024 07:40:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BDD2 3 KB
3 KB 70ms
32ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F3c459f581e954a23ec4928f846dac4aa%2Fcoster-copenhagen-hose-0001525581.jpg&v=3&w=400&s=DKh_UrhUiV5tnsappOMTh6MH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9a7957d4cd5357ac4d512c3b8ee913ebe557002540b9dee991a430dcfda97747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2678
expires: Tue, 12 Mar 2024 07:05:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BDD2 6 KB
6 KB 76ms
38ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F14346f6a15bf93dad5ef5ca129367c51bbd453b4%2Fimpre-kraeuterschnecke-0001808366.jpg&v=3&w=400&s=P_NzxiyUWQiFtOer7HXCO2_Q&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32ccf00af73b4f43302209cdc866a98627dd97f1fd5d2759838b3ed2cac28668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 5998
expires: Thu, 14 Mar 2024 18:30:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BDD2 6 KB
6 KB 76ms
38ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F245d81a6b0dc92ad384fc1cc40e1881b281372bd%2Fjc-sophie-kleid-0001842035.jpg&v=3&w=400&s=GfguAxSwjNCKVJ_42y2rb-xw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d663ce07f86f60aee03c40cff4ffada895386f468a716d9f8004136567dca39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6376
expires: Mon, 01 Apr 2024 14:20:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BDD2 6 KB
6 KB 37ms
36ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F30b187de8c57f67e246960811a951e508eabae2b%2Fsportalm-strickjacke-0001828365.jpg&v=3&w=400&s=AGQyNG03ldBgVkLnKmv2GWDf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3487c8cdc2b2641f6b8650df497245aa5705ae9dabe04060da6154199560d2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6388
expires: Sun, 14 Apr 2024 13:54:12 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BDD2 0
128 B 61ms
18ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=bxKMVE20RaP9Muxm54XjIQ1qi0Q1YSjFSsgw0ktRSX833ZVvtaRehnbA5iO712Qrj7w48N40UVsTeKzVouy0v1NUa0MKKvlT9eZnr81W3Ceys6KweK_B-iw89-aD0s2mZF152YQLWfHquvcJgxvVmW_vYz519Et-gRJE1VAHGoCFsL3ap0am4-Wee5iKqOtD1X9Ad7PL-6Z6rtWfwwiuAcQVyL6_zNVy0PTkgzS12WbRPLCZ0T_WPvOv8SuTrbSDf8oP_g&sds=2&rev=85950&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 16:10:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BDD2 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Apr 2024 16:10:57 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BDD2 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Apr 2024 16:10:57 GMT

GET
H2 200 playfairdisplay-400.css
static.criteo.net/design/googlefont/playfairdisplay/ Frame BDD2 1 KB
760 B 13ms
13ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

96ea11f0396cec62f5c20e6a49b719359e3030150c73ef12c15531b8e9bebd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c7-57c"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Apr 2024 16:10:57 GMT

GET
H2 200 playfairdisplay-400-latin.woff2
static.criteo.net/design/googlefont/playfairdisplay/ Frame BDD2 19 KB
20 KB 17ms
17ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2b3fcab0b897a5fdf81ea0a1b01d80802e01544c22fb738fe6365688b9233579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:22 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c6-4d94"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 Apr 2024 16:10:57 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 93ms
62ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230418&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21910a76adba14be1fb96bdcb6854b3140f4c19d086a1283e70acc47717ee724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11135
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 16:10:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9FB3 13 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://workcompcentral.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 14:20:50 GMT
expires: Sat, 20 Apr 2024 14:20:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C36C 783 B
1 KB 104ms
64ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2c0b2df35b5ca2881826e8d7a1f37c9619c0b2718038d2af8f500948d006282

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qgjsPTowFAno7ln1fsF09w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://workcompcentral.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-qgjsPTowFAno7ln1fsF09w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 16:10:57 GMT
expires: Fri, 21 Apr 2023 16:10:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FB3 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 13:47:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9FB3 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-dVdmQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:10:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C36C 0
0 47ms
46ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230418&jk=3449059705970742&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230418&jk=3449059705970742&bg=!hYalhtLNAAYfNdXmPzU7ADkAdvg8WvRfyWGy-VlQqIW9Mly8RzNFByZIb3EZ6mcr6YbOxytH12J1YF8xn4UKl4gnH0c4f5f0XDECAAAAZ1IAAAABaAEHmQLuBLhEviXIcQp5QM8zIeSMaYEjIKUSghx9nLNEEuMzxH2iohEjJg5Nyayx8GreDL1U96_Hgx-ucoTK-SZHV-T-laysfThI9_Mm2erZEo3CoowF6dibRcsOubWZkAXMKUgUkG4q0HGRRntJ2B0d3i0WOZ0ejZCCMe-Tlt6bHhnb7BuKtSSr6ZBr0hA8_uYTNti-Opx1uKDw_7uwo0vh6UqpeW7RjHzqVYcBdYuYVmflzhwHoLIAlnbk99iK-2m-Soz9ZslI82S8v2wCNscz6M5je4ifFJ06ihfAdkiNehg-xQnQHFa5GZruoCiz6jTSqkyWak02wshCyGI2bpsFf5D5Ig7sfMXVb-MY-nnaXtGdYaADiXO0KTluAwwbX5VSKUuCW21PoJC-Wk6lokUq-rcsBPZGE1BC2VPIQ8ZV4vwoJ_RKJ54TZl4K8AqjZy-IuJ6vi2y7qZxJ6t9hhjzQV8Pp9T13HjyaefzACejpOWaioAJhjmKbCzHQBM5UilWllrUD-YKKtA0OkL9iwiNpXQxKKxOQA4WTt9t3OzaPyrmNiiThPWJXYMxHA5tDm7a8iKdFWV0YnIYEPhfWILSi7NdXpWXigNN_CBbHB5duP4xuNdM7wKQS4nBsxJnrGTScHwi-VUFybZ3mmbM_3lx4UwQ2ZXSs1fbYX9nqjZUg2gSc4xcdVtW0J8YeJec8lY6-0WDq42nAX4hbvfcGiJrNLww1MhGfLZEUjKDs-KE7zKiTl2nv0TIDl-g0J8tHOd5R8oKAKjAkLmyNUoVFIvCvbeL66JwS89Wd6_vg_wLm07ztHbnl5kYLLTKTM_WGsdluyrA0Xqql_zgLhpF1SqGWe2qp6sKBQKtVAPABChrFV8YyLRCgoaOXd0uWiMakVHf63d7KJ7ltUvp3W1Ocuetj6B_WEXcv3jPwGJHU4PxaWQhysG38UU8gxfDxsX7F7l7uwC2ImdasNVvPmfQztaidZOQKVgA7Fp2_jgxXjPUK4xNI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://workcompcentral.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 20:36:29	Name: IDE Value: AHWqTUmzmI5lQhhTUcEitJ67Y1Ut0Hr-fJc787gI35qatQLa28YXdDYpXYgcK1aHQVA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4430198383785546&output=html&h=280&adk=585520014&adf=192311129&w=451&fwrn=4&fwrnh=100&lmt=1681988339&rafmt=1&format=451x280&url=http%3A%2F%2Fworkcompcentral.blogspot.com%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1682093456674&bpp=5&bdt=184&idt=303&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&correlator=2307179741973&frm=20&pv=2&ga_vid=1752421188.1682093457&ga_sid=1682093457&ga_hid=648921555&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=481&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010%2C44789762&oid=2&pvsid=3449059705970742&tmod=1917612011&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoEbr%7C&abl=CA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=tmgxQobsb3&p=http%3A//workcompcentral.blogspot.com&dtd=327 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
4.bp.blogspot.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
resources.blogblog.com
rtb.nl3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
workcompcentral.blogspot.com
www.blogger.com
www.google.com
www.googletagservices.com
www.gstatic.com
178.250.7.9
2606:4700::6811:180e
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::2009
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:830::2009
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::4
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
142d7e873b9d8d550b53e6e55bac7a11ed1f2c0aa5e2d49966cde5ce3c00faec
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
21910a76adba14be1fb96bdcb6854b3140f4c19d086a1283e70acc47717ee724
286ac88d3b220f24d066d9825737244016ed5b696c98c3b196037daebe584115
293c0759f28a7c7c87ee2551994bb3f956ce544da2ba978a49cffdec05403dbc
2b3fcab0b897a5fdf81ea0a1b01d80802e01544c22fb738fe6365688b9233579
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32ccf00af73b4f43302209cdc866a98627dd97f1fd5d2759838b3ed2cac28668
3487c8cdc2b2641f6b8650df497245aa5705ae9dabe04060da6154199560d2a6
3653607d79a567716544837951b5aa8260652c54f84021ecddcbf61eccff9706
4c0ddd5f84226a630de4cfacb523cc1a0821f50434466a8898d0ef6aecad3dd4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58e6a23aebbf63e48822df286d55cb5923aa8aa8798c4ca48b5259d54b09aaec
6010ff99f66f1e3ac6fb8ccfa0238597e9e3412d22da524644d1e5da7d9df855
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6942bbecde948a8e032fc1204e9fc6a8d6508a2c095785d3f68e2726dc2f1d13
6b35de3b0c2eed898fe133d7f8aae9d3d45806137d9f439abd198e31ca10b32d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
76418ec633133efeb7bba8da52f4c90b51de2232682a5902912da1c9a80476f9
7f03713b01a7a147349bc350f3046f8cc2301e96c434a7eba109fefc99c2b89b
7f78e9989e7fe114e2f9c016b3358c329edd01107a2236a9392ece7c897f699d
7ff7d3790060dcf14289ea0e50e7df1f00893e53e882ff3101e078b2f948589f
86690992bf63df1916a4dec6e545bac7537e51ffd43a2a8755e2744742d43b4b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90553a80e1de7164bcaf2a6489dfaae17f8b43522ae6e294ca1e85cdbd987ea1
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
96ea11f0396cec62f5c20e6a49b719359e3030150c73ef12c15531b8e9bebd4b
9a7957d4cd5357ac4d512c3b8ee913ebe557002540b9dee991a430dcfda97747
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ad5551b10c9f0b908dcd1879f41003b486307bc6ef46f055402a144d00fec1cf
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cba483e3a3f212d6738b572d07a84bb3e1d8e9c5f917b321f694b5ff4642a271
d663ce07f86f60aee03c40cff4ffada895386f468a716d9f8004136567dca39d
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2c0b2df35b5ca2881826e8d7a1f37c9619c0b2718038d2af8f500948d006282
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e5ab4177d6cd0d9c6cf0bfd472f3f9a122af10416cd23111f5298445f6979d
f0a4e37edde2ecc6704d5e72ca76207d7fc2251b196882987c2705ebe03cfb1a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

workcompcentral.blogspot.com Open in urlscan Pro 2a00:1450:4001:813::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

84 %HTTPS

95 %IPv6

13 Domains

22 Subdomains

22 IPs

3 Countries

1234 kBTransfer

2186 kBSize

1 Cookies

5 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

workcompcentral.blogspot.com Open in urlscan Pro
2a00:1450:4001:813::2001 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

84 %
HTTPS

95 %
IPv6

13
Domains

22
Subdomains

22
IPs

3
Countries

1234 kB
Transfer

2186 kB
Size

1
Cookies

57 HTTP transactions
1 data transactions