urlscan.io logo urlscan.io
SecurityTrails logo

turningpro.work Open in urlscan Pro
138.197.205.105  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://moderation.work/
Effective URL: https://turningpro.work/?tag=moderation
Submission: On August 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 79 HTTP transactions. The main IP is 138.197.205.105, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is turningpro.work.
TLS certificate: Issued by R3 on June 25th 2022. Valid for: 3 months.
This is the only time turningpro.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.230.85.241 16509 (AMAZON-02)
26 138.197.205.105 14061 (DIGITALOC...)
12 192.0.77.37 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
1 2600:9000:215... 16509 (AMAZON-02)
6 178.250.0.139 44788 (ASN-CRITE...)
1 178.250.0.162 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
79 19
1    44.230.85.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-85-241.us-west-2.compute.amazonaws.com
moderation.work
26    138.197.205.105 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
turningpro.work
12    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
6    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
4    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    2600:9000:2156:ce00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
6    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
1    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
26 turningpro.work
turningpro.work
119 KB
14 criteo.net
static.criteo.net — Cisco Umbrella Rank: 615
pix.eu.criteo.net — Cisco Umbrella Rank: 7179
csm.eu.criteo.net — Cisco Umbrella Rank: 7348
35 KB
14 wp.com
c0.wp.com — Cisco Umbrella Rank: 6845
stats.wp.com — Cisco Umbrella Rank: 2293
pixel.wp.com — Cisco Umbrella Rank: 2110
122 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
220 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
15 KB
3 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11035
ads.eu.criteo.com — Cisco Umbrella Rank: 7319
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9410
51 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 96
www.google.com — Cisco Umbrella Rank: 10
2 KB
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1409
688 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
43 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8252
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 873
647 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 737
7 KB
1 moderation.work
moderation.work
256 B
79 13
Domain Requested by
26 turningpro.work turningpro.work
12 c0.wp.com turningpro.work
7 static.criteo.net ads.eu.criteo.com
6 pix.eu.criteo.net ads.eu.criteo.com
6 pagead2.googlesyndication.com turningpro.work
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel.wp.com turningpro.work
1 stats.wp.com turningpro.work
1 maxcdn.bootstrapcdn.com turningpro.work
1 moderation.work 1 redirects
79 21

This site contains no links.

Subject Issuer Validity Valid
turningpro.work
R3		 2022-06-25 -
2022-09-23		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-22 -
2022-08-24		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://turningpro.work/?tag=moderation
Frame ID: 01C356BCB0E1DE525BC9C711A9AB45D5
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html
Frame ID: DEDA45BDF038789DC034104F651E2C83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&adk=1812271804&adf=3025194257&lmt=1659317275&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275475&bpp=2&bdt=1101&idt=249&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2024344065858&frm=20&pv=2&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=265
Frame ID: 0BED25F34CA2A129ACBDA4087030722C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&h=600&slotname=4099057109&adk=3467571997&adf=1134769941&pi=t.ma~as.4099057109&w=212&fwrn=4&fwrnh=100&lmt=1659317275&rafmt=1&psa=0&format=212x600&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275477&bpp=2&bdt=1103&idt=268&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2024344065858&frm=20&pv=1&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0JvIjMxzkj&p=https%3A//turningpro.work&dtd=273
Frame ID: D1B88570A08E82664CADE34B6D2B8278
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Frame ID: 988DFE49C7944ECEF1F09F1CAB73D6E0
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 894BB32BE3B92A1A024C98892F668E47
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E187F4669073E4420353ECF241058AFD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

#moderation | Turning Pro

Page URL History Show full URLs

  1. http://moderation.work/ HTTP 307
    https://turningpro.work/?tag=moderation Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

79
Requests

100 %
HTTPS

58 %
IPv6

13
Domains

21
Subdomains

19
IPs

3
Countries

616 kB
Transfer

1861 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://moderation.work/ HTTP 307
    https://turningpro.work/?tag=moderation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
turningpro.work/
Redirect Chain
  • http://moderation.work/
  • https://turningpro.work/?tag=moderation
37 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
75bddeea6a163c8bdda4a537669fc93df6edeb6b8a541c6ebfed55ce46157d14

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
10062
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 Aug 2022 01:27:54 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Link
<https://turningpro.work/index.php?rest_route=/>; rel="https://api.w.org/" <https://turningpro.work/index.php?rest_route=/wp/v2/tags/94>; rel="alternate"; type="application/json"
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
168
Content-Type
text/html; charset=utf-8
Date
Mon, 01 Aug 2022 01:27:53 GMT
Location
https://turningpro.work/?tag=moderation
Server
openresty
X-Frame-Options
sameorigin
dashicons.min.css
c0.wp.com/c/6.0.1/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.1/wp-includes/css/dashicons.min.css
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:54 GMT
content-encoding
br
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:54 GMT
theme-my-login.css
turningpro.work/wp-content/plugins/theme-my-login/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/theme-my-login/theme-my-login.css?ver=6.4.17
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
68fe5fa6aa417e3f599dfe6ffe75752934b6a4226525f98128d3d5547e6b6ff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Oct 2020 05:17:03 GMT
Server
Apache/2.4.38 (Debian)
ETag
"e74-5b2a02845dfed-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1061
style.min.css
c0.wp.com/c/6.0.1/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.1/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:54 GMT
content-encoding
br
last-modified
Mon, 04 Jul 2022 12:10:37 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:54 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/6.0.1/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:54 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:54 GMT
wp-mediaelement.min.css
c0.wp.com/c/6.0.1/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:54 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:54 GMT
checklist_in_post_frontend.css
turningpro.work/wp-content/plugins/checklist-in-post/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/checklist-in-post/css/checklist_in_post_frontend.css?ver=6.0.1
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
dbfb0c2853a7539512b843cdb8124fc712319fbc9aa11e6d76fa03fefe0c535a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Feb 2021 03:44:43 GMT
Server
Apache/2.4.38 (Debian)
ETag
"d56-5bb800a19c23c-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
816
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css?ver=6.0.1
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
1672531
cdn-cachedat
12/11/2021 02:39:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
8f455665b36fad7f9e5144af6be017bf
cf-ray
733acb451a739b25-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
style.css
turningpro.work/wp-content/plugins/mp-timetable/media/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/mp-timetable/media/css/style.css?ver=2.4.6
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
f553ffa0dc22f18522c51141d8dffc39acbf7ce70bf46d735b999ec7874d6ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 May 2022 06:07:22 GMT
Server
Apache/2.4.38 (Debian)
ETag
"2ae6-5dfcfe2fc4ba0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1992
style-front-end.min.css
turningpro.work/wp-content/plugins/wp-simple-booking-calendar/assets/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/wp-simple-booking-calendar/assets/css/style-front-end.min.css?ver=2.0.8.1
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
1796c6a4216b5b06d0e220ed98932181aa89b8da26673a58dde68f8161766602

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Sat, 07 May 2022 17:02:55 GMT
Server
Apache/2.4.38 (Debian)
ETag
"2d71-5de6ef23f6e45-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2185
frontend.min.css
turningpro.work/wp-content/plugins/wp-user-avatar/assets/css/ 		74 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.2.15
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
ff6d1fb92beb708fc76a99f296a32c988131e74228085b8f60dc7d5f298d90ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Jul 2022 09:30:23 GMT
Server
Apache/2.4.38 (Debian)
ETag
"12697-5e2bb0928b278-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9959
flatpickr.min.css
turningpro.work/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.2.15
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
a837ca60346717e3e0fd719ff013dcb9dd2c3e74811413020ec9fe3cdab0d889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Jul 2022 09:30:23 GMT
Server
Apache/2.4.38 (Debian)
ETag
"3c8b-5e2bb0928b278-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2971
select2.min.css
turningpro.work/wp-content/plugins/wp-user-avatar/assets/select2/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.0.1
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Jul 2022 09:30:24 GMT
Server
Apache/2.4.38 (Debian)
ETag
"3a75-5e2bb09291fd8-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1995
style.css
turningpro.work/wp-content/themes/p2/ 		38 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/themes/p2/style.css?ver=6.0.1
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
e1fa3380155415f8d620fb7288b822ae65a542b18532308d88d532daa35cd2dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Oct 2020 23:27:45 GMT
Server
Apache/2.4.38 (Debian)
ETag
"97b7-5b29b4712b493-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
8134
tablepress-combined.min.css
turningpro.work/wp-content/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/tablepress-combined.min.css?ver=15
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
b1539343426e7cf2a446d9d5a01780a14328479619f47ecdfed30aac8386a40a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Feb 2022 19:01:27 GMT
Server
Apache/2.4.38 (Debian)
ETag
"1625-5d863a05bf65f-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2340
jetpack.css
c0.wp.com/p/jetpack/11.1.2/css/ 		84 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.1.2/css/jetpack.css
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
18e0d348e7cb35464eabe33a2dd70f1bf7b9a132c6870c127a408d2591ae3561
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:54 GMT
content-encoding
br
last-modified
Fri, 15 Jul 2022 21:45:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:54 GMT
jquery.min.js
c0.wp.com/c/6.0.1/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.1/wp-includes/js/jquery/jquery.min.js
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:54 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:54 GMT
jquery-migrate.min.js
c0.wp.com/c/6.0.1/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.1/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:54 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:54 GMT
frontend-checklist.js
turningpro.work/wp-content/plugins/frontend-checklist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/frontend-checklist/frontend-checklist.js?ver=6.0.1
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
67580d9f4251e41c064024de2f9d0dfbc0e5283bd3310f5326853488ed93561b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Feb 2021 03:43:45 GMT
Server
Apache/2.4.38 (Debian)
ETag
"72d-5bb8006a953e5-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
676
flatpickr.min.js
turningpro.work/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=6.0.1
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
1f77f1c60435921cb2d68ccfb3bf2da81dd35f274014c4cd5a5b9c20c4a46a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Jul 2022 09:30:23 GMT
Server
Apache/2.4.38 (Debian)
ETag
"c5ad-5e2bb0928b278-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14444
select2.min.js
turningpro.work/wp-content/plugins/wp-user-avatar/assets/select2/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=6.0.1
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Jul 2022 09:30:24 GMT
Server
Apache/2.4.38 (Debian)
ETag
"114c3-5e2bb09291fd8-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
19904
jquery.color.min.js
c0.wp.com/c/6.0.1/wp-includes/js/jquery/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.1/wp-includes/js/jquery/jquery.color.min.js
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6927b6642e507ae9e52ffc3fecfb152a657e7dad1e0db9b26e7fe9b6c28747a2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:54 GMT
content-encoding
br
last-modified
Tue, 01 Feb 2022 01:22:04 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:54 GMT
utils.min.js
c0.wp.com/c/6.0.1/wp-includes/js/ 		2 KB
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.1/wp-includes/js/utils.min.js
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0f0d86a11a5bc956b822d9a6846bba4463535d7811328af503720cec0fca9e30
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:54 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:54 GMT
comment-reply.min.js
c0.wp.com/c/6.0.1/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.1/wp-includes/js/comment-reply.min.js
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:54 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:54 GMT
jquery.scrollTo-min.js
turningpro.work/wp-content/themes/p2/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/themes/p2/js/jquery.scrollTo-min.js?ver=20120402
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
1d79c8435f299ce8c1def3200e78cf5859dc6092f6b75377ac88fd650f4c33ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2016 03:56:30 GMT
Server
Apache/2.4.38 (Debian)
ETag
"7cb-52afdd60fb780-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1075
wp-locale.js
turningpro.work/wp-content/themes/p2/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/themes/p2/js/wp-locale.js?ver=20130819
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
89b735d188ccbdfb80fb7ea36dea04d6fc72a321e837439639506250c2a69c47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2016 03:56:30 GMT
Server
Apache/2.4.38 (Debian)
ETag
"1049-52afdd60fb780-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1154
spin.js
turningpro.work/wp-content/themes/p2/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/themes/p2/js/spin.js?ver=20120704
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
45237e41fb9a367d9468aa42b3c383448164cb1f2beca8c11baf713b8e13e3bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2016 03:56:30 GMT
Server
Apache/2.4.38 (Debian)
ETag
"21f2-52afdd60fb780-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3393
p2.js
turningpro.work/wp-content/themes/p2/js/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/themes/p2/js/p2.js?ver=20140603
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
7de556e3cb583a6e9d5322a592f72abe4615c5e22e877b55d07d05b456e44130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2016 03:56:30 GMT
Server
Apache/2.4.38 (Debian)
ETag
"b159-52afdd60fb780-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
11083
psp_styles.php
turningpro.work/wp-content/plugins/pretty-simple-progress-meter/css/ 		1 KB
935 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/pretty-simple-progress-meter/css/psp_styles.php
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
f287c422e899a51c9ea28225a189f21664c561a31e6cb29a966776abfdac3bd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Aug 2022 01:27:54 GMT
Content-Encoding
gzip
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
421
Expires
Thu, 19 Nov 1981 08:52:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9758642247027295
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d32ad430cd4865e83cee95f1efdc4fce9921a680ff004776c0a671c6c90d54ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turningpro.work/
Origin
https://turningpro.work
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56803
x-xss-protection
0
server
cafe
etag
7911867283864477890
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 01 Aug 2022 01:27:55 GMT
psp-clock.png
turningpro.work/wp-content/plugins/pretty-simple-progress-meter/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://turningpro.work/wp-content/plugins/pretty-simple-progress-meter/psp-clock.png
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
9b71e0af059d54fd09e8f9ac93d46163317533eb494d0023079b598b933975f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:55 GMT
Last-Modified
Sun, 18 Apr 2021 19:48:46 GMT
Server
Apache/2.4.38 (Debian)
ETag
"7f3-5c0448048a5ee"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
2035
Papang-e1642272618551-150x150.jpg
turningpro.work/wp-content/uploads/2022/01/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://turningpro.work/wp-content/uploads/2022/01/Papang-e1642272618551-150x150.jpg
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
52fe0030fc2ae09ea93784c09d224f80e6a1a21922e7a524a0b1d7c8de4b7eef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:55 GMT
Last-Modified
Sat, 15 Jan 2022 18:50:18 GMT
Server
Apache/2.4.38 (Debian)
ETag
"1131-5d5a364125cb3"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4401
checklist_in_post_frontend.js
turningpro.work/wp-content/plugins/checklist-in-post/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/checklist-in-post/checklist_in_post_frontend.js?ver=6.0.1
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
55567425b8cdf352b557b4381f1fd32fa240913d74019a5dd17cdc6d83150a92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Feb 2021 03:44:43 GMT
Server
Apache/2.4.38 (Debian)
ETag
"bed-5bb800a19c23c-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1148
core.min.js
c0.wp.com/c/6.0.1/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.1/wp-includes/js/jquery/ui/core.min.js
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:55 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:55 GMT
datepicker.min.js
c0.wp.com/c/6.0.1/wp-includes/js/jquery/ui/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0.1/wp-includes/js/jquery/ui/datepicker.min.js
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e65f5c3b3b4c402074c19dee3d24d6bc02a8a86b19c8c992a4a6e78b254b2cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 01 Aug 2022 01:27:55 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Aug 2023 01:27:55 GMT
script-front-end.min.js
turningpro.work/wp-content/plugins/wp-simple-booking-calendar/assets/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/wp-simple-booking-calendar/assets/js/script-front-end.min.js?ver=2.0.8.1
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
2c845071ea592a7f0706700b1f908ed2444c83309cb60d1eee38eef3c0b20308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:55 GMT
Content-Encoding
gzip
Last-Modified
Sat, 07 May 2022 17:02:55 GMT
Server
Apache/2.4.38 (Debian)
ETag
"125c-5de6ef23f6e45-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1165
frontend.min.js
turningpro.work/wp-content/plugins/wp-user-avatar/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.2.15
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
0818610c65fd1ca125b6f560e6cb6e6c8c299e461c2ce91ed197972623cdaf3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Jul 2022 09:30:24 GMT
Server
Apache/2.4.38 (Debian)
ETag
"2482-5e2bb09293f18-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2376
e-202231.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202231.js
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nc
HIT hhn
date
Mon, 01 Aug 2022 01:27:55 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 23 Jul 2023 21:02:39 GMT
wp-emoji-release.min.js
turningpro.work/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 07:08:09 GMT
Server
Apache/2.4.38 (Debian)
ETag
"48b9-5e39654be1653-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5009
style-print.css
turningpro.work/wp-content/themes/p2/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://turningpro.work/wp-content/themes/p2/style-print.css?ver=20120807
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
8da4034f61c7bb6cadced1e18f82dc3a90b78db36e32fd7a279338a60c9e51e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/?tag=moderation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Feb 2016 03:56:30 GMT
Server
Apache/2.4.38 (Debian)
ETag
"1344-52afdd60fb780-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1528
sidebar_back.gif
turningpro.work/wp-content/themes/p2/i/ 		866 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://turningpro.work/wp-content/themes/p2/i/sidebar_back.gif
Requested by
Host: turningpro.work
URL: https://turningpro.work/wp-content/themes/p2/style.css?ver=6.0.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.205.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
7e1d23d3b9d5f4d996bd79a7a3ef906dff671f3efb3d0e4f16f35528db9fac70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/wp-content/themes/p2/style.css?ver=6.0.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 01 Aug 2022 01:27:55 GMT
Last-Modified
Fri, 05 Feb 2016 03:56:30 GMT
Server
Apache/2.4.38 (Debian)
ETag
"362-52afdd60fb780"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
866
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.1.2&blog=187123303&post=0&tz=-7&srv=turningpro.work&host=turningpro.work&ref=&fcp=2397&rand=0.7430369930229874
Requested by
Host: turningpro.work
URL: https://turningpro.work/?tag=moderation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 01 Aug 2022 01:27:55 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/ 		338 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9758642247027295&plah=turningpro.work&bust=31068669
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9758642247027295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a94bd049dbd4835ea550d16e277081c38db9fc7bd61a876e59744c76a55c13c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122088
x-xss-protection
0
server
cafe
etag
4618046703307442829
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 Aug 2022 01:27:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/ Frame DEDA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9758642247027295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turningpro.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
20082
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 31 Jul 2022 19:53:13 GMT
etag
8616628553774171045
expires
Sun, 14 Aug 2022 19:53:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		219 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=turningpro.work&callback=_gfp_s_&client=ca-pub-9758642247027295
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9758642247027295&plah=turningpro.work&bust=31068669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
51a776c5262f69ddba3879f8b8f0b46657f146f965d9e74748b0a5ee4239575f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=turningpro.work
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9758642247027295&plah=turningpro.work&bust=31068669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Aug 2022 01:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=turningpro.work
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9758642247027295&plah=turningpro.work&bust=31068669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Aug 2022 01:27:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0BED 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&adk=1812271804&adf=3025194257&lmt=1659317275&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275475&bpp=2&bdt=1101&idt=249&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2024344065858&frm=20&pv=2&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=265
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9758642247027295&plah=turningpro.work&bust=31068669
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turningpro.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Aug 2022 01:27:55 GMT
expires
Mon, 01 Aug 2022 01:27:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D1B8 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&h=600&slotname=4099057109&adk=3467571997&adf=1134769941&pi=t.ma~as.4099057109&w=212&fwrn=4&fwrnh=100&lmt=1659317275&rafmt=1&psa=0&format=212x600&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275477&bpp=2&bdt=1103&idt=268&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2024344065858&frm=20&pv=1&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0JvIjMxzkj&p=https%3A//turningpro.work&dtd=273
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9758642247027295&plah=turningpro.work&bust=31068669
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3e02edf308e993470f51d81bc45fac95e406020ac3ccefdabb0d83753f9ace9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turningpro.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10690
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Aug 2022 01:27:55 GMT
expires
Mon, 01 Aug 2022 01:27:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame D1B8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&h=600&slotname=4099057109&adk=3467571997&adf=1134769941&pi=t.ma~as.4099057109&w=212&fwrn=4&fwrnh=100&lmt=1659317275&rafmt=1&psa=0&format=212x600&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275477&bpp=2&bdt=1103&idt=268&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2024344065858&frm=20&pv=1&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0JvIjMxzkj&p=https%3A//turningpro.work&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Aug 2022 01:03:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D1B8 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&h=600&slotname=4099057109&adk=3467571997&adf=1134769941&pi=t.ma~as.4099057109&w=212&fwrn=4&fwrnh=100&lmt=1659317275&rafmt=1&psa=0&format=212x600&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275477&bpp=2&bdt=1103&idt=268&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2024344065858&frm=20&pv=1&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0JvIjMxzkj&p=https%3A//turningpro.work&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658922152796835"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 Aug 2022 01:27:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame D1B8 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&h=600&slotname=4099057109&adk=3467571997&adf=1134769941&pi=t.ma~as.4099057109&w=212&fwrn=4&fwrnh=100&lmt=1659317275&rafmt=1&psa=0&format=212x600&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275477&bpp=2&bdt=1103&idt=268&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2024344065858&frm=20&pv=1&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0JvIjMxzkj&p=https%3A//turningpro.work&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Aug 2022 01:21:11 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D1B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CecFQGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6AFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdo46fVjSrRFlUty0EcRGbU7zHX2kv8dGwyw73lhbqAqeT5k8LuBIgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3NTg2NDIyNDcwMjcyOTUYAA&sigh=Dt8aKgP_sYA&uach_m=[UACH]&cid=CAQSGwCNIrLM1As9XhR9iJwVJiA-F_nJX2YkjZIhqxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&h=600&slotname=4099057109&adk=3467571997&adf=1134769941&pi=t.ma~as.4099057109&w=212&fwrn=4&fwrnh=100&lmt=1659317275&rafmt=1&psa=0&format=212x600&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275477&bpp=2&bdt=1103&idt=268&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2024344065858&frm=20&pv=1&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0JvIjMxzkj&p=https%3A//turningpro.work&dtd=273
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&h=600&slotname=4099057109&adk=3467571997&adf=1134769941&pi=t.ma~as.4099057109&w=212&fwrn=4&fwrnh=100&lmt=1659317275&rafmt=1&psa=0&format=212x600&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275477&bpp=2&bdt=1103&idt=268&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2024344065858&frm=20&pv=1&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0JvIjMxzkj&p=https%3A//turningpro.work&dtd=273
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 01 Aug 2022 01:27:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Aug 2022 01:27:56 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame D1B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RNQB2ASdg2ICAgAAAGTeDDP6sPldEBss52IrlrFilYJT2wWSHQASAAA&wp=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&h=600&slotname=4099057109&adk=3467571997&adf=1134769941&pi=t.ma~as.4099057109&w=212&fwrn=4&fwrnh=100&lmt=1659317275&rafmt=1&psa=0&format=212x600&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275477&bpp=2&bdt=1103&idt=268&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2024344065858&frm=20&pv=1&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0JvIjMxzkj&p=https%3A//turningpro.work&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
server
Kestrel
server-processing-duration-in-ticks
263102
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 988D 		157 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&h=600&slotname=4099057109&adk=3467571997&adf=1134769941&pi=t.ma~as.4099057109&w=212&fwrn=4&fwrnh=100&lmt=1659317275&rafmt=1&psa=0&format=212x600&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275477&bpp=2&bdt=1103&idt=268&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2024344065858&frm=20&pv=1&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0JvIjMxzkj&p=https%3A//turningpro.work&dtd=273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b4560b625eddfa92456ad8548302683d7361a1c44a8bf34f00f08cfd5c967a39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 01 Aug 2022 01:27:55 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Onv7a_EMALq6wUwKkxNiq6tq38-cAQwEhJXiGcDMphtTv4gptYUos9HvOcWZUJtoBRj6CsHN9fibv0OxILfF6O8-yhjY5yW4SRR12tFfPKOoQdz1GVIqDc3p1rWgpwivkHXa-e4DmY1lB1Oh5z1plTX1f3FA1LPLkDYdUuxtiFTSJEnjyYJB13nnhld0kCjcq_tT5Qq-ZFpUDQ18Dw_S7PfCnG9yNufhxNPVtlhJbMJvVJx8ElcfGdb9iXXfg6LRDrMbpQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
105596483
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
privacy_small.svg
static.criteo.net/flash/icon/ Frame 988D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Jul 2023 01:27:56 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 988D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Jul 2023 01:27:56 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 988D 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 27 Jul 2023 01:27:56 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 988D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 27 Jul 2023 01:27:56 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 988D 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=_XdF-aIgar3PdS5R9BM-mVDRxQXLItZ2C4EUC7p6zGWqVNr3OiAMWIzmX2O1ryQB4Cdtf-NOKLTvmFJvDSYN37KEQEWR9cZiM2ywBKyJRe9NpKEOAwdcK0bchdeOfXjU43bCaBIzk7DH9KAs_1D2L754NT_Pa43eJLV1-QFMUMK9EYZX3uDROqiyJRfrGsBs1Lj84OGcVt4yX6V1-RCtsIKL8l8bEpP4nEvAc87lG_hYwjmrOiqjz7RyUtnbVQBc8p8FuNYUqEdGCYPEQvX_CWXhNOdSqp9SLXDGi-GIk_tbMsMZyyvKm4B4gJQsp4KuFOhsV_wEJInPNnqETtGZ05GX5V7hOI2gM3AAYz70ncnYtdGSqxztjlFlKjmHSnUvorAdE1o8hVw6mX99MVrrn8dRg8T_FONXPVvxfPqwD5HXvhpx
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Aug 2022 01:27:55 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4116809
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 988D 		0
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1659317275
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ce00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Aug 2022 01:27:56 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
A7HTe5rohYY2g9CZh82H9lJBtr8ujuJsVpVDp2efVxFbQAb3G2iMSQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 988D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Jul 2023 01:27:56 GMT
img
pix.eu.criteo.net/img/ Frame 988D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=420&s=Pn7yWwaz4sJv9x19OVaEQm3W
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b94a89259ef175b881195823edba0134e626911f4dc3baaac1bece619eff6bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:55 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30685226
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
13859
expires
Sat, 22 Jul 2023 05:08:22 GMT
img
pix.eu.criteo.net/img/ Frame 988D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=400&s=u8QjTuzx4yQwWOjyD8TMxXfP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:55 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1057584
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1960
expires
Sat, 13 Aug 2022 07:14:20 GMT
img
pix.eu.criteo.net/img/ Frame 988D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=400&s=GVnKI3ywx2pDN-sz0JRgKSSP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:55 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=357689
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1266
expires
Fri, 05 Aug 2022 04:49:26 GMT
img
pix.eu.criteo.net/img/ Frame 988D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoFritz-Schaefer-GmbH-Co-KG-Einrichtungssysteme-201358DE.gif%3Feb%3D1&v=3&w=400&s=du5IiUauSxtYWiXOfXBSfIt0&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
64da95147994b9ec3e2a9a633abd1a4e70afdf532cba54c601dbd2fb41350df1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:55 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2911
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1238
expires
Mon, 01 Aug 2022 02:16:27 GMT
img
pix.eu.criteo.net/img/ Frame 988D 		898 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGKS-Gesellschaft-fur-Kommunikationsservice-mbH-148116DE.gif%3Feb%3D1&v=3&w=400&s=-mxUMyceAgOLfeiqGMGVBA-h&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1996603
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
898
expires
Wed, 24 Aug 2022 04:04:39 GMT
img
pix.eu.criteo.net/img/ Frame 988D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoKLE-Klinik-Logistik-Engineering-GmbH-49705DE.gif%3Feb%3D1&v=3&w=400&s=PtsKYFt3YphFzdgNZ6roKGRq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b9a8844adf940508ea25764a169b94d51d855689f23ab82a73a537853f48c753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:55 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=405533
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2238
expires
Fri, 05 Aug 2022 18:06:50 GMT
all
csm.eu.criteo.net/ Frame 988D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Onv7a_EMALq6wUwKkxNiq6tq38-cAQwEhJXiGcDMphtTv4gptYUos9HvOcWZUJtoBRj6CsHN9fibv0OxILfF6O8-yhjY5yW4SRR12tFfPKOoQdz1GVIqDc3p1rWgpwivkHXa-e4DmY1lB1Oh5z1plTX1f3FA1LPLkDYdUuxtiFTSJEnjyYJB13nnhld0kCjcq_tT5Qq-ZFpUDQ18Dw_S7PfCnG9yNufhxNPVtlhJbMJvVJx8ElcfGdb9iXXfg6LRDrMbpQ&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 01 Aug 2022 01:27:55 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 988D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Jul 2023 01:27:56 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 988D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YucsGwAM3UcIu_IOAAZCJ-Sp5ztN-lT6AlOLdA&u=%7C9NKkCT7Q6uFWehxSNzyGsXbW7gUQ%2FU%2FXEpzLYYCGzFY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9OcwahrhqKvtcAmjSQ-6IB11S43xI_6lgKYF_QSBsfJ4duGee1oVS7lxu5NwFs2l-_xZruwW5svlhPOZlxkTPvV6fpGD9Ohp6gdx-ME91IQUoed1DaTM8sFZx7MtuF55k3YIeNLWaD_wPAQPg_37Spvpguu7GIiDP_hEMyeikWOFgs9B6IW6U1ctA4ENy71lWlU6dfhXSix06l7TDS0VQaZQtCXQR8QBItuufjWjgbzirQP0F9sOPF1zZnhmG5zP0RLTevN167gH4d9DTQgEZl0ikVDNjOAsYBpCML5h4Gc_vx_VEL8Y_XY3MjtOdU60pvCYgSTSkS-H_s5Ttfp5rkkerP7ymAkzs5yGQfKM60f4q1Z4FnPwWiXKr6KWtTCWdYehQ7we1l3KoLVKAZm-xY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO6-nGyznYse6M47k7_UPp4SZoALJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3NTg2NDIyNDcwMjcyOTWgAdW20uoDyAEJqQIEMmOLViWxPqgDAaoE6wFP0IFMXeMI261XlR5nPF0AaYecqpcAOwLRHpWsiZumEJV5Ce9IqMtZDAjpoBRjaa9vi1lTv1Eg9hPHjjqQi0RnWn9cs4FURjD2e_7Md3w3yBGnLQBlQzQvtdMkgfDDSJB_DAd5MJucvIRb5EOGj5XX0i-4nhOlw1bSF6nuC5htR5J3HmMz_U6oT84gSbAEOsCYZ3aaBuhjH2PLBcXqYEkgUhK2l_BqpzJe78fsftvMXCxp24G12ZZgFJWSmQv6v4xYdsw4XMpVIo127UCgshR7y7b6CXcSteleQZjz4_6pFxSyVxyWqvP3yXT4gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2II3WZkTNYsnv7_waoZX4gWlyhzA%26client%3Dca-pub-9758642247027295%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Jul 2023 01:27:56 GMT
truncated
/ Frame D1B8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e08eb57e36be8aa2504183e4e276253363167f419a3e3cb91fab7de491b45e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220727&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9758642247027295&plah=turningpro.work&bust=31068669
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f836891281b754fbc374af6a0179c60c32a464f8d3d25af4abd52a1ec41a2a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Aug 2022 01:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10711
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9758642247027295&plah=turningpro.work&bust=31068669
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 Aug 2022 01:27:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 894B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://turningpro.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 31 Jul 2022 23:11:03 GMT
expires
Mon, 31 Jul 2023 23:11:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E187 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
60bae76934f0983c982c41568b26c00fd3dda67d6438fceec462b67e11e5b0c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3xUTOsmynEdTuTE040RMsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://turningpro.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-3xUTOsmynEdTuTE040RMsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Aug 2022 01:27:56 GMT
expires
Mon, 01 Aug 2022 01:27:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame 894B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:49:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
27492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 31 Jul 2023 17:49:44 GMT
generate_204
tpc.googlesyndication.com/ Frame 894B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?94q4rA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 01:27:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame E187 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220727&jk=3788130850165303&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220727&jk=3788130850165303&bg=!b2ylbCjNAAacadVKvGk7ACkAdvg8WvGjKxrRT_3gnmfv7nRu5emu1eTHs-GkLY6oXEvUqPWcNTejMAIAAABMUgAAAANoAQeZAp-CKUGOExUgNLXbSQ5eg5CHihuzRuooLpXgeXVmxZgyEO55gCo1nOMdRtqGTkQYgxWD8jPTKEpC97FZKhrHIV66rsKrj4-k6csAp2_VKQx7OeCbkWDgBrhsyUpwSgof_Wn8hESaF0RCvMWLuWv_pbflS00awgRZ-AMpzAQfkXiq1DpqIYubHykzjnLtFz8O01r2CXnD6yeBkPRmO0nAZfKk2MVfzZ1T8NSbDP8gBpc3LlOhrtms7JQ3KrEh1wdCc7pOURsq6AzPag-EJTQHOk18LhhuoeOfwlaWixkpCcTNwfSq9kNTAr3wfb4faVL-r6bSphyuUA3q2DYqdyBZrkJWyo3YS6HlGD8I9kRtrb-_IUnSMOco7ze-REveQ2rqXxIXXC9EWi8sIpMnfF91dSE14tBIQmdu8m4IQEd0N28oAezR69cD89cAGbdITed2jkOU2tHTFy693T5UeGtFnWEYlCzVKskJEHBJjcrsIJPMpvE7Qfqcd9aQ2TpicJA2YQ1Fn_VmPTQnBKaMwIUlwQnSE09t7NVYLY-FJaobyhpDUgqFxR7wc16ZjGMmMdRurBf4rd0-R7ZH7XydNxAj4r6E3b9MLIFCeZhbojbniQW6zzmo0Ul9BMsP03x3zAapIC02P7B_0X6ORP6H8C2cvlmbNcZFK-kOoLF2XRP7VbeWiqhs1Znk9aDMRGxD5GEeGd8iNtY8DMUyvr93A-SMzZd42htZe8zeiOyKUbVakNmRoBlq_1p-k4aGJsdo1zUekULWWL5VKfsRaznS8OAy07zqv_ik3PvJcDBtJ958WitywiWYsE-SknCUK8TsZEk5QxHyZN93PMfs-XZtsdSxc1SfekAvHi2Uyppsuhf9FkuGv5BL73PKWo1UdUVcDLObnA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://turningpro.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| ajaxUrl string| ajaxReadUrl string| updateRate string| nonce string| login_url string| templateDir number| isFirstFrontPage number| isFrontPage number| isSingle number| isPage number| isUserLoggedIn number| prologueTagsuggest number| prologuePostsUpdates number| prologueCommentsUpdates number| getPostsUpdate number| getCommentsUpdate number| inlineEditPosts number| inlineEditComments string| wpUrl string| rssUrl string| pageLoadTime object| commentsOnPost object| postsOnPage string| postsOnPageQS number| currPost number| currComment boolean| commentLoop boolean| lcwidget boolean| hidecomments string| commentsLists number| newUnseenUpdates object| mentionData number| p2CurrentVersion number| p2StoredVersion object| wpLocale object| _wpemojiSettings function| $ function| jQuery object| frontendChecklist function| frontend_checklist_checkbox_changed function| frontend_checklist_load_status function| frontend_checklist_write_status function| getCookie function| flatpickr object| userSettings object| wpCookies function| getUserSetting function| setUserSetting function| deleteUserSetting function| getAllUserSettings object| addComment object| wp function| Spinner object| p2txt object| p2 object| shortMonths object| longMonths object| shortDays object| longDays function| send_to_editor object| adsbygoogle object| options object| wpsbc object| twemoji object| pp_ajax_form function| ppFormRecaptchaLoadCallback object| _stq function| st_go function| linktracker_init object| wpcom object| date number| xOffset number| yOffset string| vpostId object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
turningpro.work/ Name: ppwp_wp_session
Value: f91b317d540b4158f03b248a4e5c0db8%7C%7C1659319074%7C%7C1659318714
turningpro.work/ Name: PHPSESSID
Value: umr389a06veo3v8m3756k4gqdr
.turningpro.work/ Name: __gads
Value: ID=a41c5ced5ec88322-2257e6f7e0cd0097:T=1659317275:RT=1659317275:S=ALNI_MakJVSYwxMJjmK7naKK5QGUrdeu8g
.doubleclick.net/ Name: IDE
Value: AHWqTUkrPTxGudWb6wVbtEmz4USjj2rVkeQtqZvIhw_nOWdU_Sy1fqLmL2orYljGHOg

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9758642247027295&output=html&h=600&slotname=4099057109&adk=3467571997&adf=1134769941&pi=t.ma~as.4099057109&w=212&fwrn=4&fwrnh=100&lmt=1659317275&rafmt=1&psa=0&format=212x600&url=https%3A%2F%2Fturningpro.work%2F%3Ftag%3Dmoderation&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659317275477&bpp=2&bdt=1103&idt=268&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2024344065858&frm=20&pv=1&ga_vid=1015643157.1659317276&ga_sid=1659317276&ga_hid=492933729&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1065&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C31068669%2C44764001&oid=2&pvsid=3788130850165303&tmod=2059698197&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0JvIjMxzkj&p=https%3A//turningpro.work&dtd=273
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
c0.wp.com
cat.nl.eu.criteo.com
csm.eu.criteo.net
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
moderation.work
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.wp.com
rtb.nl.eu.criteo.com
secure-gl.imrworldwide.com
static.criteo.net
stats.wp.com
tpc.googlesyndication.com
turningpro.work
www.google.com
www.googletagservices.com
138.197.205.105
142.250.186.162
178.250.0.139
178.250.0.162
178.250.2.148
192.0.76.3
192.0.77.37
2600:9000:2156:ce00:1e:a43d:b640:93a1
2606:4700::6812:acf
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:82b::2004
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
44.230.85.241
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
0818610c65fd1ca125b6f560e6cb6e6c8c299e461c2ce91ed197972623cdaf3f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0f0d86a11a5bc956b822d9a6846bba4463535d7811328af503720cec0fca9e30
1796c6a4216b5b06d0e220ed98932181aa89b8da26673a58dde68f8161766602
18e0d348e7cb35464eabe33a2dd70f1bf7b9a132c6870c127a408d2591ae3561
1d79c8435f299ce8c1def3200e78cf5859dc6092f6b75377ac88fd650f4c33ef
1f77f1c60435921cb2d68ccfb3bf2da81dd35f274014c4cd5a5b9c20c4a46a27
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
2c845071ea592a7f0706700b1f908ed2444c83309cb60d1eee38eef3c0b20308
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e65f5c3b3b4c402074c19dee3d24d6bc02a8a86b19c8c992a4a6e78b254b2cd
45237e41fb9a367d9468aa42b3c383448164cb1f2beca8c11baf713b8e13e3bd
46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51a776c5262f69ddba3879f8b8f0b46657f146f965d9e74748b0a5ee4239575f
52fe0030fc2ae09ea93784c09d224f80e6a1a21922e7a524a0b1d7c8de4b7eef
55567425b8cdf352b557b4381f1fd32fa240913d74019a5dd17cdc6d83150a92
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
5f836891281b754fbc374af6a0179c60c32a464f8d3d25af4abd52a1ec41a2a0
60bae76934f0983c982c41568b26c00fd3dda67d6438fceec462b67e11e5b0c6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64da95147994b9ec3e2a9a633abd1a4e70afdf532cba54c601dbd2fb41350df1
67580d9f4251e41c064024de2f9d0dfbc0e5283bd3310f5326853488ed93561b
68fe5fa6aa417e3f599dfe6ffe75752934b6a4226525f98128d3d5547e6b6ff2
6927b6642e507ae9e52ffc3fecfb152a657e7dad1e0db9b26e7fe9b6c28747a2
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75bddeea6a163c8bdda4a537669fc93df6edeb6b8a541c6ebfed55ce46157d14
7de556e3cb583a6e9d5322a592f72abe4615c5e22e877b55d07d05b456e44130
7e1d23d3b9d5f4d996bd79a7a3ef906dff671f3efb3d0e4f16f35528db9fac70
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
89b735d188ccbdfb80fb7ea36dea04d6fc72a321e837439639506250c2a69c47
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8da4034f61c7bb6cadced1e18f82dc3a90b78db36e32fd7a279338a60c9e51e7
8e08eb57e36be8aa2504183e4e276253363167f419a3e3cb91fab7de491b45e2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9b71e0af059d54fd09e8f9ac93d46163317533eb494d0023079b598b933975f9
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3e02edf308e993470f51d81bc45fac95e406020ac3ccefdabb0d83753f9ace9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a837ca60346717e3e0fd719ff013dcb9dd2c3e74811413020ec9fe3cdab0d889
a94bd049dbd4835ea550d16e277081c38db9fc7bd61a876e59744c76a55c13c1
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b1539343426e7cf2a446d9d5a01780a14328479619f47ecdfed30aac8386a40a
b4560b625eddfa92456ad8548302683d7361a1c44a8bf34f00f08cfd5c967a39
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b94a89259ef175b881195823edba0134e626911f4dc3baaac1bece619eff6bb9
b9a8844adf940508ea25764a169b94d51d855689f23ab82a73a537853f48c753
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
d32ad430cd4865e83cee95f1efdc4fce9921a680ff004776c0a671c6c90d54ac
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
dbfb0c2853a7539512b843cdb8124fc712319fbc9aa11e6d76fa03fefe0c535a
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1fa3380155415f8d620fb7288b822ae65a542b18532308d88d532daa35cd2dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
f287c422e899a51c9ea28225a189f21664c561a31e6cb29a966776abfdac3bd4
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f553ffa0dc22f18522c51141d8dffc39acbf7ce70bf46d735b999ec7874d6ef8
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
ff6d1fb92beb708fc76a99f296a32c988131e74228085b8f60dc7d5f298d90ac