blog.filkhabr.com Open in urlscan Pro
2606:4700:3031::6815:439e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.filkhabr.com/
Submission: On August 23 via manual (August 23rd 2023, 12:07:24 am UTC) from US — Scanned from DE

Summary HTTP 111 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 15 domains to perform 111 HTTP transactions. The main IP is 2606:4700:3031::6815:439e, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.filkhabr.com.
TLS certificate: Issued by E1 on June 30th 2023. Valid for: 3 months.

This is the only time blog.filkhabr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2606:4700:303... 2606:4700:3031::6815:439e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:1ccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	23.109.82.5 23.109.82.5	7979 (SERVERS-COM) (SERVERS-COM)
12	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
111	22

18 2606:4700:3031::6815:439e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

blog.filkhabr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.filkhabr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:1ccc (United States)

ASN13335 (CLOUDFLARENET, US)

www.fontstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.82.5 (Netherlands)

ASN7979 (SERVERS-COM, US)

bn.aoliplastin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	397 KB
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 710 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9104 csm.eu.criteo.net — Cisco Umbrella Rank: 8684	254 KB
18	filkhabr.com 1 redirects blog.filkhabr.com www.filkhabr.com	388 KB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1693 www.google.com — Cisco Umbrella Rank: 3	62 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	110 KB
5	gstatic.com www.gstatic.com	46 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	227 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8578 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10115 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15501	48 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244	605 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2102	255 B
1	aoliplastin.com bn.aoliplastin.com	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	81 KB
1	fontstatic.com www.fontstatic.com — Cisco Umbrella Rank: 264478	23 KB
111	15

	Domain	Requested by
19	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
17	blog.filkhabr.com	blog.filkhabr.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
12	pagead2.googlesyndication.com	blog.filkhabr.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
10	static.criteo.net	ads.eu.criteo.com
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.filkhabr.com	1 redirects
1	bn.aoliplastin.com	blog.filkhabr.com
1	www.googletagmanager.com	blog.filkhabr.com
1	www.fontstatic.com	blog.filkhabr.com
111	22

This site contains links to these domains. Also see Links.

Domain
news.google.com
www.facebook.com
twitter.com
www.pinterest.com
www.youtube.com
www.filkhabr.com
www.abdulrahman.com

Subject Issuer	Validity	Valid
filkhabr.com E1	`2023-06-30` - `2023-09-28`	3 months	crt.sh
fontstatic.com E1	`2023-07-16` - `2023-10-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
bn.aoliplastin.com R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://blog.filkhabr.com/
Frame ID: 16B52D7315B5C29B83FEAF798DA41361
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20190131/zrt_lookup.html
Frame ID: 4AD4FE8DB5C323461EF799B670AB4492
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7412509426492072&output=html&adk=2969136045&adf=3689892565&lmt=1692721020&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fblog.filkhabr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692749239406&bpp=3&bdt=255&idt=171&shv=r20230821&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4193536640632&frm=20&pv=2&ga_vid=340650223.1692749239&ga_sid=1692749240&ga_hid=1148656875&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44800951&oid=2&pvsid=143830542251985&tmod=735740827&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=198
Frame ID: 873F8881E16DFAD08270038DEA570277
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C82784B655B1E2B786674685710D9AC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C3D66DC4B1CA6551AEA9C385C4CB1C3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1
Frame ID: E2CA2EDBCA034207C79A8E18C413E523
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1
Frame ID: 14E61028A08D666A9B95D2788DFDE5D8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1
Frame ID: 500CD4E6927BC34643AA1F177E6FFDEE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1
Frame ID: A88C2E4399F0D8A21D888591F1321D9F
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOVNtwAJ728KwkR8AAuKp1K6GMzHP2ek8bN2Eg&u=%7CsFchTBz7gddjkwChuWKxV%2BVDqHpgmk5giQxWLJPoeX8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861tU_7_giAdIpRDugYzLWvWeCQ5uBH4sJmMxqhEUSlCgf90kWcEGXSCONaT1uof3XprI5RYwf8_zwSTNRYHiOimIHzEDqJIe1DwoQzVP6zAa0xKhE3OBOl6LX3QI139f1c4T7WGsuo5VtjMzWm6n-sWoT_jLkNBDrRpJX6ICkz9OKxdel1B0c-CrMilAv-BwtdeQ93VD5jVcpDg6Q5a3kAN3pmKy4qqL3j2fSiXOoftVl8cQmFnTRs7JJ6Z80VMQ_Nd3HY97Djj8BYLMTyTzK5xU50B02BkSTiGkB3ayWZ_Pjuy3o9tAG2wAoWNm47Rex5PkioZxtHhuIy1MNWC6CIT1PDS4RauVrhaJYBdJY_C7fBg3A-AGucJJ2bcylX7zZHFuMEi4fvt_QBqlnK2nlpFUpEL3cU7Q1spbDQeEAagyxgOByGltTPA4n7Iz5F5F0zhRI8uQYlKfgV2kwOYq2LAyPcdBNSNROl_LE3z_ARdNSZ8ZO3KNHCBQ0K33fTYEkcQwF5I5OG-mPnP2UMjVJutVgQyR1wSlX1R6gxvwprn0cgn8k1DBt_tRBg_Mg7k0i6p35HKJqxEnUtYcP0RxMz9PfagxmebUJA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvK7kt03lZO_eJ_yIiQanla7QA8me0rFcvemV93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNzQxMjUwOTQyNjQ5MjA3MsgBCakC7Udl4VAysj6oAwHIAwKqBMcBT9DLbPKvakcCDpFgWG3g5lSgJciJnP7sVoxRv8dUYjvRbIzKJI4pjyNrjyZ6RApEXcVu7pbGyoR_JasS6VwK01UgPIh3JOa58KL0dMEs7hn2iYBzW3QV1r-sJNIdmq1fDoJzZ706X69UIrSL4dJo-PF6soDk4VQcQFhuisjMSskkgW9a12hXLA7Yf9NkuKDWAl4yXBQ7WXnuryV0oOTbfYUHMNGEqaWvRFz5VEEV4LhlDeZmTdZ5hMLGFrmawFuTuEMCtw-PT4AGjtSynLeypa1ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_05gsDH466bWobiRrolAjCSsIjyGg%26client%3Dca-pub-7412509426492072%26adurl%3D
Frame ID: 5E2627A31C9B431EF44AEBAC9CA49CD4
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: B65E63CB937836E99EFF36F09017CE49
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: DE7A490F51DD180461EBE214B5604CEC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: 2BBFFC4581C0A94AB35078D1FCBC603B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: 14F915C52F61A768B80BD9B40CAA872E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

مجلة فى الخبر – مجلة فى الخبر الصحة والجمال وتخسيس الوزن والعناية بالبشرة والشعر واخبار التكنولوجيا والسفر والسياحة واستراتيجيات الربح والاقتصاد وجديد الطبخ والرياضة والالعاب

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

111
Requests

99 %
HTTPS

90 %
IPv6

15
Domains

22
Subdomains

22
IPs

4
Countries

1644 kB
Transfer

4265 kB
Size

8
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://news.google.com/publications/CAAqBwgKMMSsmgsw3rayAw?hl=en-US&gl=US&ceid=US:en
Title: جوجل نيوز

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Filkhabr.eg
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/FilkhabrEg
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/Aflamonlineme/_saved/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCRZJhhAaRNHrQJOV4_x9Msg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.filkhabr.com/tag/%d8%a7%d9%84%d8%ad%d9%85%d9%84
Title: #الحمل

Search URL Search Domain Scan URL

URL: https://www.filkhabr.com/tag/%d8%ad%d9%84%d9%88%d9%8a%d8%a7%d8%aa
Title: #حلويات

Search URL Search Domain Scan URL

URL: https://www.filkhabr.com/tag/%d8%a7%d9%84%d8%b9%d9%86%d8%a7%d9%8a%d8%a9-%d8%a8%d8%a7%d9%84%d8%b4%d8%b9%d8%b1
Title: #العناية_بالشعر

Search URL Search Domain Scan URL

URL: https://www.filkhabr.com/tag/%d9%88%d8%b5%d9%81%d8%a7%d8%aa-%d8%b1%d8%ac%d9%8a%d9%85
Title: #وصفات_رجيم

Search URL Search Domain Scan URL

URL: https://www.filkhabr.com/tag/%d8%b1%d8%ac%d9%8a%d9%85
Title: #رجيم

Search URL Search Domain Scan URL

URL: https://www.filkhabr.com/tag/%d8%a7%d8%b3%d8%aa%d8%ab%d9%85%d8%a7%d8%b1
Title: #استثمار

Search URL Search Domain Scan URL

URL: https://www.filkhabr.com/tag/%d9%86%d8%b8%d8%a7%d9%85-%d8%ba%d8%b0%d8%a7%d8%a6%d9%8a
Title: #نظام_غذائي

Search URL Search Domain Scan URL

URL: https://www.filkhabr.com/tag/%d8%a7%d9%84%d8%b9%d9%86%d8%a7%d9%8a%d8%a9-%d8%a8%d8%a7%d9%84%d8%a8%d8%b4%d8%b1%d8%a9
Title: #العناية_بالبشرة

Search URL Search Domain Scan URL

URL: https://www.filkhabr.com/tag/%d8%b1%d9%8a%d8%a7%d8%af%d8%a9-%d8%a3%d8%b9%d9%85%d8%a7%d9%84
Title: #ريادة_أعمال

Search URL Search Domain Scan URL

URL: https://www.filkhabr.com/tag/%d8%a7%d9%84%d8%b1%d8%a8%d8%ad-%d9%85%d9%86-%d8%a7%d9%84%d8%a7%d9%86%d8%aa%d8%b1%d9%86%d8%aa
Title: #الربح_من_الانترنت

Search URL Search Domain Scan URL

URL: https://www.filkhabr.com/tag/%d8%a7%d9%84%d8%b9%d8%a7%d8%a8-%d8%a7%d9%88%d9%86-%d9%84%d8%a7%d9%8a%d9%86
Title: #ألعاب_اون_لاين

Search URL Search Domain Scan URL

URL: https://www.abdulrahman.com/
Title: عبد

Search URL Search Domain Scan URL

URL: https://twitter.com/tielabs
Title: @on Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.filkhabr.com/wp-content/uploads/2021/04/Filkhaba-Logo-4.png HTTP 301
https://blog.filkhabr.com/wp-content/uploads/2021/04/Filkhaba-Logo-4.png

111 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
blog.filkhabr.com/ 304 KB
47 KB 127ms
67ms Document
text/html 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d89c3e769c27b6322da65d65c006de9c84f7a940fde51453a00d74b501f3998d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7faf1d584e62903d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 00:07:19 GMT
expires: Wed, 23 Aug 2023 00:07:19 GMT
last-modified: Tue, 22 Aug 2023 18:17:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BToG%2FPLNhPXXIvGx7WmlMVuC4RpsaH17u2rt7At9ZPPbzm3ZRXfI3yfBu50ilhwFoL1Yq%2BE9CXuYBeAJtGGse0NTfq5AHLm9vJtVOPx1ZKhlWvH7YFVg2v2DJAF%2BhAd1nkcUzcpAieWVJ1eNPoi2%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H2 200 flat-jooza-regular.woff
www.fontstatic.com/fonts/flat-jooza/ 22 KB
23 KB 87ms
30ms Font
application/font-woff 2606:4700:3035::6815:1ccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fontstatic.com/fonts/flat-jooza/flat-jooza-regular.woff
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1ccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56eb00ddcdd61c5a33651856ab085f185eac9c08a996374cdce6d9de51092117

Request headers

Referer: https://blog.filkhabr.com/
Origin: https://blog.filkhabr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4246
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2019 17:49:59 GMT
server: cloudflare
etag: W/"5d30b147-5824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8e7%2FFLrCUzZjyztv5NVKh4O2vRXaFMJPdoioCN2P7%2FdgBqzJClXpP0cgNKD6%2FAodBck691puZMNJay6FtxUiKWKV0aYIigTcixJ60Bk2lPJnQyWCIHTr0gPrEYCwZ%2BFKbGnUP8k6fvh9zUQ8aGNBaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 7faf1d592eaa1e49-FRA
x-proxy-cache: MISS

GET
H2 200 fontawesome-webfont.woff2
blog.filkhabr.com/wp-content/themes/jannah/fonts/fontawesome/ 75 KB
76 KB 33ms
31ms Font
font/woff2 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/wp-content/themes/jannah/fonts/fontawesome/fontawesome-webfont.woff2
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://blog.filkhabr.com/
Origin: https://blog.filkhabr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
cf-cache-status: HIT
last-modified: Sat, 27 Feb 2021 13:55:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9778458
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEt6I2iLMK8BdvxTo424WoZDqqud%2F1eJ47EqwopKAZ%2B3V6TDuBcnZ%2BaAON8YrEUMLuVpIiaqwI7Eb%2FYktorMxqsMkN7nkFdHplPhoaUr2lkGM24i9miUSXkWN0Tkx02pTvUQ4Xi%2Fx9UpvCyHMM4vGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=10368000
cf-ray: 7faf1d58cf25903d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 19:53:01 GMT

GET
H2 200 tiefonticon.ttf
blog.filkhabr.com/wp-content/themes/jannah/fonts/tiefonticon/ 9 KB
6 KB 40ms
39ms Font
font/ttf 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/wp-content/themes/jannah/fonts/tiefonticon/tiefonticon.ttf
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e5fe3d9f3103e880a68f6ce8ab0d505eea2b6ea38daf1b873304cb6f837cbe4

Request headers

Referer: https://blog.filkhabr.com/
Origin: https://blog.filkhabr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 27 Feb 2021 13:55:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9777920
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Skq8gHMUbb973CktFVVJfouwpDTEvIYv4eTW30V1Or1%2B1VFHL%2FFLg6im%2FPpojRtNecxdJJPeO9o1%2BDg%2FwEFNKohGfmS4tGrVwmNHf3zBQrxfxMhto9N2pGPsX9kTlBuh9uZiPlyt6jJ4He5KILs8QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=10368000
cf-ray: 7faf1d58cf27903d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 20:01:59 GMT

GET
H2 200 ratemypost.ttf
blog.filkhabr.com/wp-content/plugins/rate-my-post/public/css/fonts/ 5 KB
3 KB 28ms
28ms Font
font/ttf 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f

Request headers

Referer: https://blog.filkhabr.com/
Origin: https://blog.filkhabr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2023 04:00:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5290002
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpK5XRxcYeTCVXXXUladdGIS1S1YZ5%2FZ0GefPH4Bay8NvL5GFQF4HswPZWeNv5WagoQmMRGTaNxgdQir9q%2B8UtczOjgQS5QNP4EytFfgJldM7eiaEtHWzQDHInn3ycdxq98sA%2B%2FH%2BmAH%2BTpXSZo%2FPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=10368000
cf-ray: 7faf1d58df30903d-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Oct 2023 18:40:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 98ms
37ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S46BNBBQEL

Requested by

Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e0c9f847566eb982df2db7d6ea82f566de2597cb6807d307f9e5c6ec5dd2d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82648
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 00:07:19 GMT

GET
H/1.1 200
OK 49027 Show response
bn.aoliplastin.com/1clkn/ 6 B
1 KB 248ms
32ms Script
application/javascript 23.109.82.5
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://bn.aoliplastin.com/1clkn/49027

Requested by

Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.82.5 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 00:07:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 105ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7412509426492072

Requested by

Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d197d3f1d06aa10d4adef1a64c5448a9cd4693834172aa8bded31daefbee84f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
Origin: https://blog.filkhabr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50926
x-xss-protection: 0
server: cafe
etag: 16234165171286922639
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 00:07:19 GMT

GET
H2 200 jquery.min.js Show response
blog.filkhabr.com/wp-includes/js/jquery/ 88 KB
32 KB 33ms
30ms Script
application/javascript 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 05:28:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 14262639
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEUFks1P8ULPrGRs21EgiiKIUorgYP%2FR3ie%2Bm%2BNEerE5YgNDjIT1UnhaLRIIdPBnBl5mZlxLt9AP4GbXKVKR4iZN0qBXkIupalk07DDM07SNFb3Mgc3jpCjNUWfnSma2is4XSLNx%2FNEYjjzPLvLt8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7faf1d58ff37903d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
blog.filkhabr.com/wp-includes/js/jquery/ 11 KB
5 KB 30ms
29ms Script
application/javascript 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Nov 2020 20:01:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 14262721
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SZA%2BBcj7LRqunrvm0YJbP7EE7m9cQ5b4Yi64g000DW5%2FpxK%2Fu8Ls9AE3n2W14OlKUzWQOtFe%2BhEtse4vnMLjalpEi2p62bD7b632jz%2B3ba8Kkqhd1fSvMHcA%2BSG1NfH2fhO1PcaMrDf5zvhEvcMOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7faf1d58fdc737e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 scripts.min2.js Show response
blog.filkhabr.com/wp-content/cache/min/1/wp-content/themes/jannah/js/ 22 KB
8 KB 41ms
41ms Script
application/javascript 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/wp-content/cache/min/1/wp-content/themes/jannah/js/scripts.min2.js?ver=1685695112
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5737935a57b4380ebe6c7b2079557c0791ecd2ba61643ddaff6bb6134be0dafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 02 Jun 2023 08:38:32 GMT
server: cloudflare
age: 7053903
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p00ja7wECub2T6tcAHlZp4mieXXeA4%2Fgh0W2Rz1wfKIwJwQgRzqziTlaqnoHkESYOcz2A7X81VTD%2B%2BGjDiZIVpfkDwW6EyXrus71Ms%2FKqlMu%2BOfIAiqBZanionxKcV1ztH2Db6u%2Fngve62jdBVfFKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7faf1d58fdc837e4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 01 Jun 2024 08:42:16 GMT

GET
H3 200 rate-my-post.js Show response
blog.filkhabr.com/wp-content/cache/min/1/wp-content/plugins/rate-my-post/public/js/ 24 KB
6 KB 31ms
30ms Script
application/javascript 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/wp-content/cache/min/1/wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=1685695112
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eadaf7787e20ffaeb9d1065715aeab0aba22bf289c26b4c894db7a75c22d48f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7053903
cf-polished: origSize=24469
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 02 Jun 2023 08:38:32 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eFw4VhPQNaiYhKGYNQFc9einEdqTppCC3f5PJvI%2BNjOX3YeMrOVgWUqG%2BcWo3av3pHq8exTaXS6oE5HP3QvmVtxJBvQ0yfgmONT6U9ZvKpChA%2FOA1nQFVxvzFrgOhQ2s0ZxnSno3z2I%2BqfVyYnMCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7faf1d58fdcb37e4-FRA
expires: Sat, 01 Jun 2024 08:42:16 GMT

GET
H3 200 scripts.min.js Show response
blog.filkhabr.com/wp-content/themes/jannah/js/ 238 KB
73 KB 50ms
50ms Script
application/javascript 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/wp-content/themes/jannah/js/scripts.min.js
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e77d07e6ea1c277eed39e16f2b7d3faba7dc6a9eb01ee5b9cd9458a8b07d4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 27 Feb 2021 13:55:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 14262752
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXeM7KKfRaV6WNLJJ24MjJfv%2BKP7LJDh%2F5yfU%2F44qyT8P5L5PCih%2BDU10Ltr85TNnik5%2F63XKPmuBiS2wHr8jBqldkQA7wJUmw%2Fxo52J6crKbdcGu1TYD%2BqydeH2FziBj64erumlwfEi9BQ3g1UR1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7faf1d58fdcc37e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 imagesloaded.min.js Show response
blog.filkhabr.com/wp-includes/js/ 5 KB
2 KB 31ms
31ms Script
application/javascript 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/wp-includes/js/imagesloaded.min.js
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 14267058
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhvMp8BxteKUrqeba%2FKyVn7TzHrptOoe5u%2BF2T5%2B6iayCoy0jns1kbeVpETmlvaT%2FG5ke8bjJeifzCkLfbnQp6QPSQ6AA64YqeWPbBtTWKO1dfh3oqWbsY23qeGu9ZpmjSDlYN7opE8jVtGan5%2FQsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7faf1d58fdcd37e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sliders.min.js Show response
blog.filkhabr.com/wp-content/themes/jannah/js/ 64 KB
16 KB 121ms
120ms Script
application/javascript 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/wp-content/themes/jannah/js/sliders.min.js
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b61639c09050b03cf807c2b364a6fc72aeb3d3a8234c38c9824c2ea3542ef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 27 Feb 2021 13:55:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10148420
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6n6SB3lk%2BobR33MP31HlQZ5hByK1xqH1TJuuTJ1%2BkXS4ILfTjc7P5w8lsaUvMBMIpXMiD3HaJ9vGnEdiXAB2LTMW4rroh%2FQ8NlhTaq5IXb1TaIY3Vp%2FpduDsr4unka6ZoBjtUGIXkOUhZ5PoL93%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7faf1d58fdcf37e4-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 26 Apr 2024 13:06:59 GMT

GET
H3 200 lazyload.min.js Show response
blog.filkhabr.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 78ms
77ms Script
application/javascript 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.filkhabr.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2023 04:00:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3938716
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwKWfFSloJeF2X6oRLKYssLbZGDwyxRaJWAaFoC6gkAyBse59dDOaMibcyu7Zo%2BBXEkVQ0hiutnrJXLrKE61Z0b9DcLxUfu3mRkNiRRAeUXLBd8dizwpQxT7hmfWjcRifn0OTAr%2FthbLIl2AiIzhfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7faf1d594df937e4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 07 Jul 2024 10:02:03 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51f49626781ca8ebfc251b1a2a3e3587431f5f41ea011056862957de03f15169

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15d51a96c00f46c89828a7e962637d786edd66bd3ddde40c395f8647649d958b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf072b797353602918996980c44cfe88d0067ac8bc2582aa01d55ba11fd8ecf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc8eae7feaa5cc0462eec8cfe79c58e17b0e22b81531bfcea55d29d8b3022097

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/ 392 KB
132 KB 107ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7412509426492072&plah=blog.filkhabr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7412509426492072

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c575ae92c0b9aa16c7031e5912b0810606f7460f01a1b49797e8a925ca27e753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134833
x-xss-protection: 0
server: cafe
etag: 7135811222772940584
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 00:07:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230821/r20190131/ Frame 4AD4 10 KB
5 KB 74ms
22ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230821/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7412509426492072

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 21:45:00 GMT
etag: 9878862242593084568
expires: Tue, 05 Sep 2023 21:45:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

Filkhaba-Logo-4.png
blog.filkhabr.com/wp-content/uploads/2021/04/
Redirect Chain

https://www.filkhabr.com/wp-content/uploads/2021/04/Filkhaba-Logo-4.png
https://blog.filkhabr.com/wp-content/uploads/2021/04/Filkhaba-Logo-4.png

9 KB
10 KB

32ms
32ms

Image
image/png

2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.filkhabr.com/wp-content/uploads/2021/04/Filkhaba-Logo-4.png
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5da3b8f621becccba341800e7834643600e8fb623aa2b8a33fd464a8522b481

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Apr 2021 00:10:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3899144
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm8K3JCksElPS0efVqphMG0f57RYswz2rH1bHfcgueWtvbb%2BVKgvwRqtT1VAS8ZXhDwcuc5YlfOWWN9EMJyfvHjT3JsLHfi49h8SCFJwvukWOL4dHnCN6MzmibkhuzZ0Ljwbne5RFT8mVBQXkFNQUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7faf1d5abf2a37e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9468

Redirect headers

date: Wed, 23 Aug 2023 00:07:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tM7MdsdyI1gKsugB%2BoHracsxaK0dpWafyiVvKcQEurPHiOQigjBBRL%2Frv44yw5bhv6rtHez4%2BzyrVKSiHUVm%2B0nMsDBrT2azO1zuLzWvzbgNy5CX2jQMXRJi0LkE7pJiymxuQFem5fB%2Ba2PSwUVI"}],"group":"cf-nel","max_age":604800}
location: https://blog.filkhabr.com/wp-content/uploads/2021/04/Filkhaba-Logo-4.png
cache-control: max-age=3600
cf-ray: 7faf1d5a8ff6903d-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 23 Aug 2023 01:07:19 GMT

GET
H3 200 %D8%B4%D9%81%D8%B1%D8%A7%D8%AA-%D8%AC%D8%A7%D8%AA%D8%A7-%D8%B3%D8%A7%D9%86-%D8%A7%D9%86%D8%AF%D8%B1%D8%B3-390x220.jpg
blog.filkhabr.com/wp-content/uploads/2021/08/ 28 KB
28 KB 53ms
52ms Image
image/jpeg 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.filkhabr.com/wp-content/uploads/2021/08/%D8%B4%D9%81%D8%B1%D8%A7%D8%AA-%D8%AC%D8%A7%D8%AA%D8%A7-%D8%B3%D8%A7%D9%86-%D8%A7%D9%86%D8%AF%D8%B1%D8%B3-390x220.jpg
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7437469251c64519629e9bb30252e140b2c6856cc3dbf88d455a5944397630af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
cf-cache-status: HIT
last-modified: Sat, 21 Aug 2021 00:55:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3891080
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaJ8dsDZwQ1zLkOUxCoga3omPMj8z8YcFPi%2BL1nFU0l6bZ0Pelg%2FX6ai9klEauc1V3EWCxYJmQwwTtVMjAxASkLz%2FXuH%2B7wdJ8XK6KZ0q94nyFo%2FrrnYogJdc6Yol407ZOGlkzByvc2nMCfnJNc%2B9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7faf1d5a7ef537e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28561

GET
H3 200 %D8%A7%D9%81%D8%B6%D9%84-%D8%A7%D9%84%D8%B9%D8%A7%D8%A8-%D8%AB%D9%86%D8%A7%D8%A6%D9%8A%D8%A9-%D9%84%D9%84%D9%83%D9%85%D8%A8%D9%8A%D9%88%D8%AA%D8%B1-390x220.jpg
blog.filkhabr.com/wp-content/uploads/2021/07/ 28 KB
29 KB 54ms
53ms Image
image/jpeg 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.filkhabr.com/wp-content/uploads/2021/07/%D8%A7%D9%81%D8%B6%D9%84-%D8%A7%D9%84%D8%B9%D8%A7%D8%A8-%D8%AB%D9%86%D8%A7%D8%A6%D9%8A%D8%A9-%D9%84%D9%84%D9%83%D9%85%D8%A8%D9%8A%D9%88%D8%AA%D8%B1-390x220.jpg
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9263c067e3cfc3c1e05f12a5b3255d03237483a60d697ab7448cb30f1378779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Jul 2021 12:44:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1101328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqrf6st%2FiZ%2BvhLSX%2F7BH5752u5Nf5WgepEN7VMJHagvuvMbLxo24Y14QXBzuUOlo5O1j1JQYpZNk6nc1L8gKSfzLcAq28HviAlSBHE9qDqs%2BPsHYGPLoX8AnUnucpkaRFRKZh0gYo2O1xswqxa9ZmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7faf1d5a7ef737e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29070
expires: Fri, 08 Dec 2023 06:11:51 GMT

GET
H3 200 %D8%A7%D9%84%D8%A7%D8%B3%D8%AA%D8%B9%D9%84%D8%A7%D9%85-%D8%B9%D9%86-%D8%A7%D9%84%D8%AA%D8%A3%D9%85%D9%8A%D9%86%D8%A7%D8%AA-%D8%A8%D8%B1%D9%82%D9%85-%D8%A7%D9%84%D8%B3%D8%AC%D9%84-%D8%A7%D9%84%D9%85...
blog.filkhabr.com/wp-content/uploads/2021/06/ 21 KB
21 KB 29ms
29ms Image
image/png 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.filkhabr.com/wp-content/uploads/2021/06/%D8%A7%D9%84%D8%A7%D8%B3%D8%AA%D8%B9%D9%84%D8%A7%D9%85-%D8%B9%D9%86-%D8%A7%D9%84%D8%AA%D8%A3%D9%85%D9%8A%D9%86%D8%A7%D8%AA-%D8%A8%D8%B1%D9%82%D9%85-%D8%A7%D9%84%D8%B3%D8%AC%D9%84-%D8%A7%D9%84%D9%85%D8%AF%D9%86%D9%8A-390x220.png
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfa9502658663d924cf921ce3429b1ccc9f60b3e818df4de1ed37adfda1a294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Jun 2021 12:57:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 742293
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cV0BZQFOjXklpqrVnk%2Bn0BxKzkj4nWj975ykTX4EMKwdUnr29vXCcaOA8ylqbrNVCtVqHFys4igS8TIUPkkugcXTMop8Iqmdh6GK8DtiGUC3cpynW20GRYJtNgbVUUs2gEnox2khSqt27L3IAjtfVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7faf1d5a7ef837e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21418
expires: Tue, 12 Dec 2023 09:55:46 GMT

GET
H3 200 %D8%A7%D8%B3%D8%AA%D8%B9%D9%84%D8%A7%D9%85-%D8%B9%D9%86-%D8%A7%D9%84%D9%85%D8%AE%D8%A7%D9%84%D9%81%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%B1%D9%88%D8%B1%D9%8A%D8%A9-%D8%A8%D8%B1%D9%82%D9%85-%D8%A7%D9%84...
blog.filkhabr.com/wp-content/uploads/2021/06/ 23 KB
23 KB 30ms
30ms Image
image/png 2606:4700:3031::6815:439e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.filkhabr.com/wp-content/uploads/2021/06/%D8%A7%D8%B3%D8%AA%D8%B9%D9%84%D8%A7%D9%85-%D8%B9%D9%86-%D8%A7%D9%84%D9%85%D8%AE%D8%A7%D9%84%D9%81%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%B1%D9%88%D8%B1%D9%8A%D8%A9-%D8%A8%D8%B1%D9%82%D9%85-%D8%A7%D9%84%D9%87%D9%88%D9%8A%D8%A9-390x220.png
Requested by: Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:439e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de5c656c27ee82a2be97cf73cc0c652674740cdfd67ea97c13c8f06874286a3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Jun 2021 12:52:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3863483
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xc3iB4a65bcgGGEIVgJFY2TJe4%2BlOIJwhqrmVQXoqcwXw1DxErG7YfA7uBHJVlhnn9PZ2UzrjGEtqJI%2Fh51SCSAL57BMT02z5nDDOgUGQfG3K%2Fk%2BWUjDABtoJUq0FF1%2FkZCyRNjVFSQO5G9IEmtQEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7faf1d5a7ef937e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23232

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 83ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S46BNBBQEL&gtm=45je38l0&_p=1148656875&cid=340650223.1692749239&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692749239&sct=1&seg=0&dl=https%3A%2F%2Fblog.filkhabr.com%2F&dt=%D9%85%D8%AC%D9%84%D8%A9%20%D9%81%D9%89%20%D8%A7%D9%84%D8%AE%D8%A8%D8%B1%20%E2%80%93%20%D9%85%D8%AC%D9%84%D8%A9%20%D9%81%D9%89%20%D8%A7%D9%84%D8%AE%D8%A8%D8%B1%20%D8%A7%D9%84%D8%B5%D8%AD%D8%A9%20%D9%88%D8%A7%D9%84%D8%AC%D9%85%D8%A7%D9%84%20%D9%88%D8%AA%D8%AE%D8%B3%D9%8A%D8%B3%20%D8%A7%D9%84%D9%88%D8%B2%D9%86%20%D9%88%D8%A7%D9%84%D8%B9%D9%86%D8%A7%D9%8A%D8%A9%20%D8%A8%D8%A7%D9%84%D8%A8%D8%B4%D8%B1%D8%A9%20%D9%88%D8%A7%D9%84%D8%B4%D8%B9%D8%B1%20%D9%88%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7%20%D9%88%D8%A7%D9%84%D8%B3%D9%81%D8%B1%20%D9%88%D8%A7%D9%84%D8%B3%D9%8A%D8%A7%D8%AD%D8%A9%20%D9%88%D8%A7%D8%B3%D8%AA%D8%B1%D8%A7%D8%AA%D9%8A%D8%AC%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B1%D8%A8%D8%AD%20%D9%88%D8%A7%D9%84%D8%A7%D9%82%D8%AA%D8%B5%D8%A7%D8%AF%20%D9%88%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B7%D8%A8%D8%AE%20%D9%88%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D8%A9%20%D9%88%D8%A7%D9%84%D8%A7%D9%84%D8%B9%D8%A7%D8%A8&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S46BNBBQEL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 00:07:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.filkhabr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 88ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=blog.filkhabr.com&callback=_gfp_s_&client=ca-pub-7412509426492072

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7412509426492072&plah=blog.filkhabr.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b338c38447f522fd7b0db8639d57ca71a827dc70e2d956716c05d74df740898b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 873F 480 KB
88 KB 440ms
439ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7412509426492072&output=html&adk=2969136045&adf=3689892565&lmt=1692721020&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fblog.filkhabr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692749239406&bpp=3&bdt=255&idt=171&shv=r20230821&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4193536640632&frm=20&pv=2&ga_vid=340650223.1692749239&ga_sid=1692749240&ga_hid=1148656875&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44800951&oid=2&pvsid=143830542251985&tmod=735740827&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=198

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfde4e6661341e03197fdcf7e4ac1f3da9d902d0af27883953e4d9e203486449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 89377
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 00:07:20 GMT
expires: Wed, 23 Aug 2023 00:07:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 40ms
39ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230821&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c629dc44ee84f731b2bb7032205d37124fe98854b6ba06837a1b261b8a4d98b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11870
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/ 154 KB
52 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5ffd3589ee00913d1ac59925a568d065bae6fd782db879d7dd4c44d2d224e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53697
x-xss-protection: 0
server: cafe
etag: 11710658787091028902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 00:07:20 GMT

GET
H2 200 ca-pub-7412509426492072 Show response
fundingchoicesmessages.google.com/i/ 150 KB
50 KB 118ms
56ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7412509426492072?ers=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa3a7ffa2486855d7aab046e4d1c719e873a23ab7bbc2778a5b1ce64cdd56703

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Hw3zxzfh_diJL6qIf3KkMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-Hw3zxzfh_diJL6qIf3KkMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 90ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 00:07:20 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C82 13 KB
5 KB 24ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 23:14:56 GMT
expires: Wed, 21 Aug 2024 23:14:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1C3D 829 B
1 KB 86ms
30ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fbd013afae8293aa5c8abe2acb11bcf0ed18ec58a1184be611d3c2fa583d7c62

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ffQpr0RkAIJseqQj1_YtRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.filkhabr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-ffQpr0RkAIJseqQj1_YtRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 00:07:20 GMT
expires: Wed, 23 Aug 2023 00:07:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/ Frame E2CA 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 19:47:48 GMT
etag: 9878862242593084568
expires: Tue, 05 Sep 2023 19:47:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/ Frame 14E6 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 19:47:48 GMT
etag: 9878862242593084568
expires: Tue, 05 Sep 2023 19:47:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/ Frame 500C 10 KB
4 KB 24ms
23ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 19:47:48 GMT
etag: 9878862242593084568
expires: Tue, 05 Sep 2023 19:47:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/ Frame A88C 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 19:47:48 GMT
etag: 9878862242593084568
expires: Tue, 05 Sep 2023 19:47:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVfFax1rh1M0H87L8WNS557mGe-GO8sjUu4cLavkG2Kbd9dtanDzNrzN-EUV-Hd1UiSkwKD-2KyLhtDnaaXA-9ALQlmjRQKdjwbIAD0F0LHSgwW_32S_Ktm1nY-zsA7Oo4hvm8rRQ== Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 59ms
57ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVfFax1rh1M0H87L8WNS557mGe-GO8sjUu4cLavkG2Kbd9dtanDzNrzN-EUV-Hd1UiSkwKD-2KyLhtDnaaXA-9ALQlmjRQKdjwbIAD0F0LHSgwW_32S_Ktm1nY-zsA7Oo4hvm8rRQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkyNzQ5MjQwLDM3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ibG9nLmZpbGtoYWJyLmNvbS8iLG51bGwsW1s4LCJmdzNhREhvVl9jOCJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.fw3aDHoV_c8.es5.O/d=1/rs=AJlcJMwsdxuNklh6k436mL_qwoaZYPLqtQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8eeafe9af33794c39fc49be725f8675bcccb753b91b342f99383d66eba614a7e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1UlNb1DFvaCUvEPW2VRDTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1UlNb1DFvaCUvEPW2VRDTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame E2CA 4 KB
744 B 94ms
33ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 22:49:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 00:07:20 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E2CA 205 B
651 B 80ms
21ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:55:22 GMT
x-content-type-options: nosniff
age: 594718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Aug 2024 02:55:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E2CA 604 B
695 B 103ms
44ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:17:37 GMT
x-content-type-options: nosniff
age: 10183
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 21 Aug 2024 21:17:37 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/elements/html/ Frame E2CA 15 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e047ef4f0df4b7a920fa4098e5f3b2b3c43da69b10462c37112606228b222c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:38:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6441
x-xss-protection: 0
server: cafe
etag: 6802313557646952851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:38:11 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/elements/html/ Frame E2CA 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:29:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 14E6 6 KB
779 B 88ms
32ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 22:10:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 00:07:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 14E6 2 KB
892 B 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/ Frame 14E6 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fe4d97b1671eea18574c9a7fe6d0b148f4adbc659ecd4637fbaae23d23e5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9069
x-xss-protection: 0
server: cafe
etag: 10905698820215237127
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 14E6 3 KB
1 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 14E6 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14E6 181 KB
57 KB 101ms
50ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 00:07:20 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 14E6 35 KB
15 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Nov 2023 23:14:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 500C 6 KB
1 KB 75ms
31ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 22:14:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 00:07:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 500C 2 KB
892 B 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/ Frame 500C 23 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fe4d97b1671eea18574c9a7fe6d0b148f4adbc659ecd4637fbaae23d23e5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9069
x-xss-protection: 0
server: cafe
etag: 10905698820215237127
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 500C 3 KB
1 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 500C 20 KB
8 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 500C 181 KB
57 KB 109ms
70ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 00:07:20 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 500C 35 KB
15 KB 63ms
28ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Nov 2023 23:14:09 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5E26 146 KB
48 KB 160ms
88ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOVNtwAJ728KwkR8AAuKp1K6GMzHP2ek8bN2Eg&u=%7CsFchTBz7gddjkwChuWKxV%2BVDqHpgmk5giQxWLJPoeX8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861tU_7_giAdIpRDugYzLWvWeCQ5uBH4sJmMxqhEUSlCgf90kWcEGXSCONaT1uof3XprI5RYwf8_zwSTNRYHiOimIHzEDqJIe1DwoQzVP6zAa0xKhE3OBOl6LX3QI139f1c4T7WGsuo5VtjMzWm6n-sWoT_jLkNBDrRpJX6ICkz9OKxdel1B0c-CrMilAv-BwtdeQ93VD5jVcpDg6Q5a3kAN3pmKy4qqL3j2fSiXOoftVl8cQmFnTRs7JJ6Z80VMQ_Nd3HY97Djj8BYLMTyTzK5xU50B02BkSTiGkB3ayWZ_Pjuy3o9tAG2wAoWNm47Rex5PkioZxtHhuIy1MNWC6CIT1PDS4RauVrhaJYBdJY_C7fBg3A-AGucJJ2bcylX7zZHFuMEi4fvt_QBqlnK2nlpFUpEL3cU7Q1spbDQeEAagyxgOByGltTPA4n7Iz5F5F0zhRI8uQYlKfgV2kwOYq2LAyPcdBNSNROl_LE3z_ARdNSZ8ZO3KNHCBQ0K33fTYEkcQwF5I5OG-mPnP2UMjVJutVgQyR1wSlX1R6gxvwprn0cgn8k1DBt_tRBg_Mg7k0i6p35HKJqxEnUtYcP0RxMz9PfagxmebUJA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvK7kt03lZO_eJ_yIiQanla7QA8me0rFcvemV93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNzQxMjUwOTQyNjQ5MjA3MsgBCakC7Udl4VAysj6oAwHIAwKqBMcBT9DLbPKvakcCDpFgWG3g5lSgJciJnP7sVoxRv8dUYjvRbIzKJI4pjyNrjyZ6RApEXcVu7pbGyoR_JasS6VwK01UgPIh3JOa58KL0dMEs7hn2iYBzW3QV1r-sJNIdmq1fDoJzZ706X69UIrSL4dJo-PF6soDk4VQcQFhuisjMSskkgW9a12hXLA7Yf9NkuKDWAl4yXBQ7WXnuryV0oOTbfYUHMNGEqaWvRFz5VEEV4LhlDeZmTdZ5hMLGFrmawFuTuEMCtw-PT4AGjtSynLeypa1ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_05gsDH466bWobiRrolAjCSsIjyGg%26client%3Dca-pub-7412509426492072%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

816df48350eba9b89f079d5ee605e0ee9140a5934dca688bf4e2c33f064bd02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 00:07:19 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=9cc1eL9TYjJSmgaiTbHO6gaEq-oe2gBNqtMzeNx02jSV9q5eIMtybup7bDXOU5Olw9T5HzQV1alxwviTfOuvWe9WxmBYpQeVwucMClks-JzaiajWAKt5tC4VJYB3v0FLBYv9pjEZSr51AldF4S9egO7AWrwZk-MHkBBa4K24-puMz9h_umgFSG9PkeZKqELLI5g6-hx0K1Sdhs6YNFmD5VAosl8UeRNLHni_NV6i8_2JCkb0PDleZYxlD00nW-APhOgpMw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 48959375
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame A88C 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame A88C 20 KB
8 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A88C 181 KB
57 KB 128ms
98ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 00:07:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1C3D 0
0 57ms
56ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230821&jk=143830542251985&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H3 204 AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 84ms
36ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L8shiFy1Vh9a0p36pfrUyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-L8shiFy1Vh9a0p36pfrUyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://blog.filkhabr.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVxkxh1z1Dt3EjwftyQxaJfk81tkCOoKA_gf1bIfVv1CHC3NAXWTDoAb5Oy5wJIwiHnVpR7LSVaSXKALD8OOEj6gT5JhI1taaVELhFCXGokJqj3czSSewxV9DVtSysMBV5FjhA_LA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 66ms
63ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVxkxh1z1Dt3EjwftyQxaJfk81tkCOoKA_gf1bIfVv1CHC3NAXWTDoAb5Oy5wJIwiHnVpR7LSVaSXKALD8OOEj6gT5JhI1taaVELhFCXGokJqj3czSSewxV9DVtSysMBV5FjhA_LA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkyNzQ5MjQwLDQ5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9ibG9nLmZpbGtoYWJyLmNvbS8iLG51bGwsW1s4LCJmdzNhREhvVl9jOCJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44fddd4ffeaa203e80eb8dce4fae0b15415cb2db8a9f64f99533265fa80f6aff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3HdHAQ5Sk9Ugiamg3F16DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-3HdHAQ5Sk9Ugiamg3F16DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C82 37 KB
14 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:54:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 20:54:45 GMT

GET
DATA 200
OK truncated
/ Frame A88C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cfe46e456ebfdf29188f49197b05989aa7ca324cb76b9ab335967c40aaeed2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame B65E 2 KB
892 B 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/ Frame B65E 23 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fe4d97b1671eea18574c9a7fe6d0b148f4adbc659ecd4637fbaae23d23e5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9069
x-xss-protection: 0
server: cafe
etag: 10905698820215237127
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame B65E 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame B65E 20 KB
8 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:14:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B65E 181 KB
57 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 00:07:20 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame B65E 35 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Nov 2023 23:14:09 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5E26 2 KB
1 KB 109ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOVNtwAJ728KwkR8AAuKp1K6GMzHP2ek8bN2Eg&u=%7CsFchTBz7gddjkwChuWKxV%2BVDqHpgmk5giQxWLJPoeX8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC861tU_7_giAdIpRDugYzLWvWeCQ5uBH4sJmMxqhEUSlCgf90kWcEGXSCONaT1uof3XprI5RYwf8_zwSTNRYHiOimIHzEDqJIe1DwoQzVP6zAa0xKhE3OBOl6LX3QI139f1c4T7WGsuo5VtjMzWm6n-sWoT_jLkNBDrRpJX6ICkz9OKxdel1B0c-CrMilAv-BwtdeQ93VD5jVcpDg6Q5a3kAN3pmKy4qqL3j2fSiXOoftVl8cQmFnTRs7JJ6Z80VMQ_Nd3HY97Djj8BYLMTyTzK5xU50B02BkSTiGkB3ayWZ_Pjuy3o9tAG2wAoWNm47Rex5PkioZxtHhuIy1MNWC6CIT1PDS4RauVrhaJYBdJY_C7fBg3A-AGucJJ2bcylX7zZHFuMEi4fvt_QBqlnK2nlpFUpEL3cU7Q1spbDQeEAagyxgOByGltTPA4n7Iz5F5F0zhRI8uQYlKfgV2kwOYq2LAyPcdBNSNROl_LE3z_ARdNSZ8ZO3KNHCBQ0K33fTYEkcQwF5I5OG-mPnP2UMjVJutVgQyR1wSlX1R6gxvwprn0cgn8k1DBt_tRBg_Mg7k0i6p35HKJqxEnUtYcP0RxMz9PfagxmebUJA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvK7kt03lZO_eJ_yIiQanla7QA8me0rFcvemV93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNzQxMjUwOTQyNjQ5MjA3MsgBCakC7Udl4VAysj6oAwHIAwKqBMcBT9DLbPKvakcCDpFgWG3g5lSgJciJnP7sVoxRv8dUYjvRbIzKJI4pjyNrjyZ6RApEXcVu7pbGyoR_JasS6VwK01UgPIh3JOa58KL0dMEs7hn2iYBzW3QV1r-sJNIdmq1fDoJzZ706X69UIrSL4dJo-PF6soDk4VQcQFhuisjMSskkgW9a12hXLA7Yf9NkuKDWAl4yXBQ7WXnuryV0oOTbfYUHMNGEqaWvRFz5VEEV4LhlDeZmTdZ5hMLGFrmawFuTuEMCtw-PT4AGjtSynLeypa1ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_05gsDH466bWobiRrolAjCSsIjyGg%26client%3Dca-pub-7412509426492072%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 00:07:20 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5E26 2 KB
1 KB 109ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 00:07:20 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5E26 308 B
636 B 37ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Aug 2024 00:07:20 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5E26 293 B
621 B 36ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Aug 2024 00:07:20 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 5E26 43 B
348 B 130ms
39ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=vf62vVvYw4e2rdw5h124_z-mfyCdvh1UQXpK38GxiSGg3VHfB6n7dXK8t89HHgI6XsNzxhO0v9hXQL4K2OpS6WtkVd_mIR8ec2u7pLodhE9ClOChf69ugrvGyt3fqYEPQNRUXLmUxtFPonlAneFD_2QQnW7Rc1UduZxDvpZwSqHbEBuBMroq1FuRP3wM03UBgWm04H2TPzcKk4EboxCflNL5JjcIaZMZbUWCHUD4DJMcw88EHusy954bPQwezdtLOnVPJzbzhSCh2Ma0WEDU1IMMp3f_aGMibK9t47G96uOxa2GPymEMIzTrjDtm_CZo789xlqbxI8qQRTQeA_058lDyKFlrQpbZooxgmkooxAThldsWwljb1gGce8dL23FK_ubE-nqL6kd3Ks9L1ND-5Taicx48jyflsJRxeCjK8BLhVA9OIV_slm7TqgsBd03e2yUTR5zXWahp0zDzdBwTNV4E2nE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2094211
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5E26 12 KB
5 KB 73ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 540651
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvGRldXAuEabBcpIxRfX%2FMyaR0Fe6QmkKk%2Fo%2BX5zrF2cOO2tzTD79BazoYG7jjwixhNCSvqg%2Bw1fei8VsF1DQ0sn%2BDMKFmsfNRJHKDUXYLvTXg%2Br%2F2ljpVU4WsgcDZDapyZqJqe5Slsl7gOVO%2BQlBcaR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7faf1d6309d19966-FRA
expires: Mon, 12 Aug 2024 00:07:20 GMT

GET
H2 200 d65a37834aea45f3b2f89ed6973b410b_taz_800_a.woff
static.criteo.net/design/dt/ Frame 5E26 58 KB
59 KB 176ms
87ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/d65a37834aea45f3b2f89ed6973b410b_taz_800_a.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

91c32cf62c2a7ec7bc63bd4354823f66812d56d2323a5298eac81e5b969811c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 30 May 2018 09:59:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0e75fd-e98d"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 00:07:20 GMT

GET
H2 200 d9f6971a4f3d47b6be08a8b55e632b93_taz_700_a.woff
static.criteo.net/design/dt/ Frame 5E26 55 KB
55 KB 195ms
107ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/d9f6971a4f3d47b6be08a8b55e632b93_taz_700_a.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

114b07db8be817bfb1f20e07ac98d9500c7ed50146512c32c102f41309437b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 30 May 2018 09:59:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0e75fd-daf9"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 00:07:20 GMT

GET
H2 200 403d3864d4f545aeb1484932bb4ec84c_taz_500_a.woff
static.criteo.net/design/dt/ Frame 5E26 65 KB
65 KB 273ms
185ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/403d3864d4f545aeb1484932bb4ec84c_taz_500_a.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3f0133a51dbe2306a5d32fbc64643af6fc2503036a2ebec0e61b377d6e60ae75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 30 May 2018 09:59:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0e75fd-10316"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 00:07:20 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5E26 12 KB
6 KB 40ms
40ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 00:07:20 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5E26 4 KB
5 KB 143ms
72ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=49788&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F49788%2F180606%2Fd2747e8bfc464c829e15f92f21b511fc_logo_n_horizontal_ligh_rollover_bauh.jpg&v=3&w=464&s=PlzJTirJGcYeVBN7pwIH57xs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0e937dbbcc6ac86d5eea66d1c88c0a4d73d48a0b1ebdabd7c76bf0aab271a0c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4506
expires: Mon, 29 Jul 2024 21:12:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5E26 8 KB
9 KB 151ms
81ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F280864%2F12.jpg&v=3&w=400&s=W3_NHElKab0TSjGKTKgRrpXx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

339a142b74d654e469fe04d9e4956f07f1a55018e7b2b032080967df7671d07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 8556
expires: Fri, 25 Aug 2023 16:18:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5E26 6 KB
7 KB 107ms
37ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F1524253%2F12.jpg&v=3&w=400&s=fZhxAGCyIHw1tkN_f90fsssO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

53150cd0abdce77cb401a07e66c196041e5931fa9bf8e142f2ec114d1ee7dfaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 6538
expires: Wed, 23 Aug 2023 10:36:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5E26 10 KB
10 KB 142ms
72ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F126266%2F12.jpg&v=3&w=400&s=Eu-vHOGi2X98M1L721bxipCZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f7209189c9d2e544cdcc09a7e86378304a2cb3c17504828ce062f4f56c6e411c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 10032
expires: Fri, 25 Aug 2023 02:59:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5E26 8 KB
8 KB 152ms
82ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F640769%2F12.jpg&v=3&w=400&s=LPJ-3Qhc4oM9hnDGSjeTtQUs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3c388d863befa8f2ccbd5e2958c407ca2eafb0dc59724b103ec4f30c9a922006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 8452
expires: Wed, 23 Aug 2023 19:02:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5E26 11 KB
11 KB 171ms
102ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F1436069-1%2F12.jpg&v=3&w=400&s=e94cKzobgaUNEoxdz5A44bN0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e0fe61377400b34a804155179e1376198182f4fbc862bd6437ed40762ebab4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 11062
expires: Wed, 23 Aug 2023 11:32:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5E26 9 KB
9 KB 69ms
69ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F364584%2F12.jpg&v=3&w=400&s=WNS0redXTqMEryVO6r_l3z2o&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5971ae49490fd0580fb7f1132ea1eae5d9be29fd478aac97a11ed71fdb590814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 9028
expires: Sat, 26 Aug 2023 02:56:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5E26 4 KB
4 KB 72ms
72ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=49788&q=80&r=0&u=https%3A%2F%2Fmedia.cdn.bauhaus%2Fm%2F1466515-4%2F12.jpg&v=3&w=400&s=BWLlGJVmzWuvu-ce0Gr83rXe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c87e7abf43af60388cc91e2bfd44ad2a2a624226d5d26ce44b4f851516575b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=600000
content-length: 4144
expires: Wed, 23 Aug 2023 13:41:33 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5E26 0
128 B 115ms
38ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=9cc1eL9TYjJSmgaiTbHO6gaEq-oe2gBNqtMzeNx02jSV9q5eIMtybup7bDXOU5Olw9T5HzQV1alxwviTfOuvWe9WxmBYpQeVwucMClks-JzaiajWAKt5tC4VJYB3v0FLBYv9pjEZSr51AldF4S9egO7AWrwZk-MHkBBa4K24-puMz9h_umgFSG9PkeZKqELLI5g6-hx0K1Sdhs6YNFmD5VAosl8UeRNLHni_NV6i8_2JCkb0PDleZYxlD00nW-APhOgpMw&sds=2&rev=88100&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5E26 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 00:07:20 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5E26 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 00:07:20 GMT

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame DE7A 37 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:54:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 20:54:45 GMT

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BBF 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:54:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 20:54:45 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6C82 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?t7AYpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 14F9 37 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: blog.filkhabr.com
URL: https://blog.filkhabr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 20:54:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 20:54:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A88C 0
23 B 67ms
66ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxI2Rt03lZO_eJ_yIiQanla7QA8me0rFcvemV93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNzQxMjUwOTQyNjQ5MjA3MsgBCakC7Udl4VAysj6oAwHIAwKqBMQBT9DLbPKvakcCDpFgWG3g5lSgJciJnP7sVoxRv8dUYjvRbIzKJI4pjyNrjyZ6RApEXcVu7pbGyoR_JasS6VwK01UgPIh3JOa58KL0dMEs7hn2iYBzW3QV1r-sJNIdmq1fDoJzZ706X69UIrSL4dJo-PF6soDk4VQcQFhuisjMSskkgW9a12hXLA7Yf9NkuKDWAl4yXBQ7WXnuryV0oOSZf6SVt14YuhozUP8paeft6axvu-xIVVTNTP9g5AaE7EMWEscRCIAGjtSynLeypa1ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc0MTI1MDk0MjY0OTIwNzIYAA&sigh=lbYsPsMX-tI&uach_m=[UACH]&cid=CAQSGwBpAlJWFQG5s-ras4ci-hVnBov3HhwqMc1znBgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Aug 2023 00:07:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 00:07:21 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame A88C 0
126 B 124ms
36ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=koLKFsz6RO0HfJ2DYgICAAAAHzTgGVQjusBJrByBELdN5WR0XJcbDhf6nQrbAAASAAAKCkFRVUJEd0VCRHc&wp=ZOVNtwAJ728KwkR8AAuKp1K6GMzHP2ek8bN2Eg&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:20 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 172433
server: Kestrel
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230821&jk=143830542251985&bg=!YGOlYyzNAAZGPLJIZjw7ADQBe5WfOHEhKaP3jjyDFEpEWl32jl2rYRvE5TpU1uI_QAGuFV_xXxTZg-30P9K5bkEFyZG8AgAAAZFSAAAABmgBBwoAgvWm4paCuTbJ9DWrDE26ggJBm_eGnNV9Qfr6R0JQdCHk7Fpq6VB35FkluCjZIusRBM5uFvAwTYxK1sJ_ysSlv51kHCe55aDiGcHuXzN-K9SlYvFC9uNqFe7T0SpPbaIX7Fc4clk5MVhFJkdLW5uAaAKCfqsCgRvtSkXhdhWwLIchxiWZAs76TyVW-ohBhgjCqOFy4VV_36FHZ-hf1WJy4lCJomUXSFUTpLl3Mop-Rj1YoRzye0yPLGtL6WzgVn8aPC521Ne2yXTqNX7RH6XYB3esQTJ5pG_fDaCShduZQQ-rGhCB4LspkBAvQMd4hK-ItPQOpiryycnqlZ8VgX-DWGNHhF4R1QzcwrH1d8lBDJTVW2uoFjbcWBAyycydHVqPPMl2dfUheum4qX6KwSNky2boF1NpoAGt2bdsbbwmt2D7wzX3woFWmk6lT7NUyXHsKbNt1vqDwoTnM1qGXy4ThZeiumwkfO6rRx6zIZ97J5Apdxn03qKpIBUNGa7Al7YpTFsColiEEV4PFv6q0BmuRo1Ue9BzruL_cI88tJfVXPgF_2KTA9htKVx7Ga3-A3fYDBnVlbQ_-3GiUWS08-hIP_iJlT2VOrMXQrFKQrbGgXuUQk9cL9o0OZFB4Bg4952ITUUOMn7Xr0JMqkragYDphhAJB4Lc4Z62UhbgXeOsV5Qz10hMzMvyEjwuJ7m9RAFpJDw52L-kom6nQ-bOwjE3t0v9Xa7MEXYopbO0eE0E6xOG5QJb_Sl-y517DcyLoV7vXfDG9BwYMbeIPXFKMbqVWn7pDUq50Hfjp97Wb5UbAP3qnes89JIQcxORC3CzXPOJz4d2WRrxrgn81ZIuD2-oUctJo5NTRvDj5uN3qDpeESIMeMwiMi2n04DPhKvzFLp4YtonAb2gfQWt-KH1hNhWOz6wjG7qS2FTQ86FASEHonxS3MPi_ygjVra7iMDycnAtZfUTrnPc6lKdq6ELUnkDXaq9LFE3nVvh-D2c06k2KjY4ZvkX0VMCjVB-FT1-xtJjT76K6U5sFPfsNXkxoR8emJefiugvngi7q5PjQRima_fxPrYsJoaSWUOUOQLndoG2tqpEGa4Bdf3ukVGk4GNEUakcf9vIDC8vW4ZAgydsMMJFi9LF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 37ms
36ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.134261532781189

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-2uxfJUMlywU_dB4AZKdvYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-2uxfJUMlywU_dB4AZKdvYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 78ms
76ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.3363329317982655

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fCzfSV27P3hDTTx6ZweqEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-fCzfSV27P3hDTTx6ZweqEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
37ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bH5OutzPO_Xmf60pP7pvyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Aug 2023 00:07:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-bH5OutzPO_Xmf60pP7pvyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://blog.filkhabr.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A88C 42 B
64 B 66ms
66ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm9aplPwQDb7J-oFkXj3SLPImdd7Duqjn3shgpkMLzhhnA5aneUozckGV-sG1Ah6jZZeDRYCElSvY02bbdlJdyRdpPyXW3GZASmRI&sig=Cg0ArKJSzNXRix6FBvrPEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=155,798,1000,1000,1000&tos=155,643,202,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2969136041&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692749240356&rpt=371&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 00:07:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5E26 0
127 B 45ms
35ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Aug 2023 00:07:21 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 adblock_detector2. Show response
fundingchoicesmessages.google.com/f/AGSKWxVJk-K6ho4n-fktdZKTRwy_Qsh9SFTWDcDs-XxZk2-GEV_yE4Zhtf_wqK4vBJxKfWaZG7hYTaZ7te9S2GOnkM61qITsT_wl7MZ88K5oHWWvSdk_LxX5mUJ2MS9o5cQ1iFzl79Z5skZw9qs9Jl2rOdCIPHpXg... 54 B
109 B 39ms
39ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVJk-K6ho4n-fktdZKTRwy_Qsh9SFTWDcDs-XxZk2-GEV_yE4Zhtf_wqK4vBJxKfWaZG7hYTaZ7te9S2GOnkM61qITsT_wl7MZ88K5oHWWvSdk_LxX5mUJ2MS9o5cQ1iFzl79Z5skZw9qs9Jl2rOdCIPHpXgFzgykp_XfYT2Dv8HBrrlOVjURwDVhun/__adscript./interstital-redirector./ads18.-admarvel//adblock_detector2.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.fw3aDHoV_c8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwsdxuNklh6k436mL_qwoaZYPLqtQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19e447befbcc87312e51d04f047d2f62c5fc0a5133f38ea450028476ac417bbf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RiPDX-dYFPJ1Oes_cJis0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RiPDX-dYFPJ1Oes_cJis0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 00:51:22 GMT

POST
H3 204 AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 36ms
36ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oVqydavbsHMOJpGqOLdtng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Aug 2023 00:07:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-oVqydavbsHMOJpGqOLdtng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://blog.filkhabr.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
47ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KrsWYIbQ8iq9LUWw5uP02Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Aug 2023 00:07:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-KrsWYIbQ8iq9LUWw5uP02Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://blog.filkhabr.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 58ms
58ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lNp-O7KK9Ouu3OXSnBXXqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Aug 2023 00:07:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lNp-O7KK9Ouu3OXSnBXXqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://blog.filkhabr.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
71ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUqGTQEgybSpbbYbe_GY5TOt_f1CUBjrTCAVLXpeKtkdXdOb5fugy8vYijX_mzKL1cjPLbC7G8TDR7fbvmIOtrtJxk_b9wNfeKqO9QMAvEuRibLj-Jo2qKb1M5VgTJfZ0u0toGq7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ng1Fk5Fn6umPek11qFS_xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Aug 2023 00:07:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ng1Fk5Fn6umPek11qFS_xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://blog.filkhabr.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUeBVJOhZEV57y2CEIE7vI50gEARAkmrOKEFabzAyAhv8u9N8j7tAOjgnOJOuDfHTqnxaqqXD-tKNVslEFtqRwFRR0oXlFT6Yu7w3U0URZQUQ5YCTuiGfci8w4WlZDWPRCs8Y8o8Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUeBVJOhZEV57y2CEIE7vI50gEARAkmrOKEFabzAyAhv8u9N8j7tAOjgnOJOuDfHTqnxaqqXD-tKNVslEFtqRwFRR0oXlFT6Yu7w3U0URZQUQ5YCTuiGfci8w4WlZDWPRCs8Y8o8Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkyNzQ5MjQyLDMzODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYmxvZy5maWxraGFici5jb20vIixudWxsLFtbOCwiZnczYURIb1ZfYzgiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06d42af07101c50366560590205f455a22a552a8c8ea0881b9f1a81922b623ba

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1S0ZHsjOojRUW2Y4PjYgmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.filkhabr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:07:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1S0ZHsjOojRUW2Y4PjYgmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXkKQUwSbhB9btrTBq7rqkvN7o2aWmS-ZtnVw72OpzQbu8fEfMy0C9b1Nz5PmqNygnrdlABXMRssPa0KNDrQiG77qvLEtQ9YU8DsdwuKvbiGt1rKwHJm2IPOA2dXiVXvqF2QMQrLw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
35ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkKQUwSbhB9btrTBq7rqkvN7o2aWmS-ZtnVw72OpzQbu8fEfMy0C9b1Nz5PmqNygnrdlABXMRssPa0KNDrQiG77qvLEtQ9YU8DsdwuKvbiGt1rKwHJm2IPOA2dXiVXvqF2QMQrLw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eoF8Ky0L-8RegHfM2jea3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.filkhabr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Aug 2023 00:07:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eoF8Ky0L-8RegHfM2jea3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://blog.filkhabr.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.filkhabr.com/	1970-01-20 23:48:29	Name: _ga_S46BNBBQEL Value: GS1.1.1692749239.1.0.1692749239.0.0.0
.filkhabr.com/	1970-01-20 23:48:29	Name: _ga Value: GA1.1.340650223.1692749239
bn.aoliplastin.com/	1970-01-20 14:13:55	Name: GL_UI4 Value: eJw9jdtOhDAARLmzqws6CR%2FgJ1ADwj4aP8JH0htsd6HdlArx721M9GlOJmcyQRBE1RPCLUsQf9EWL5y9Nj1rRTeeG0bO3djwntCOtn1HmrETOKp1cJTN0iU4rAu1bnBbgtMktbSKD9wIWeDZW3%2FNTZtdJ0iZpVoUSBdvzAVyZs2%2BSlvFSDRdJLKPizU%2B04VejUVMyJtnpT2HNSKzVnH5gPxTaeGH5QkRqcsyC%2FB4n6kbjV0GJbIQ6WSpkAjfceDUycnYb%2BRCrjdn7oCZxfDv%2F%2F7GO6mRCbkp7s%2BNu0j7A0v%2FTmw%3D
bn.aoliplastin.com/	1970-01-20 14:13:55	Name: GL_GI10 Value: eJwNw0EKgzAQBdDMLFKEinzwAJ4gMNriWlpx4SmsDcWFSRjF4u3bB88Yw%2BUVvCQUtbRO5OZquTtpGtAH%2FOzBc8Bl8LpO4QRpDtaQg%2Bb%2FBdnoz69%2FVd0ADhuyR9QUddo9KFkC79EyeHuXBnTY4gemlxaS
.filkhabr.com/	1970-01-20 23:34:05	Name: __gads Value: ID=8ffcde5b10bce856-220e427b58de0034:T=1692749239:RT=1692749239:S=ALNI_MbmZhvuXgwUx0CtuGQ7ys6q-iHQVA
.filkhabr.com/	1970-01-20 23:34:05	Name: __gpi Value: UID=00000c8e79c993c8:T=1692749239:RT=1692749239:S=ALNI_MbCgfOXI0OM5LuZ6rmPE208XwiHIA
.doubleclick.net/	1970-01-20 23:34:05	Name: IDE Value: AHWqTUn7PGj5YZ2WQsw7jDKvuadXkXmGtRj_YErihXER94SIssrjZBKOtc9OGZgrf8s
.filkhabr.com/	1970-01-20 22:58:05	Name: FCNEC Value: %5B%5B%22AKsRol8KqYt8M7S5lyXq2SDH9BBWinXNQYIJIkGvYnw6y9Zx5X0Vfv28dhNnBL2a0ZDOfxOhQnB6z99H5SqCPvJb_XU6GBYTje5ndSTBNjkyp7RWiCyNx8XihtxhRG5Hdrm2jDgL_D5q4XRzq-F8GsIzSrzxPCG74Q%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1(Line 20) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=2969136044&client=ca-pub-7412509426492072&fa=4&ifi=4&uci=a!4&btvi=2&xpc=wFjLDvnA1G&p=https%3A//blog.filkhabr.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=2969136043&client=ca-pub-7412509426492072&fa=3&ifi=3&uci=a!3&btvi=1&xpc=8smrCoAOAK&p=https%3A//blog.filkhabr.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
blog.filkhabr.com
bn.aoliplastin.com
cat.fr3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.filkhabr.com
www.fontstatic.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
178.250.7.9
2001:4860:4802:34::36
23.109.82.5
2606:4700:3031::6815:439e
2606:4700:3035::6815:1ccc
2606:4700::6811:190e
2a00:1450:4001:806::2001
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::13
2a02:2638:d::4
2a02:2638:d::c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06d42af07101c50366560590205f455a22a552a8c8ea0881b9f1a81922b623ba
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0e0c9f847566eb982df2db7d6ea82f566de2597cb6807d307f9e5c6ec5dd2d53
0e937dbbcc6ac86d5eea66d1c88c0a4d73d48a0b1ebdabd7c76bf0aab271a0c3
114b07db8be817bfb1f20e07ac98d9500c7ed50146512c32c102f41309437b13
15d51a96c00f46c89828a7e962637d786edd66bd3ddde40c395f8647649d958b
19e447befbcc87312e51d04f047d2f62c5fc0a5133f38ea450028476ac417bbf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e047ef4f0df4b7a920fa4098e5f3b2b3c43da69b10462c37112606228b222c0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
339a142b74d654e469fe04d9e4956f07f1a55018e7b2b032080967df7671d07d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c388d863befa8f2ccbd5e2958c407ca2eafb0dc59724b103ec4f30c9a922006
3e5fe3d9f3103e880a68f6ce8ab0d505eea2b6ea38daf1b873304cb6f837cbe4
3f0133a51dbe2306a5d32fbc64643af6fc2503036a2ebec0e61b377d6e60ae75
40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f
44fddd4ffeaa203e80eb8dce4fae0b15415cb2db8a9f64f99533265fa80f6aff
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
4bfa9502658663d924cf921ce3429b1ccc9f60b3e818df4de1ed37adfda1a294
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51f49626781ca8ebfc251b1a2a3e3587431f5f41ea011056862957de03f15169
53150cd0abdce77cb401a07e66c196041e5931fa9bf8e142f2ec114d1ee7dfaa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56eb00ddcdd61c5a33651856ab085f185eac9c08a996374cdce6d9de51092117
5737935a57b4380ebe6c7b2079557c0791ecd2ba61643ddaff6bb6134be0dafc
5971ae49490fd0580fb7f1132ea1eae5d9be29fd478aac97a11ed71fdb590814
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfe46e456ebfdf29188f49197b05989aa7ca324cb76b9ab335967c40aaeed2a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6e77d07e6ea1c277eed39e16f2b7d3faba7dc6a9eb01ee5b9cd9458a8b07d4ed
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7437469251c64519629e9bb30252e140b2c6856cc3dbf88d455a5944397630af
816df48350eba9b89f079d5ee605e0ee9140a5934dca688bf4e2c33f064bd02c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eeafe9af33794c39fc49be725f8675bcccb753b91b342f99383d66eba614a7e
91c32cf62c2a7ec7bc63bd4354823f66812d56d2323a5298eac81e5b969811c2
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9fe4d97b1671eea18574c9a7fe6d0b148f4adbc659ecd4637fbaae23d23e5149
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9263c067e3cfc3c1e05f12a5b3255d03237483a60d697ab7448cb30f1378779
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b338c38447f522fd7b0db8639d57ca71a827dc70e2d956716c05d74df740898b
b5da3b8f621becccba341800e7834643600e8fb623aa2b8a33fd464a8522b481
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
c3b61639c09050b03cf807c2b364a6fc72aeb3d3a8234c38c9824c2ea3542ef4
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c575ae92c0b9aa16c7031e5912b0810606f7460f01a1b49797e8a925ca27e753
c5ffd3589ee00913d1ac59925a568d065bae6fd782db879d7dd4c44d2d224e88
c629dc44ee84f731b2bb7032205d37124fe98854b6ba06837a1b261b8a4d98b0
c87e7abf43af60388cc91e2bfd44ad2a2a624226d5d26ce44b4f851516575b35
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cdf072b797353602918996980c44cfe88d0067ac8bc2582aa01d55ba11fd8ecf
d197d3f1d06aa10d4adef1a64c5448a9cd4693834172aa8bded31daefbee84f5
d89c3e769c27b6322da65d65c006de9c84f7a940fde51453a00d74b501f3998d
dc8eae7feaa5cc0462eec8cfe79c58e17b0e22b81531bfcea55d29d8b3022097
de5c656c27ee82a2be97cf73cc0c652674740cdfd67ea97c13c8f06874286a3b
dfde4e6661341e03197fdcf7e4ac1f3da9d902d0af27883953e4d9e203486449
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0fe61377400b34a804155179e1376198182f4fbc862bd6437ed40762ebab4a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eadaf7787e20ffaeb9d1065715aeab0aba22bf289c26b4c894db7a75c22d48f5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7209189c9d2e544cdcc09a7e86378304a2cb3c17504828ce062f4f56c6e411c
fa3a7ffa2486855d7aab046e4d1c719e873a23ab7bbc2778a5b1ce64cdd56703
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
fbd013afae8293aa5c8abe2acb11bcf0ed18ec58a1184be611d3c2fa583d7c62
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

blog.filkhabr.com Open in urlscan Pro 2606:4700:3031::6815:439e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

111 Requests

99 %HTTPS

90 %IPv6

15 Domains

22 Subdomains

22 IPs

4 Countries

1644 kBTransfer

4265 kBSize

8 Cookies

18 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.filkhabr.com Open in urlscan Pro
2606:4700:3031::6815:439e Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

99 %
HTTPS

90 %
IPv6

15
Domains

22
Subdomains

22
IPs

4
Countries

1644 kB
Transfer

4265 kB
Size

8
Cookies

111 HTTP transactions
5 data transactions