urlscan.io logo urlscan.io
SecurityTrails logo

domains.co.uk Open in urlscan Pro
104.21.1.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.safe.uk/
Effective URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Submission: On October 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 13 domains to perform 92 HTTP transactions. The main IP is 104.21.1.72, located in and belongs to CLOUDFLARENET, US. The main domain is domains.co.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 14th 2021. Valid for: a year.
This is the only time domains.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    172.67.148.244 (United States)

ASN13335 (CLOUDFLARENET, US)
www.safe.uk
12    104.21.1.72 (None, )

ASN13335 (CLOUDFLARENET, US)
domains.co.uk
static.domains.co.uk
1    172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net
www.googletagmanager.com
3    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
3    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
ajax.googleapis.com
4    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
13    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
2    143.204.209.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-113.fra53.r.cloudfront.net
www.dwin2.com
8    142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com
2    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
2    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.gstatic.com
10    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.251.5.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net
stats.g.doubleclick.net
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
partner.googleadservices.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
adservice.google.com
18    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
tpc.googlesyndication.com
2    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
www.googletagservices.com
7    216.58.212.129 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f129.1e100.net
cdn.ampproject.org
2    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com
Domain Requested by
18 tpc.googlesyndication.com googleads.g.doubleclick.net
cdn.ampproject.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
13 pagead2.googlesyndication.com domains.co.uk
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 domains.co.uk domains.co.uk
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
domains.co.uk
8 fonts.gstatic.com fonts.googleapis.com
7 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
4 www.google.com 1 redirects domains.co.uk
tpc.googlesyndication.com
3 ajax.googleapis.com domains.co.uk
3 fonts.googleapis.com domains.co.uk
googleads.g.doubleclick.net
2 p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 www.gstatic.com www.google.com
googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.dwin2.com domains.co.uk
www.dwin2.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.domains.co.uk domains.co.uk
1 www.googletagmanager.com domains.co.uk
1 www.safe.uk 1 redirects
92 20

This site contains links to these domains. Also see Links.

Domain
fb.me
twitter.com
instagram.com
plus.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-14 -
2022-07-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.dwin2.com
Amazon		 2021-09-28 -
2022-10-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 12 frames:

Primary Page: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Frame ID: 29C331EE66C009137CFEB3799CBD030A
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: 9C30504E05115733C7E13E6AA0BC18D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&adk=1812271804&adf=3025194257&lmt=1634107634&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634363&bpp=2&bdt=205&idt=115&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8491596711835&frm=20&pv=2&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=131
Frame ID: FCEA982A1A3E80CA266659C606B7C094
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Frame ID: 69B09B6AC1B842D2ED726E00E67EDB66
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Frame ID: DDC2EAB00BA32A344B42FE6034FA6CC6
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
Frame ID: B0259C504951D47AF658730444210B6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9101523C984486A6075D5488E525D0EA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 31E11567B65D65B2E4CDF7223DC4A032
Requests: 2 HTTP requests in this frame

Frame: https://p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 7DEDE4BB650D4BB43C98E8CD59785E35
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
Frame ID: A13DF794A43795A92E6F57D6C2029916
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D149363158297E72EA0F6C4F41BFF678
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B7D3A079BE6AC5F168FD20A5BBDA0EB6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

safe.uk - Domains.co.uk

Page URL History Show full URLs

  1. https://www.safe.uk/ HTTP 301
    https://domains.co.uk/?mdlp_my_domain_list=safe-uk Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

92
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

20
Subdomains

19
IPs

2
Countries

2176 kB
Transfer

5590 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.safe.uk/ HTTP 301
    https://domains.co.uk/?mdlp_my_domain_list=safe-uk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

92 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
domains.co.uk/
Redirect Chain
  • https://www.safe.uk/
  • https://domains.co.uk/?mdlp_my_domain_list=safe-uk
41 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acfdc5500797d8de0a91b0ba0d04100417a24b9785f787c68464f800b7ac3a6a

Request headers

:method
GET
:authority
domains.co.uk
:scheme
https
:path
/?mdlp_my_domain_list=safe-uk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-cache-enabled
True
link
<https://domains.co.uk/wp-json/>; rel="https://api.w.org/", <https://domains.co.uk/?p=3322>; rel=shortlink
set-cookie
PHPSESSID=c80b8540befec339861af8eb7a94fc51; path=/
x-httpd
1
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_SET_COOKIE
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0iC%2BVsiKBSo5c%2BNLnC8nSBpE67nGBjcBf7A7hiDCm%2F15JGG4Dw8vmGrP9lWfc6xf7mBs7yFi%2FfNlSrIdbHFQucjfbBs46UHnSfSEpb0q7o2AYllKoICdUHYGu1nAEqI"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69d69d7e2965434b-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 13 Oct 2021 06:47:12 GMT
content-type
text/html; charset=iso-8859-1
location
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxQpLjybCcxooEofQDwohrzVcztdmVA6cRltdDO24imqVQYoyIlP%2F3d2Dl170fgdbdu87C%2F8iXSsbUSMvKs3h6ck5PHSj6sRneSU7aVsQiU8lxQPqtIWG8bgALA1Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69d69d7cdbbf2788-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
autoptimize_87cd77e4419e359d2e8ce46c4f34bf08.css
domains.co.uk/wp-content/cache/autoptimize/css/ 		647 KB
114 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://domains.co.uk/wp-content/cache/autoptimize/css/autoptimize_87cd77e4419e359d2e8ce46c4f34bf08.css
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40bdf18618cf840ceb5be6affcdbf47bcdf1d9ea79f0cb2d01b73286b09c88ce

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_87cd77e4419e359d2e8ce46c4f34bf08.css
pragma
no-cache
cookie
PHPSESSID=c80b8540befec339861af8eb7a94fc51
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
domains.co.uk
referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
187408
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 02 Aug 2021 18:45:31 GMT
server
cloudflare
etag
W/"61083d4b-a1b1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zp%2BNpH2TZWp4LeA23rRrJRAKK2yH8mjCXRVzh8klBRppWxqbjtfSdz3CriaaAgvBOTek5SmNX8GVrqjs6VXAqy6m%2FVuSA%2FzVjk7ULpaiAF0wo4e%2BhmudqtSruRuReCEg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
69d69d8998ad434b-FRA
expires
Tue, 11 Oct 2022 02:43:46 GMT
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-112091208-1
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f136.1e100.net
Software
Google Tag Manager /
Resource Hash
e5b20a5be1d17425c49f41e8e466858138c0fb463b797f9c449b00084cbef5b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38610
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Oct 2021 06:47:14 GMT
css
fonts.googleapis.com/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext&ver=5.8.1
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
a5a62ec5fed53551531c228b66785db951685af982df2e7bfe6fab7444346e51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 06:47:14 GMT
server
ESF
date
Wed, 13 Oct 2021 06:47:14 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Wed, 13 Oct 2021 06:47:14 GMT
jquery.min.js
domains.co.uk/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domains.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma
no-cache
cookie
PHPSESSID=c80b8540befec339861af8eb7a94fc51
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
domains.co.uk
referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6177857
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 02 Aug 2021 18:41:01 GMT
server
cloudflare
etag
W/"61083c3d-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjO4Mm%2F4uKoHvsfQ9t9FtMRXxjLZcv7TSLUWTvfx2VcU2wgk%2F3C%2B%2F%2BMWQH9BHt4aQLKfHgTAD7vewvvJ%2FJEBLPQA%2BSrIARz89FCQvbxzRyvUHGcwQ%2B63DqE5JpXwzUq4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
69d69d8998af434b-FRA
expires
Tue, 02 Aug 2022 18:42:57 GMT
jquery-ui.js
ajax.googleapis.com/ajax/libs/jqueryui/1/ 		426 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1/jquery-ui.js?ver=5.8.1
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
sffe /
Resource Hash
b69f1567863d760ef4dabec3eb29f349abca4b007dce36ab8926784a7babbe6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 18:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
391135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108103
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Oct 2022 18:08:19 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1/ 		223 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1/jquery-ui.min.js?ver=5.8.1
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
sffe /
Resource Hash
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 07:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61441
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Oct 2022 07:02:43 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.7/themes/smoothness/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.7/themes/smoothness/jquery-ui.css
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
sffe /
Resource Hash
f921d1af2961e2278ef21996f921fb0be73d50e44a973961d4ca08c33d2eab65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 07:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4938
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Oct 2022 07:08:13 GMT
api.js
www.google.com/recaptcha/ 		850 B
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
257c07e40f4fdd78d66090a4347816a4777d8f2ab8b266d4aebf56da90538cbc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Wed, 13 Oct 2021 06:47:14 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
f7b8901fab1f8f3f33c485fa9f7046bbc11b8cde13fb44ac4f2469b12cfc0353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51409
x-xss-protection
0
server
cafe
etag
4345522885564386312
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 06:47:14 GMT
domainscouk_logo_newv3-1.png
domains.co.uk/wp-content/uploads/2018/02/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domains.co.uk/wp-content/uploads/2018/02/domainscouk_logo_newv3-1.png
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f5bb27087baeb25cb4643a8d4f6cdd872ecf571b53c040d7344d017bcfab52

Request headers

:path
/wp-content/uploads/2018/02/domainscouk_logo_newv3-1.png
pragma
no-cache
cookie
PHPSESSID=c80b8540befec339861af8eb7a94fc51
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
domains.co.uk
referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13199575
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6175
last-modified
Wed, 07 Feb 2018 09:00:31 GMT
server
cloudflare
etag
"5a7ac02f-181f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEBwzbOnZqFzwvlUo9snlao8x5JHgZoxgqGtcNx4blMItVSaup4dW85by%2F3j0Ax1FiAhtR3oqX5jFlK7Py704nYcicry2Hpg6NfzoxBURPCSoRMzgDM2gwn5In57lbRo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d69d8a3b640ea7-FRA
expires
Fri, 13 May 2022 12:14:19 GMT
domainscouk_logo_newv3_invert.png
domains.co.uk/wp-content/uploads/2018/02/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domains.co.uk/wp-content/uploads/2018/02/domainscouk_logo_newv3_invert.png
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55981699c7ec0e941a8f941734eaa925d9480735bbe133296da3bef765f59dac

Request headers

:path
/wp-content/uploads/2018/02/domainscouk_logo_newv3_invert.png
pragma
no-cache
cookie
PHPSESSID=c80b8540befec339861af8eb7a94fc51
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
domains.co.uk
referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4333788
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6087
last-modified
Wed, 07 Feb 2018 09:00:54 GMT
server
cloudflare
etag
"5a7ac046-17c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQNKQn3NHBgYlQbSw5xPh2%2BmNqCqH8UDVJuN0ZWNj86VwEGmY9CHalpbe4oRrcsZNFjvPft45OXiiEFgspgLMwsUwxogv9luDMk7MDz%2FDGzT0H3zZjAOnDtp2lDOKwb0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d69d8a3b660ea7-FRA
expires
Wed, 24 Aug 2022 02:57:26 GMT
email-decode.min.js
domains.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domains.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
PHPSESSID=c80b8540befec339861af8eb7a94fc51
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
domains.co.uk
referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Oct 2021 10:51:03 GMT
server
cloudflare
etag
W/"615c2e17-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BLkEQeZWwA%2ByDCMg0et3Uk4K6VVAyhmiCRTKGCEMlRXqXqkcXawhGNB%2FSOJkJcfRgsZQZdoQp%2BZQNj5uoiWEAsrgky1mDSzosd7eoVZsN0ak1bnnbLbT6hQPvtaodAi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69d69d8a0b3a0ea7-FRA
vary
Accept-Encoding
expires
Fri, 15 Oct 2021 06:47:14 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6012576421745490
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e76a1af3fa0bae3d9025898868fdac0cd4301b6ea2dbf3f6fd823eb7004421f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domains.co.uk/
Origin
https://domains.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51370
x-xss-protection
0
server
cafe
etag
14937239554411835007
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 06:47:14 GMT
captcha.php
domains.co.uk/wp-content/plugins/wp-widget-sugarcrm-lead-module/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domains.co.uk/wp-content/plugins/wp-widget-sugarcrm-lead-module/captcha.php?t=1634107633
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77add0d7d934f4a29c9c79101cbd3541ca37fe3a2a1531f6b237d42ad8fcc887

Request headers

:path
/wp-content/plugins/wp-widget-sugarcrm-lead-module/captcha.php?t=1634107633
pragma
no-cache
cookie
PHPSESSID=c80b8540befec339861af8eb7a94fc51
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
domains.co.uk
referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
host-header
6b7412fb82ca5edfd0917e3957f05d89
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Wed, 13 Oct 2021 06:47:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuWP9j9rncUT0L6tNKsZGGKB7rAfcZi85HVluRU70lhojEHd5Pw6D%2BsHbhSchiinM8rOGtq7HuCLAP6TB1RgGByWZfXamCaWfbFx6GBBrxZXoxo30FuxCgu6gZ6gcKXk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-httpd
1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
69d69d8a3b670ea7-FRA
x-proxy-cache
MISS
expires
Tue, 01 Jan 2013 00:00:00 GMT
reload_captcha.png
domains.co.uk/wp-content/plugins/wp-widget-sugarcrm-lead-module/image/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domains.co.uk/wp-content/plugins/wp-widget-sugarcrm-lead-module/image/reload_captcha.png
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9720cdb95625dc10453345b9a88b9129fa099b20c2f06315ac7538969fb6acaf

Request headers

:path
/wp-content/plugins/wp-widget-sugarcrm-lead-module/image/reload_captcha.png
pragma
no-cache
cookie
PHPSESSID=c80b8540befec339861af8eb7a94fc51
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
domains.co.uk
referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7719263
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4457
last-modified
Mon, 13 Jan 2020 05:02:02 GMT
server
cloudflare
etag
"5e1bf9ca-1169"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FxvKsuQyW9Pd1T3eBRg5g1bX1MnV%2F2PNHEVjmiBytFZRrhzktsnGmjrd19kmW56z55RJcMTKDmz4YcC4w0zu8EOkQjEGnP51MtVOWK4sTrqsck9NC2LOrbSXp%2FIStJl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d69d8a3b680ea7-FRA
expires
Fri, 15 Jul 2022 22:32:51 GMT
pub.468901.min.js
www.dwin2.com/ 		353 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin2.com/pub.468901.min.js
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ac59f20fc983097eaa49078df0590a1377296d4675d18f312dfd0f5ed17fa6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
br
last-modified
Tue, 12 Oct 2021 18:32:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"dff869d8be4edb20705818fbc3ce1263"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control
max-age=600
date
Wed, 13 Oct 2021 06:47:15 GMT
x-amz-cf-id
OiZyBebyQxQaQ0nKfSYsTjzxHaDKJp8vDISmi6ZfJtRVRcaHDm3YRA==
autoptimize_7ac6b4c85faf1da4705cbd5387df6260.js
domains.co.uk/wp-content/cache/autoptimize/js/ 		569 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domains.co.uk/wp-content/cache/autoptimize/js/autoptimize_7ac6b4c85faf1da4705cbd5387df6260.js
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e924c3d333821072118527e109f7477c6bb4fb0baac612a0ac8cf0a95a2c850

Request headers

:path
/wp-content/cache/autoptimize/js/autoptimize_7ac6b4c85faf1da4705cbd5387df6260.js
pragma
no-cache
cookie
PHPSESSID=c80b8540befec339861af8eb7a94fc51
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
domains.co.uk
referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/?mdlp_my_domain_list=safe-uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1184579
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 10 Sep 2021 12:49:22 GMT
server
cloudflare
etag
W/"613b5452-8e3e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQM3ercMJJpca9UzRYyI9nMfGoXCKU19Begf0oiPq9QQtTutGp3lxqF09zHewe1hUAS3%2BVkoNf1OwDlV5f0ae6SEqH5YvmZ6DmwRdMVVgsR1B4JBPCx0TkefjGUeUJOw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
69d69d8a3b6b0ea7-FRA
expires
Thu, 29 Sep 2022 13:44:15 GMT
safe-uk.jpg
static.domains.co.uk/backgrounds/ 		276 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.domains.co.uk/backgrounds/safe-uk.jpg
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77ea1bc6b1a08d0577cd0a8aed3b691515a72370624a7a8ee2ee08025532571

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
282497
last-modified
Wed, 07 Feb 2018 11:38:21 GMT
server
cloudflare
etag
"5a7ae52d-44f81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qt%2F%2F7iTkb3mWa00eZJvpzP1oR9aae4XIT4cx9SDxjP3JEZj1kHngmQZ7ngnVFAkxtCn0%2F4wXMdzDTzuNnRTLa00yTFnhV6CHWfI50HXR9sMJr8wrOhb7hI3fccAr19KKkE1JJ7tnCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d69d8a4a07434b-FRA
expires
Thu, 13 Oct 2022 06:47:14 GMT
fa-solid-900.woff2
domains.co.uk/wp-content/plugins/kingcomposer/assets/css/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://domains.co.uk/wp-content/plugins/kingcomposer/assets/css/fonts/fa-solid-900.woff2
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/wp-content/cache/autoptimize/css/autoptimize_87cd77e4419e359d2e8ce46c4f34bf08.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

sec-fetch-mode
cors
origin
https://domains.co.uk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=c80b8540befec339861af8eb7a94fc51
:path
/wp-content/plugins/kingcomposer/assets/css/fonts/fa-solid-900.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
domains.co.uk
referer
https://domains.co.uk/wp-content/cache/autoptimize/css/autoptimize_87cd77e4419e359d2e8ce46c4f34bf08.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://domains.co.uk/wp-content/cache/autoptimize/css/autoptimize_87cd77e4419e359d2e8ce46c4f34bf08.css
Origin
https://domains.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13199333
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44068
last-modified
Tue, 17 Nov 2020 15:12:30 GMT
server
cloudflare
etag
"5fb3e85e-ac24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNuFAbdGSN7MkUDqkV%2FUntEtXL3cw5YuXa%2FVyYPbHlvlfEh1A8XRCqg8lXDS94uL0YmSRy3AqVUFiQlUSejCIMlmfVnSBYDtF0lXA0nKCHU46K%2Fe3%2Fmo3db9f3EczDdt"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d69d8a3b6c0ea7-FRA
expires
Fri, 13 May 2022 12:18:21 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext&ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://domains.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 14:59:01 GMT
x-content-type-options
nosniff
age
143293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 14:59:01 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext&ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://domains.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 15:00:06 GMT
x-content-type-options
nosniff
age
143228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 15:00:06 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext&ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://domains.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 03:52:51 GMT
x-content-type-options
nosniff
age
10463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 03:52:51 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext&ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://domains.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 15:20:39 GMT
x-content-type-options
nosniff
age
141995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 15:20:39 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext&ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://domains.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:05 GMT
x-content-type-options
nosniff
age
19329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 01:25:05 GMT
fontawesome-webfont3295.woff2
domains.co.uk/wp-content/themes/grant/assets/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://domains.co.uk/wp-content/themes/grant/assets/fonts/fontawesome-webfont3295.woff2?v=4.5.0
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/wp-content/cache/autoptimize/css/autoptimize_87cd77e4419e359d2e8ce46c4f34bf08.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.1.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

sec-fetch-mode
cors
origin
https://domains.co.uk
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=c80b8540befec339861af8eb7a94fc51
:path
/wp-content/themes/grant/assets/fonts/fontawesome-webfont3295.woff2?v=4.5.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
domains.co.uk
referer
https://domains.co.uk/wp-content/cache/autoptimize/css/autoptimize_87cd77e4419e359d2e8ce46c4f34bf08.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://domains.co.uk/wp-content/cache/autoptimize/css/autoptimize_87cd77e4419e359d2e8ce46c4f34bf08.css
Origin
https://domains.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4333787
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66624
last-modified
Thu, 28 Dec 2017 12:59:08 GMT
server
cloudflare
etag
"5a44ea9c-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKLNeors%2BPBhSc4eWnzTPnAEbJy0Io3zqH3P%2BTfH4k%2FheXZD3ooWsDm0NoMLd1abyx0qnEx9NTQaSeXmED46VG43g6HvwICLNA%2B5EgGRntV698SHtop%2B8GGHXF1avvyP"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d69d8a8bc90ea7-FRA
expires
Wed, 24 Aug 2022 02:57:27 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112091208-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Sep 2021 21:34:48 GMT
server
Golfe2
age
17
date
Wed, 13 Oct 2021 06:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Wed, 13 Oct 2021 08:46:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ 		346 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domains.co.uk/
Origin
https://domains.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:30:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137921
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 04:21:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Thu, 13 Oct 2022 06:30:38 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/ 		272 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6012576421745490
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
017533b65890dc9fad4d486d3479b79fae4a3212abdbe6df969220d1fc5c2dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99713
x-xss-protection
0
server
cafe
etag
3877771964379470727
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 06:47:14 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame 9C30 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6012576421745490
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211011/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://domains.co.uk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 12 Oct 2021 21:25:32 GMT
expires
Tue, 26 Oct 2021 21:25:32 GMT
content-type
text/html; charset=UTF-8
etag
414810510046348021
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4645
x-xss-protection
0
age
33702
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=24237895&t=pageview&_s=1&dl=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&ul=en-us&de=UTF-8&dt=safe.uk%20-%20Domains.co.uk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1092663159&gjid=928564206&cid=1404825839.1634107634&tid=UA-112091208-1&_gid=1904992797.1634107634&_r=1&gtm=2ouab0&did=dNDMyYj&z=881134895
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://domains.co.uk/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 06:47:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://domains.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-112091208-1&cid=1404825839.1634107634&jid=1092663159&gjid=928564206&_gid=1904992797.1634107634&_u=YEBAAUAAAAAAAC~&z=53427691
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://domains.co.uk/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Oct 2021 06:47:14 GMT
content-type
text/plain
access-control-allow-origin
https://domains.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		203 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=domains.co.uk&callback=_gfp_s_&client=ca-pub-6012576421745490
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b827236a64b43bcd9c08b6e127a5cee91cc0d458442d5161f37ae0f95bbee886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=domains.co.uk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 06:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FCEA 		94 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&adk=1812271804&adf=3025194257&lmt=1634107634&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634363&bpp=2&bdt=205&idt=115&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8491596711835&frm=20&pv=2&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
7f2a90ecfd74a3ed275a25d48fb0653fa90aa90e9287ae11b8ddf2ce92ece23f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6012576421745490&output=html&adk=1812271804&adf=3025194257&lmt=1634107634&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634363&bpp=2&bdt=205&idt=115&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8491596711835&frm=20&pv=2&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=131
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://domains.co.uk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 13 Oct 2021 06:47:15 GMT
server
cafe
content-length
29943
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 13-Oct-2021 07:02:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 13 Oct 2021 06:47:15 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 69B0 		83 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
58dcf1c33b378558e0db77a33fac73a42ef17b3765b49c252654133d29147027
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://domains.co.uk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 13 Oct 2021 06:47:15 GMT
server
cafe
content-length
27411
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 13-Oct-2021 07:02:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 13 Oct 2021 06:47:15 GMT
cache-control
private
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-112091208-1&cid=1404825839.1634107634&jid=1092663159&_u=YEBAAUAAAAAAAC~&z=1459830214
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 06:47:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init.js
www.dwin2.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin2.com/init.js
Requested by
Host: www.dwin2.com
URL: https://www.dwin2.com/pub.468901.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cb1568fda678584aeef8f4ae58388e76612f366715952b073bb787b4a3b0976

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:39:40 GMT
content-encoding
br
last-modified
Wed, 13 Oct 2021 06:36:26 GMT
server
AmazonS3
age
455
etag
W/"36182b699204964eba22974932993567"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-pop
FRA53-C1
content-type
text/javascript
x-amz-cf-id
Ftqx3ArMV4LZFXQxBvVzrdQQQlg2fwMSw4B9pc4eH0cYki-SDfpceQ==
ads
googleads.g.doubleclick.net/pagead/ Frame DDC2 		115 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5c8a86b8fb89ac18f083952318385e9d22a4b0f3fcb8a220ae1d0bf0bd1ae9c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://domains.co.uk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 13 Oct 2021 06:47:15 GMT
server
cafe
content-length
15707
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 13-Oct-2021 07:02:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 13 Oct 2021 06:47:15 GMT
cache-control
private
css
fonts.googleapis.com/ Frame 69B0 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 04:52:28 GMT
server
ESF
date
Wed, 13 Oct 2021 06:47:15 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Wed, 13 Oct 2021 06:47:15 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 69B0 		2 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:42:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 06:42:52 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 69B0 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 06:45:56 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 69B0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:42:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 06:42:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69B0 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Oct 2021 06:47:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 69B0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1784
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 06:17:31 GMT
94b9e9edb15b7c220f12fa63d878a5af.js
www.gstatic.com/mysidia/ Frame 69B0 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 06:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11213
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 05:48:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 05 Jan 2022 06:36:14 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9913118405629559337/ Frame 69B0 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9913118405629559337/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
3efb9b0e39c3aeb1aaa875d36f00eb119493c393d7cdbe508c158de914952f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 02:59:58 GMT
x-content-type-options
nosniff
age
13637
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31624
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 19:02:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 02:59:58 GMT
truncated
/ Frame 69B0 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
986888799c5a4feb7e6311e1e122ff23bf3112629a8d7bcdd92bb51af50676c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame 69B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5LZN8oBmYb-zIIng3gPVwYC4CP7rn7xlrvuysMgO4_6bmMwpEAEg66CJKWDJBqABhY6iugPIAQmoAwHIA8sEqgTcAU_QcpYUjKITLqsMy1_JRIRmpf6OEGrH0iJ2ZDFqA75Rewi6lj-k4o0eGFpfrsUTVSPph5Gg8e7EX1JLi4voNtHbQ5sZMveVRJ5G0E6ACKV6kHUWUfUdtG6CetHJu5Grm9kUTOAXv4KloO8B0JYu7KvdfcRLy-JB2N9cDURcOrSSHtSavZBpVgwZOCWofLF88KT-i7T8aanLzb-fSWVKyzNosTdKSko1uDEwoSw-xuCWolgwROqBtMUCRN-QJMX9-b8ZUe3AWG1tWWP2jy976fmi4gX247hC5Yu-mPbABP2lvIfaA5IFBAgEGAGSBQQIBRgEoAYugAfj8d1FqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBRDy6fsC0ggHCIBhEAEYX4AKAcgLAbgTiCfYEw3QFQGAFwGyFxwKGggAEhRwdWItNjAxMjU3NjQyMTc0NTQ5MBgA&sigh=CtY17ZvLBs4&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 13 Oct 2021 06:47:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 13 Oct 2021 06:47:15 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012109102127000/ Frame DDC2 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f129.1e100.net
Software
sffe /
Resource Hash
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
31330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55506
x-xss-protection
0
server
sffe
date
Tue, 12 Oct 2021 22:05:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c42e3b94efe0099e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 12 Oct 2022 22:05:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ Frame DDC2 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f129.1e100.net
Software
sffe /
Resource Hash
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4995
x-xss-protection
0
server
sffe
date
Wed, 13 Oct 2021 05:34:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc03df60ee69192f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Oct 2022 05:34:38 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ Frame DDC2 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f129.1e100.net
Software
sffe /
Resource Hash
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
561511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28507
x-xss-protection
0
server
sffe
date
Wed, 06 Oct 2021 18:48:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"283b6526337df106"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 06 Oct 2022 18:48:44 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ Frame DDC2 		71 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f129.1e100.net
Software
sffe /
Resource Hash
5b706a52c0ae673c9803f61e3a901a23c78f6e845a3dc68036c5a4f72602953a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16796
x-xss-protection
0
server
sffe
date
Tue, 12 Oct 2021 17:47:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"72e3028abbd677c0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 12 Oct 2022 17:47:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ Frame DDC2 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f129.1e100.net
Software
sffe /
Resource Hash
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1638
x-xss-protection
0
server
sffe
date
Wed, 13 Oct 2021 05:26:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b3f838efba7b15f2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Oct 2022 05:26:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ Frame DDC2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f129.1e100.net
Software
sffe /
Resource Hash
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
219386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12820
x-xss-protection
0
server
sffe
date
Sun, 10 Oct 2021 17:50:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2e8049efde94274d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 10 Oct 2022 17:50:49 GMT
css
fonts.googleapis.com/ Frame DDC2 		6 KB
733 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis%7COpen+Sans:700,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
6b8912fd9fff6fc5d0b330ea57ddac5c1c2e42dc5312811e545a6fa1acdfd466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 06:47:15 GMT
server
ESF
date
Wed, 13 Oct 2021 06:47:15 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Wed, 13 Oct 2021 06:47:15 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DDC2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Oct 2021 14:19:22 GMT
x-content-type-options
nosniff
server
cafe
age
59273
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 13 Oct 2021 14:19:22 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DDC2 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Oct 2021 14:31:09 GMT
x-content-type-options
nosniff
server
cafe
age
58566
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 13 Oct 2021 14:31:09 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DDC2 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CzkMc8oBmYdvOJIq73gOLt53oDdn2vLtl15X3oYcO2dkeEAEg66CJKWDJBqAB-6rY0QPIAQmpAjNYiFpk76o-qAMByAMIqgToAU_Q1Q0RrhZJXSv9MJMGY1x9Rypve8zIRXDoc5Cws0UdUuh7pY2Td22XcA6ylysZUrX9LERdeGzr_6EI9AoZxACViGFu-PI65vzd2O5EUZQ0TNOjM7rZYfY0b6-GjuZuFkCymTRbz8ABUenuxWAcQ2wLK6viT6QYF-XTVtmnKJ5K5PDwiiX2s8vL51o5FV3RDpqAjEWnmXJgu3Zw_G4ytE_Dq162xpLYycePOtYcQJahVzPjGSXViossVIQVWvkmilzFVOQE_sAPWMJceZXbzLIv1xARDTDWVMNrb2kvhtrmB_Npy4vosEzABLKwxsq7A5IFBAgEGAGSBQQIBRgEoAYugAft1KcuqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBRDq1YwD0ggHCIBhEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi02MDEyNTc2NDIxNzQ1NDkwGAA&sigh=csEldmV0qnk&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 13 Oct 2021 06:47:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 13 Oct 2021 06:47:15 GMT
truncated
/ Frame DDC2 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3c662d8289b60451be25a7908bb0e9a9ccaaa22f4b957d5fdea00d7a90d2291

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
screenshot02.png
tpc.googlesyndication.com/sadbundle/8822650607230130604/ Frame DDC2 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8822650607230130604/screenshot02.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
3723a807dd112b3ba24376513d510ec4d765005bbfad06f2951b175ee09e1aef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 14:53:22 GMT
x-content-type-options
nosniff
age
316433
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90756
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 17:36:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 09 Oct 2022 14:53:22 GMT
Auvik-logo-white-bg.png
tpc.googlesyndication.com/sadbundle/8822650607230130604/ Frame DDC2 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8822650607230130604/Auvik-logo-white-bg.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=600&slotname=3573099848&adk=2922274577&adf=1238988468&pi=t.ma~as.3573099848&w=300&lmt=1634107634&psa=0&format=300x600&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634370&bpp=1&bdt=212&idt=205&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1175&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xHYKgeSxKe&p=https%3A//domains.co.uk&dtd=208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
544d76fc8711dedd2d0799872726b9584b3547f6da40ec71e91ae2555adcdbf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 05:01:06 GMT
x-content-type-options
nosniff
age
6369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9996
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 17:36:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 05:01:06 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ Frame DDC2 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis%7COpen+Sans:700,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 17:03:52 GMT
x-content-type-options
nosniff
age
481403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 07 Oct 2022 17:03:52 GMT
truncated
/ Frame 69B0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d88094dae333d15c80cffb5c0a487e0ac9c303e6bff729cb754396637e25ddff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 69B0 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 19:46:29 GMT
x-content-type-options
nosniff
age
126046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 19:46:29 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 69B0 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options
nosniff
age
131149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 11 Oct 2022 18:21:26 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012109102127000/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f129.1e100.net
Software
sffe /
Resource Hash
ea837fce2c9f11270b9b941e875abb7403de8dcfa960350eab3524663869d6ff
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4693
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7337
x-xss-protection
0
server
sffe
date
Wed, 13 Oct 2021 05:29:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"baff4e4cf8d00f8d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Oct 2022 05:29:02 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DDC2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Oct 2021 14:19:22 GMT
x-content-type-options
nosniff
server
cafe
age
59273
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 13 Oct 2021 14:19:22 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DDC2 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Oct 2021 14:31:09 GMT
x-content-type-options
nosniff
server
cafe
age
58566
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 13 Oct 2021 14:31:09 GMT
164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
pagead2.googlesyndication.com/bg/ Frame B025 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6012576421745490&output=html&h=280&slotname=4662294540&adk=3783627702&adf=2068159931&pi=t.ma~as.4662294540&w=1200&fwrn=4&fwrnh=100&lmt=1634107634&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.co.uk%2F%3Fmdlp_my_domain_list%3Dsafe-uk&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634107634366&bpp=4&bdt=208&idt=135&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8491596711835&frm=20&pv=1&ga_vid=1404825839.1634107634&ga_sid=1634107634&ga_hid=24237895&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062662%2C31063104&oid=2&pvsid=3149711948478676&pem=556&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzbf5wguDp&p=https%3A//domains.co.uk&dtd=144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 19:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
41839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13308
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 19:09:56 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
35a140b93b48666ed63ae27b57c1b41c1ee6a393d0a80bc3347ae5d246c379ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52518
x-xss-protection
0
server
cafe
etag
409095023203622592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 06:47:15 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=domains.co.uk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 06:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/ Frame 9101 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://domains.co.uk/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm4-dmbQn-qkdRHJkEoCawJTkk84YIygiiFyI1VyWd2ROgSdL2gnrf-hnVAL_A; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 12 Oct 2021 21:28:04 GMT
expires
Tue, 26 Oct 2021 21:28:04 GMT
content-type
text/html; charset=UTF-8
etag
414810510046348021
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4645
x-xss-protection
0
age
33551
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 9101 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CI4oJ8oBmYdmsINby3wORwInACtz0vNJlkfqty6AOpOfy7ZUCEAEg66CJKWDJBqABrqH51gPIAQKoAwHIA8kEqgTbAU_QRDV2OWwzn2irLcMlVnBHCIDUBVC0RB7Pm6MYFvg_CBOQqcpFRdPC2Enu7QZ3eMbApcvud3roZVsnnHP-qCjlRmO4Dj02Ik9kjE3gFUrr5h_ul9hPVfbSjUZXGUg4Ag632gGv1wNfTVBrUYhNClmz1YuXx0fUyly8C63mYqTqhs1G71zkH0jyaleyPQWeyV8W0PLW8qA7e2T2qY016TSVAqZOs6-mE2IZQndQKcUvLjj7246sSpwDAQRdMGZ1FiMWgqMRPlDkrBxrq1J9VUlatLJTH7IqrfNLhcAEjMmXot8DkgUECAQYAZIFBAgFGASgBgKAB7rehimoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEPy9StIIBwiAYRABGF-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNjAxMjU3NjQyMTc0NTQ5MBgA&sigh=AsQ38DVjrp0&uach_m=[UACH]
Requested by
Host: domains.co.uk
URL: https://domains.co.uk/?mdlp_my_domain_list=safe-uk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 13 Oct 2021 06:47:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 9101 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 06:47:08 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 9101 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 06:47:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9101 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Oct 2021 06:47:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 9101 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:13:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 06:13:01 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 9101 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 20:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11185
x-xss-protection
0
server
cafe
etag
5630310602010257655
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 20:02:31 GMT
11133742611892289317
tpc.googlesyndication.com/simgad/ Frame 9101 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11133742611892289317?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnH3Wnjd7w1rFS18iN67KBuXTsbxQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
ba9b7515eda5217dbe3edc6ca5c7c34e19870462908a37dc11e44eebdd342565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 14:12:25 GMT
x-content-type-options
nosniff
age
146090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19404
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 16:24:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Oct 2022 14:12:25 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 31E1 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm4-dmbQn-qkdRHJkEoCawJTkk84YIygiiFyI1VyWd2ROgSdL2gnrf-hnVAL_A; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 13 Oct 2021 06:35:57 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7DED 		247 B
982 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
1ed4307177cb29997495ebb7092e8822387242f904f5706c468a6a5c60164c5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/redir.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-j-JhbGAwANTleCfM2nqJTw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
203
date
Wed, 13 Oct 2021 06:47:15 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9101 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa93417e255f5a89a83b1892b9774d39b824a288e00b463d287981bc925ddd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 31E1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm4-dmbQn-qkdRHJkEoCawJTkk84YIygiiFyI1VyWd2ROgSdL2gnrf-hnVAL_A; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 13 Oct 2021 06:47:15 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 13-Oct-2021 07:47:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 13 Oct 2021 06:47:15 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 13 Oct 2021 06:47:15 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe.html
p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7DED 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
e72c51a7a6263f18706b8b3cb0af6b7ff060353d7984f25c662479e349f5a8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-fdyfTlU9izCrVIfHtuINEw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
1861
date
Wed, 13 Oct 2021 06:47:15 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9ae6a2762adbe9ecff13e8df4862fd146b21723b25ba685e59cd9ae0c13b3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 06:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8649
x-xss-protection
0
164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
pagead2.googlesyndication.com/bg/ Frame A13D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 19:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
41839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13308
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 19:09:56 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 13 Oct 2021 06:47:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D149 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://domains.co.uk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 13 Oct 2021 05:52:06 GMT
expires
Thu, 13 Oct 2022 05:52:06 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B7D3 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
3af0e889922cd3fc5e6b928b7064a3956edaf74e8478fe11d2b1ff0aed1e4d58
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uYFBCIy0Wso1MkOkpJ3/og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://domains.co.uk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 13 Oct 2021 06:47:15 GMT
date
Wed, 13 Oct 2021 06:47:15 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-uYFBCIy0Wso1MkOkpJ3/og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame B7D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=3149711948478676&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
pagead2.googlesyndication.com/bg/ Frame D149 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 19:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
41839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13308
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 19:09:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=3149711948478676&bg=!6Oul66_NAAbGFvHlxhY7ACkAdvg8WlFStrQwR4rTALREItHmSDIpLVlzbgkIsB3foYEw8VlFhYC8qAIAAABdUgAAAAtoAQeZAsCYYa1iwIcECvcg0RX8j3UJ84Ub2ROJWia5G3wHUlPr3sCz38bl4fubik_EQvLtzNAIOgEIAi3qjPebc05WCzDLvWeoo7L6OK3jDmkycONZVhqp6gfnLYktzbHAM2KKgaUhrlZB8XFm1KajzXzP3YYvJ1Sjhi-SRvGZYQntk2KJl0V-0aFs7jBI31RFiOfCgnMCIuy39Zqh8MOMC8e5ikAKSsccrlqNlEynvm__UmYWfqnHPIKVYWOND9KI5C87cuahg9zL0GY5VQQKZ1zMlKm9L57g7fkynaNENZ1nDfYpCcvayktx5G7xa0ZGP1pHhccwgga924PLXOUGTgvAznpHaO0I72CAXZehOB1fbwvV0VDFWtePbveGjk5-m9S8e8M6abH-_lOZJodjQwXuDVXB11fMklRXQ8puXlaplGum_Mgu3qboN2rH4Hww6glxgQ8hO4XuhCP3yHW71FmgHz7SXC4io_7tzYsEMhMsTr1z6-jNgdUnT9_1jBwSzy6oMrRRhr4jBnXqNANt_PjJnJAkUq12nGVG9VqUTh3k9qi3HxSWuoCbsL9cwiljPNJxuZd3RWBTd9PQDPMIJw2CeRmRxLp7mMHOBca9TkqME9CyFWnXuwusqE-VmdRMXxhjgdumBDCHVl1-kevQ1XrfNg3nB6brbjwz6r86c2LHzxY0bie555wIzMDCiCE29Migf-eqgY_O2oVigdrr2d_VYctwPdeQ4MllJgA4Xd6D0xXjiLhdPoNN0nOwcguiQGTm-HIR603-r56AYUR8LhX4iUoUbsdNvKa464S5auvrdTIxDx_o4jZ7nRUmfnWfvf8IZ9HTafbzLvvxTLOnK6EcUGVKGMx_Hi899C3S-OCSdI8pUA3KYcOao_Cf-Yd5f39PLkdOtPSMGR4-qwFv491CaIqqeCiP0REmGp1dhiNs5wJj1w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://domains.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 06:47:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 69B0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstG9H-npyjI5LApd2mjbUunZygH7hCWFzHMojguFcb7LeLGAQL-Doszfc6ZxTVfNTzIPynkCF41DDPqvowNuYJOYp1MbTnMdlh7JGCCrmowaLGZswY&sai=AMfl-YRVIfTRGm04lDQ5tfd44qbr0qWcm_Z_m0v8H9trNoO7eW-qazM3X25MjVFowf2x6VZnnoiVj_oX4UqB&sig=Cg0ArKJSzESJsPEgZ4uuEAE&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3783627702&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634107634511&rpt=817&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 06:47:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DDC2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCpiitCmPdzoT3ksDdl0Z9xpUV99S1etyw_8raH_8KcchDmSdcmZkRhFrVVO1249NU-1Tw08dj_tZiz5eaAM2z4zMFJIz5VkACAgyYuXcQxrN-Fvc&sai=AMfl-YT4h0xWgfEvFN8MOn2xd9ftRrj9ncCWx7mImN0DcBQZa6_OEmnFtnxIJRf6fSJ6QRPw4fdXlNpePcOO&sig=Cg0ArKJSzLJAM1RtjqD-EAE&id=ampim&o=1175,569&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=140&tls=1140&g=100&h=100&tt=1141&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2922274577
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 06:47:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9101 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqn1fR5SgEZrW5mrA2kqhYEZ7N9gGb3yisG4ZHyuIYxCjEjm86p8zFxDxkX9Sz484p2aXacSm9DceQzYu0zNi6-kHebyL2THZF8VY77Bf0ITJB3h4&sai=AMfl-YTtwaQyF9LV_9_ihWlz9h5tqYBlpCHNVUgAsWNKVUjPqg2nDUOWSGy8d-7KgQKzyqINRxg2jSvfQyEY&sig=Cg0ArKJSzHdJG41_8eGiEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=96,779,1000,1117,1294&tos=96,683,221,117,177&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634107635457&rpt=106&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 06:47:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| ExactMetricsDualTracker function| gtag function| __gaTracker function| advanced_ads_ready object| advanced_ads_ready_queue undefined| $ function| jQuery object| exactmetrics_frontend object| cnArgs object| kc_script_data object| adsbygoogle function| gReCaptcha object| google_tag_manager function| advanced_ads_check_adblocker string| ajaxurl string| ReqFieldMsg string| OEPL_PLUGIN_URL object| PT_CV_PUBLIC object| PT_CV_PAGINATION object| google_tag_data string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| recaptcha function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| AWIN function| ExactMetrics object| ExactMetricsObject function| EventEmitter object| eventie function| cvp_imagesLoaded object| cvp_Modernizr function| cvp_Shuffle function| cvp_common object| cvsf_data function| cvp_js object| html5 object| Modernizr function| yepnope function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Headroom function| WOW function| Waypoint object| kc_front object| wp object| googletag object| google_llp object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
domains.co.uk/ Name: PHPSESSID
Value: c80b8540befec339861af8eb7a94fc51
.domains.co.uk/ Name: _ga
Value: GA1.3.1404825839.1634107634
.domains.co.uk/ Name: _gid
Value: GA1.3.1904992797.1634107634
.domains.co.uk/ Name: _gat_gtag_UA_112091208_1
Value: 1
.domains.co.uk/ Name: __gads
Value: ID=599ef678b6a97a77-229466adf3ca00b0:T=1634107634:RT=1634107634:S=ALNI_MZxOErlwjuY6eui6WlwcNsVpd0F_w
.doubleclick.net/ Name: IDE
Value: AHWqTUm4-dmbQn-qkdRHJkEoCawJTkk84YIygiiFyI1VyWd2ROgSdL2gnrf-hnVAL_A
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
cdn.ampproject.org
domains.co.uk
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
p4-htex4yzn5q2os-fr4xeoxr25va4isu-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.domains.co.uk
stats.g.doubleclick.net
tpc.googlesyndication.com
www.dwin2.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.safe.uk
104.21.1.72
142.250.181.227
142.250.184.225
142.250.184.234
142.250.185.130
142.250.185.132
142.250.185.142
142.250.185.194
142.250.185.98
142.250.186.170
142.250.186.66
142.250.186.99
142.250.74.195
142.251.5.155
143.204.209.113
172.217.16.136
172.67.148.244
216.58.212.129
216.58.212.130
017533b65890dc9fad4d486d3479b79fae4a3212abdbe6df969220d1fc5c2dd4
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1ed4307177cb29997495ebb7092e8822387242f904f5706c468a6a5c60164c5b
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
257c07e40f4fdd78d66090a4347816a4777d8f2ab8b266d4aebf56da90538cbc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
35a140b93b48666ed63ae27b57c1b41c1ee6a393d0a80bc3347ae5d246c379ac
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3723a807dd112b3ba24376513d510ec4d765005bbfad06f2951b175ee09e1aef
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
3af0e889922cd3fc5e6b928b7064a3956edaf74e8478fe11d2b1ff0aed1e4d58
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
3efb9b0e39c3aeb1aaa875d36f00eb119493c393d7cdbe508c158de914952f04
40bdf18618cf840ceb5be6affcdbf47bcdf1d9ea79f0cb2d01b73286b09c88ce
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
544d76fc8711dedd2d0799872726b9584b3547f6da40ec71e91ae2555adcdbf0
55981699c7ec0e941a8f941734eaa925d9480735bbe133296da3bef765f59dac
58dcf1c33b378558e0db77a33fac73a42ef17b3765b49c252654133d29147027
5b706a52c0ae673c9803f61e3a901a23c78f6e845a3dc68036c5a4f72602953a
5c8a86b8fb89ac18f083952318385e9d22a4b0f3fcb8a220ae1d0bf0bd1ae9c0
5cb1568fda678584aeef8f4ae58388e76612f366715952b073bb787b4a3b0976
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6ac59f20fc983097eaa49078df0590a1377296d4675d18f312dfd0f5ed17fa6c
6b8912fd9fff6fc5d0b330ea57ddac5c1c2e42dc5312811e545a6fa1acdfd466
77add0d7d934f4a29c9c79101cbd3541ca37fe3a2a1531f6b237d42ad8fcc887
7e924c3d333821072118527e109f7477c6bb4fb0baac612a0ac8cf0a95a2c850
7f2a90ecfd74a3ed275a25d48fb0653fa90aa90e9287ae11b8ddf2ce92ece23f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
92f5bb27087baeb25cb4643a8d4f6cdd872ecf571b53c040d7344d017bcfab52
9720cdb95625dc10453345b9a88b9129fa099b20c2f06315ac7538969fb6acaf
986888799c5a4feb7e6311e1e122ff23bf3112629a8d7bcdd92bb51af50676c9
9a9ae6a2762adbe9ecff13e8df4862fd146b21723b25ba685e59cd9ae0c13b3e
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a62ec5fed53551531c228b66785db951685af982df2e7bfe6fab7444346e51
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
acfdc5500797d8de0a91b0ba0d04100417a24b9785f787c68464f800b7ac3a6a
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b69f1567863d760ef4dabec3eb29f349abca4b007dce36ab8926784a7babbe6c
b827236a64b43bcd9c08b6e127a5cee91cc0d458442d5161f37ae0f95bbee886
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
ba9b7515eda5217dbe3edc6ca5c7c34e19870462908a37dc11e44eebdd342565
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c77ea1bc6b1a08d0577cd0a8aed3b691515a72370624a7a8ee2ee08025532571
caa93417e255f5a89a83b1892b9774d39b824a288e00b463d287981bc925ddd7
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
d3c662d8289b60451be25a7908bb0e9a9ccaaa22f4b957d5fdea00d7a90d2291
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d88094dae333d15c80cffb5c0a487e0ac9c303e6bff729cb754396637e25ddff
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b20a5be1d17425c49f41e8e466858138c0fb463b797f9c449b00084cbef5b6
e72c51a7a6263f18706b8b3cb0af6b7ff060353d7984f25c662479e349f5a8fe
e76a1af3fa0bae3d9025898868fdac0cd4301b6ea2dbf3f6fd823eb7004421f2
ea837fce2c9f11270b9b941e875abb7403de8dcfa960350eab3524663869d6ff
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
f7b8901fab1f8f3f33c485fa9f7046bbc11b8cde13fb44ac4f2469b12cfc0353
f921d1af2961e2278ef21996f921fb0be73d50e44a973961d4ca08c33d2eab65
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995