tsgos.com Open in urlscan Pro
2606:4700:3030::ac43:94d3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tsgos.com/
Effective URL:
https://tsgos.com/
Submission Tags: falconsandbox
Submission: On December 07 via api (December 7th 2021, 10:48:20 am UTC) from US — Scanned from DE

Summary HTTP 87 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 87 HTTP transactions. The main IP is 2606:4700:3030::ac43:94d3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tsgos.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2021. Valid for: a year.

This is the only time tsgos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 43	2606:4700:303... 2606:4700:3030::ac43:94d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	104.20.229.67 104.20.229.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
87	11

43 2606:4700:3030::ac43:94d3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tsgos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	tsgos.com 1 redirects tsgos.com	759 KB
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	346 KB
9	doubleclick.net googleads.g.doubleclick.net	79 KB
5	google.com 2 redirects adservice.google.com www.google.com	2 KB
3	gstatic.com www.gstatic.com	13 KB
2	googletagservices.com www.googletagservices.com	74 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	statcounter.com secure.statcounter.com c.statcounter.com	14 KB
1	googleadservices.com partner.googleadservices.com	644 B
0	juquery.com Failed www.juquery.com Failed
87	10

	Domain	Requested by
43	tsgos.com	1 redirects tsgos.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	tsgos.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.statcounter.com	secure.statcounter.com
1	secure.statcounter.com	tsgos.com
0	www.juquery.com Failed	tsgos.com
87	13

This site contains links to these domains. Also see Links.

Domain
wordpress.org
facebook.com
plus.google.com
twitter.com
pinterest.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-06` - `2022-12-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://tsgos.com/
Frame ID: FC47CE1B737D64ECD72F5ECE5876CE8C
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Frame ID: B0420A003D8BB258E436D631F6BC91E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&adk=1812271804&adf=3025194257&lmt=1638874094&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftsgos.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638874094619&bpp=3&bdt=254&idt=116&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1586713457240&frm=20&pv=2&ga_vid=1747039745.1638874095&ga_sid=1638874095&ga_hid=1951554063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31063865%2C31063867%2C31063246%2C31062931&oid=2&pvsid=2065705500978081&pem=346&tmod=459599292&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130
Frame ID: 06971E9EE062D279119CFF1F08754E62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&h=600&slotname=2458497676&adk=646582030&adf=45027081&pi=t.ma~as.2458497676&w=175&fwrn=4&fwrnh=100&lmt=1638874094&rafmt=1&psa=0&format=175x600&url=https%3A%2F%2Ftsgos.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638874094622&bpp=2&bdt=258&idt=132&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1586713457240&frm=20&pv=1&ga_vid=1747039745.1638874095&ga_sid=1638874095&ga_hid=1951554063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=306&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31063865%2C31063867%2C31063246%2C31062931&oid=2&pvsid=2065705500978081&pem=346&tmod=459599292&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6TjivQjMOb&p=https%3A//tsgos.com&dtd=137
Frame ID: 5CEDE3C1FDDA76D2D1F6BC4D5F06AE3A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6FBBAF4BFD7D2AD65E559CAC658084E1
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B31F8874FCB4D03DCDE62CDAE4800466
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C0E6795BDD93CF90ECECBF01B45251F6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FB5499715C1C48D791D4D56CF27EE189
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Frame ID: 429314ECA4149BFFCD6DBBB3B86D3479
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Frame ID: 46A9EBEF56A3245D1EAD3D3D31BE5302
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C12CB8CE8FC14648F606D712F5DDB4B0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC6FDB7BE5E0CFB2208D974BE7B259DC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TSgos.com - Mom And Kids Activity

Page URL History Show full URLs

http://tsgos.com/ HTTP 301
https://tsgos.com/ Page URL

Page Statistics

87
Requests

99 %
HTTPS

80 %
IPv6

10
Domains

13
Subdomains

11
IPs

3
Countries

1287 kB
Transfer

2414 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: https://facebook.com/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://plus.google.com/
Title: Google+

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/
Title: Pinterest

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tsgos.com/ HTTP 301
https://tsgos.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

87 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tsgos.com/
Redirect Chain

http://tsgos.com/
https://tsgos.com/

49 KB
9 KB

1431ms
1405ms

Document
text/html

2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 758a9ed4f241b24b8e21dc7e751c67f3d048a3ffc6f3717a5a9621e05115acc6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-type: text/html; charset=UTF-8
link: <https://tsgos.com/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=0
expires: Tue, 07 Dec 2021 10:48:15 GMT
vary: Accept-Encoding
x-ua-compatible: IE=edge
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5r%2F4DozkW3bHea9nu3kl63pSqPz%2FxtJMKt5h%2FVZLilCfdWlSR2UON%2FChvYBDdI9IDm6MiFxslmk8%2BkQ4ezlCUGYnx3U6Y4Yo9jl0cd7jBO7SA9UDIDQlwj2ZKIjmZjvdAr6vwGPHoAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b9d2e290ccb4e50-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Tue, 07 Dec 2021 10:48:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 07 Dec 2021 11:48:12 GMT
Location: https://tsgos.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71zOICoNjJgt4cVzd9xfg%2BK02y4PbsNeSz1Fz61bmBGloLB%2FAXXGHeXRWvC23hOrkawCcyioVGgak12a6%2FQIUMLU3cQcvjj6KwsAaAPmU4j64C0Wy4JdczotBDZrrmeVEbjMszq3HPA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b9d2e28b97a4eeb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
tsgos.com/wp-content/themes/tsgos/ 16 KB
5 KB 27ms
25ms Stylesheet
text/css 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/themes/tsgos/style.css
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b0d0e7c5b7486e204d94e5d9b025cbbc9291940522228972d3076d204008f0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jun 2021 06:39:40 GMT
server: cloudflare
age: 1645646
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEZ7ptzipRd5fZp8JUvdDMLntb%2F5QhofPN4PZrVKFGwUSawXwoWJda7tf8skq0nqcARWiaLi1YfrauV9zRn%2FXkizjofrQFlWamiZ7r%2F0KsJOoX7%2B%2FzympwK89ZpBubsKzIfEWkZhtoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e31e8a04e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 18 Nov 2022 09:41:00 GMT

GET
H2 200 style.min.css
tsgos.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 29ms
28ms Stylesheet
text/css 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: cloudflare
age: 2263737
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHKkkli1ROu%2FRIg%2FnDEw0prjUsiH1Ih%2FWuycW1hp7zvcKoBtUp1sc1o73Z7E7B2aSbIfUmkp3w5g7rP%2B0URVGzNn3auQPPhND2djGB7CatjJJYF9eYaN%2F%2Fjs8ejzm4hntFvv2g6QJHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e31e8a34e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 11 Nov 2022 05:59:27 GMT

GET
H2 200 wpautoterms.css
tsgos.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 547 B
483 B 41ms
39ms Stylesheet
text/css 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=5.7.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 01:55:15 GMT
server: cloudflare
age: 2263737
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtkaAYmlL0Gpx1ouLX8SOx6u7s4dd3eZb%2BPzwA7DDOLQqdP%2B7R7HeETjLrGvFyZLNgyvuJ4AdLfWsLDahozkQnODjlRSE4OlmqUqDvdp4omMamiZR1KD8Rnjh%2FU82dv89o8R2tnv72Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e31e8a54e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 11 Nov 2022 05:59:27 GMT

GET
H2 200 styles.css
tsgos.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 24ms
23ms Stylesheet
text/css 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Nov 2021 01:54:48 GMT
server: cloudflare
age: 703086
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSuhYCdzJ%2Fp8umIc%2Bzoa17JqkZ%2FQUXS6rM0PTm8O%2BZdqEQcLbuVhNmjb7KK7%2FAoAHBahQ1LUeZ6zxblIABsD6rNFhS4xPpPkbpBHRqct%2B5oeTstl1wsbNbDdPuIwir5VXpiTjwULxaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e31e8aa4e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 29 Nov 2022 07:30:08 GMT

GET
H2 200 jquery.min.js Show response
tsgos.com/wp-includes/js/jquery/ 87 KB
32 KB 46ms
44ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: cloudflare
age: 4670661
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMxOZaxYPw71YyB6daRD2obdcO2qoNRcVHReB3EdZM%2FE3qAFBwNR6SNYLNLRuH0qvMJUFyrmHHCceQe0OSdp4TXqOMb0Vlx1082gpo31bDZ%2BcYqCwHC1BEfOKXLDthruTkooXxGrlG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e31e8ad4e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 14 Oct 2022 09:23:57 GMT

GET
H2 200 jquery-migrate.min.js Show response
tsgos.com/wp-includes/js/jquery/ 11 KB
5 KB 31ms
31ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: cloudflare
age: 3478092
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3BEByqrV9zxQgghr97t%2BRamZU0%2FgiSOoMHMx%2FCyegRxyXuQudW98WAcc%2F4v2CefbIx7bLjFiCdD8kiA5gO9cb3NVIC3YE%2BYQ9wUteQWnxGH3a%2B7CY73poXiqor4wRpStjoSBaNV%2Flc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e31e8af4e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 28 Oct 2022 04:40:09 GMT

GET
H2 200 wp-polyfill.min.js Show response
tsgos.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 41ms
40ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Jun 2020 11:50:29 GMT
server: cloudflare
age: 4670662
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dfgoitrWoAt041yzZyBfOKztxPcmdHfN1KeGrhjAecRrKPKPkzyH5O%2Bc75nC4WPaFReeQQyyvrld75ignG8IAMr%2BVq2JOvZOFnVy4QctY6caiw5zzK9JzkGKcF%2F4kChJEV3LGhHd1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e31e8b24e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 14 Oct 2022 09:23:56 GMT

GET
H2 200 dom-ready.min.js Show response
tsgos.com/wp-includes/js/dist/ 1 KB
908 B 45ms
44ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/dist/dom-ready.min.js?ver=93db39f6fe07a70cb9217310bec0a531
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4213eba6c464b3ca6fc71c748e2ba99f63f7f0b624199fd44127da67e40a3003

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Sep 2021 13:55:41 GMT
server: cloudflare
age: 4670662
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tywh1mnx2EHjiivNwrH7erevQIcHCO4QjuEmi9l3fg%2B8xLSqghXKCFjxVAZT0Sl2P3achILPKt7yEqrohZIl%2B%2BYZDUhR5sR1TTaNV03PnNgg%2Bx7JeJupTG6mD0iY1T%2FgLRM%2F3DlUpIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e31e8b54e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 14 Oct 2022 09:23:56 GMT

GET
H2 200 base.js Show response
tsgos.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 720 B
635 B 24ms
24ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.8
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 01:55:16 GMT
server: cloudflare
age: 336540
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhfIKE2BeRbs1z4DwaAxt8EHW8q%2BYoxb8wv1jVpm1okNY%2B4HQiZTNqjd6FYmWv%2F559vaqhgvJcNI%2BTsrIDvoVz6SnU08nFGIm6v6u5p%2F%2FY0FmQ5uZphngCiuDoQZoxNCZgaKJk4ZZoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e31e8b74e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 03 Dec 2022 13:19:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 119ms
75ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3047704409027046

Requested by

Host: tsgos.com
URL: https://tsgos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e0a5ef065b7b9b8e0c3c09774b87c020a6dfc54151bf3f4c84d514173624e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsgos.com/
Origin: https://tsgos.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51942
x-xss-protection: 0
server: cafe
etag: 17579833368097333501
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 10:48:14 GMT

GET
H3 200 LOGOTSGOS.png
tsgos.com/wp-content/uploads/2020/03/ 17 KB
18 KB 22ms
21ms Image
image/png 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2020/03/LOGOTSGOS.png
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d455fbe48a68f48891359a4545c4e3ef5096b24fab909fde8bd534cf9192eef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2077387
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17413
last-modified: Wed, 01 Apr 2020 02:35:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXgp%2BD4a57yn9OxfwYVzzblN3dLTuvnMusrgnCoTJUt1fywUA87k0QHKMmpwJxcXLzrHyMxMPuLvK1OPsxk8644kJlUtD93k4nvVPJ2EUBHQu1ogvin5jGylb%2BMLg%2F45xc0xCuaGBuw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6b9d2e327fda4e9d-FRA
expires: Mon, 13 Dec 2021 09:45:18 GMT

GET
H2 200 counter.js Show response
secure.statcounter.com/counter/ 39 KB
13 KB 70ms
19ms Script
application/x-javascript 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.statcounter.com/counter/counter.js
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 11:08:17 GMT
server: cloudflare
age: 41225
etag: W/"61656ca1-9cdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 6b9d2e32c8b54e3d-FRA
expires: Tue, 07 Dec 2021 11:21:09 GMT

GET
H3 200 jquery.modal.min.css
tsgos.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/ 3 KB
2 KB 19ms
18ms Stylesheet
text/css 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.css?ver=4.3.23
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Oct 2021 01:20:06 GMT
server: cloudflare
age: 4670657
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWmdblOTWpoKuVsrXzNx0AKze6Myc%2BQSnVADnHEk2pGJc2aKleKRMqGQsp7mVV%2BulmzYbS2c9Mtazx045NjymNfdQuRpAYOBwYjm4hT3wERf1e3yxodaytRNUQMcxPyPquU41jgdpR0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e323f5a4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 14 Oct 2022 09:24:01 GMT

GET
H3 200 index.js Show response
tsgos.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 19ms
19ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Nov 2021 01:54:48 GMT
server: cloudflare
age: 703086
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iy2XkTKlQDu4fHp17t1LTQGBQZXEvjP2kFR0trK7h3%2B1gx9793rrwEmfM44lLzsbfVpQ7S6096q1XsfoQCPBllp33KUv%2ByRSTD5%2Boe6%2B9Lz06pxO8j5E43RWYtMMKjHNbtnALsJ8lxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e323f5c4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 29 Nov 2022 07:30:08 GMT

GET
H3 200 js-mainmenu.js Show response
tsgos.com/wp-content/themes/tsgos/js/ 845 B
1 KB 19ms
18ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/themes/tsgos/js/js-mainmenu.js?ver=5.7.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b994007d2f4abb80074dd18e5f3352a319857554ac530dceb5f110f329a1f2da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 30 Oct 2019 20:19:52 GMT
server: cloudflare
age: 2263736
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndG3D1DW4N7rqdZaCWO6YZMpxnxaBKm5WoEojQgVx%2FwPgbFf6sJsu3FGkeONyqo6h8ho%2Fnkb9jJllM3HGjSVT%2FTZ%2FPoqerXH7g7gXO9vIl0tJvUvnvo7jrf4toPMf0RLFM5hBQtExTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e327fc94e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 11 Nov 2022 05:59:29 GMT

GET
H3 200 wp-embed.min.js Show response
tsgos.com/wp-includes/js/ 1 KB
1 KB 18ms
17ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/wp-embed.min.js?ver=5.7.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
age: 394554
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4goLWm6q1HeeDs7RSxyybNwhYcyMXaSi7hT%2FUULHsMmtCzSVRuGDUdRUn4AwVfXM7E1c7qyLhMsNZRKh1gAkldAOKXFfvg3pt5ro9zMaZ2wZfEpMihFQtmX1CtTLDH8FBNtgsFMovo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e327fcb4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 02 Dec 2022 21:12:21 GMT

GET
H3 200 jquery.modal.min.js Show response
tsgos.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/ 5 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.js?ver=4.3.23
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Oct 2021 01:20:06 GMT
server: cloudflare
age: 1645645
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQ11sIWHR4QHlrQpGos5%2BWzgAyZPI7tIJEGJS4dDDpmtgkc%2F6yEWsjQsjVUeoU4Ot6bNAdAFkJ0mWz3UIma5iJa%2FGg4jnnTyCrVnNbOdwxK2kZHy%2BXUNpm4GHyEEg7qFCArANc%2BsNCE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e327fd04e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 18 Nov 2022 09:41:01 GMT

GET
H3 200 wp-emoji-release.min.js Show response
tsgos.com/wp-includes/js/ 14 KB
5 KB 36ms
35ms Script
application/javascript 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsgos.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.4
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
age: 2263733
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsEjDJyFxA1P5CawMcaSMwq2K4OEQWtXwlat8%2BI4FW1ulGzboIeOJoCoa%2BwfLVpf%2B2nqf3gcLuEE5ZZhCvspn3OzjwgylI4KM18zr%2BFYfZEwnmThvvvHRRh553eth6tp0MIzU4Us7E0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b9d2e327fdc4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 11 Nov 2022 05:59:32 GMT

GET compability.php
www.juquery.com/ 0
0

GET
H3 200 list.png
tsgos.com/wp-content/themes/tsgos/img/ 107 B
688 B 21ms
21ms Image
image/png 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/themes/tsgos/img/list.png
Requested by: Host: tsgos.com
URL: https://tsgos.com/wp-content/themes/tsgos/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90f27b76217a9b142f9f3c5157294d3f2e978045b2ac8c42545949b0ed9915c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/wp-content/themes/tsgos/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2077387
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107
last-modified: Wed, 30 Oct 2019 20:19:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOmOn5u3Rvnghz2hX4XRi5Vbj2RUUI%2ByvFsp1StGsHDhucjYZZmhFBsQ7zg7AsGOcRR20Mwo40bmk2Yizwcp86yVRSktrmG8JhiasXaCPlCt1Mvo%2BiC5Y0DTHLVBzzsoY1SyEouabcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6b9d2e32a8584e9d-FRA
expires: Mon, 13 Dec 2021 09:45:18 GMT

GET
DATA 200
OK truncated
/ 202 B
0 Other
image/svg+xml

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db8d2ade6dc2d26b101bba3127d3476bfacfabf1148cccc34adc654fd6cd448a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 otis-the-tractor-coloring-page-300x350.jpg
tsgos.com/wp-content/uploads/2021/12/ 23 KB
24 KB 752ms
751ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/12/otis-the-tractor-coloring-page-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa6da378536786b920c80c12674408789e0d83a619ff727b7d752660bea90f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 07:35:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcHwau9fjrrVowNE4vOPVXdqC%2F0tIFEvgZnUI41SCLSq1ImvPOjitQCjariWJ7SpL75Z9izooSMguhCyoWY%2FMhfLyNXRCplYaIhdCzylW8sPizhDbHlkrdicytJw88utu5ne1DLRGwA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32d8d64e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23865
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Kids-Love-Grinch-Coloring-Page-Printable-With-Tree-300x350.jpg
tsgos.com/wp-content/uploads/2021/12/ 39 KB
39 KB 897ms
896ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/12/Kids-Love-Grinch-Coloring-Page-Printable-With-Tree-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ef36c23fc3bb975205898dffb3ce93e30598f632ef71100c5c99d63c07ad26f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 01:17:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eNhPlnyDm9c56XkdBv%2B8yQ%2BNW%2FdfsC3Wd7ZYljtelS7%2Fqx7xTclny2n2bAmPobRPrcrO72dF08hEYT3KFJZlH%2Fmm%2FkzEiQPbP0eYNPaiZIWgddPBHFkdKWERjV%2FwG0fAZRUbXH7R8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32d8db4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39693
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Among-Us-Coloring-Page-Special-For-Christmas-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 32 KB
33 KB 837ms
836ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Among-Us-Coloring-Page-Special-For-Christmas-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20445967c2d0b2ccdb216b16a2952bf07d5d0acc8901e412d02222effbd8d4db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Nov 2021 01:57:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeC3mKFI9ouap2VQpzMPtpjlajWKeNYDAXV7SBnKycohDcXx4M0lyf8DXUQOBxo%2FFqu4Ib%2BHBV96HmYRC6yN0LCrVCeQo4weUcNFLEAJWX%2FdUFRqT2tvjr8JSuOcvfOiucjWt8NBYNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32d8df4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33045
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 happy-thanksgiving-turkey-tsgos-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 13 KB
13 KB 737ms
734ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/happy-thanksgiving-turkey-tsgos-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1074e3f2a00d8da8377da439fe8e2a1e49d61e2af6d2c4ab34de4dbd5e4baa1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Mon, 15 Nov 2021 03:52:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AT%2BhuNNcsOb5XPJ4hz%2B7XR38%2BD90QWYSyIEx5yMg7TFZQxHZ%2FMfwhIA1Kem5YEAiSInfufLZPoYtzfRgaMSD13PCgznIyZ1VvvYbsgge9E7qz1hszKHxdBzqREOMbIQ62iQG2wkylI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e8e24e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13161
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Among-Us-Special-Thanksgiving-Day-Coloring-Page-Printable-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 37 KB
37 KB 929ms
926ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Among-Us-Special-Thanksgiving-Day-Coloring-Page-Printable-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aeac5cb758cd5903c8b911426ac4ab780c51e55b655d4874cfaefd5f8710058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Thu, 04 Nov 2021 01:42:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nji7FKJuTWljhCmVCEH0cuXgYq7QAcPF5IOmCnvZqd92PP1pWS0lo2gb37wvcu290SxNY6n5Xnb7akMEpKqJb7eBwo%2BqL3dOR%2B14SC%2FpXM2cYlrTQegAGtp7mUleayLd3fBPn5fLWLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e8e34e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 37502
expires: Thu, 06 Jan 2022 10:48:17 GMT

GET
H3 200 Unique-Skin-Among-Us-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 29 KB
29 KB 816ms
811ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Unique-Skin-Among-Us-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8648530f2dbd2de47da2cb5489a0235e44e5f86b36446a5c7ed52d99f458e7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Thu, 04 Nov 2021 01:25:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZQTV8Z8rff89aaUdPiF2cnDNDhr25Az8kaxV8sEsAatkv8C9BF6ozlfSzRhr7QNG2kgnBtfITUjwS48o9QxWjygL3EUAA3FJlZUUUCk%2FTmnDBee5QnxA5y9dqmPeoj8p3703gQ5gyk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e8eb4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29615
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Kawaii-Little-Mermaid-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 30 KB
30 KB 761ms
756ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Kawaii-Little-Mermaid-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed16a2a968148428297b2997f50da2acd51ce125a73ad642f017a0429ae53119

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 02:09:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEuM%2BnJ3p1%2BBE3ntvwmOYsaRLtS44Thd1xq5O6U41MESA%2B3jdSbYqNMhdPnAbvEOtB6i8tKn6X%2F%2BeVAlBXvBWFzByyyPwJvA114fbLiegcgsJmXe%2BtuvL3X3C%2F%2FdsMLKlUVMPpcQNEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e8f04e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30237
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Pokemon-Charizard-Free-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 29 KB
29 KB 811ms
807ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Pokemon-Charizard-Free-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98acb50a63047f16eac68d34144d1c73ee9fcc80bb9d0767785d5c39bbe4b5a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 01:00:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbieCgOVPkrPIS9%2BeYx9GPc9tjSxVgrO0NbJXBDAED4GebQThu%2FLDhaZ18bkwM4sle4oDFSczOglIuxoDx4LA3HRGuhcVLInANi0%2BrLZGtR8EUIW3h6Mt3NTIyFfGxTRBuvKZG75jdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e8f14e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29538
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Cornucopia-Happy-Thanksgiving-Coloring-Page-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 32 KB
33 KB 789ms
786ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Cornucopia-Happy-Thanksgiving-Coloring-Page-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b85ab9c5d80e81f67926eb6f08dfa51fb59352a973a8b9e676ca7174754b6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 01:21:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcZpA0wV920pYRcP%2Fi%2BPfx9dceiztYCxL1e4J9x04crhEL6WY1jTsVc3PguZD43AzGU%2BvOSBL7rVUc%2BqOjuV9lSKuaz%2BZS6Ue2XJES%2B6Nb1CTEg9bBF7nQn%2Fnd%2B2fD9Jg6zem5ax2Zs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e8f34e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32985
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Super-Kawaii-Pizza-Coloring-Page-For-Toddler-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 29 KB
29 KB 431ms
427ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Super-Kawaii-Pizza-Coloring-Page-For-Toddler-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 366f102bbfed041461b6ecafcac7c00dd4f6be3da40aa69da2f00a31775093eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Nov 2021 09:20:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfIJbfrLmw3Zq0q%2B8xZTp7Dp3XlbWncuUio8l6jdHVsa0m94HH131MHYk95%2Bdz54QGPyRnt2jy7Ay0gW4e%2BBm484Z%2B7o7E2gj4gfhR3QdJ%2F3t9fX3anc194NlgqB2%2Bh441RO0a73fYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e8f54e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29598
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Mom-and-Baby-Turkey-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 26 KB
27 KB 828ms
824ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Mom-and-Baby-Turkey-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9be255b79e70eaae1d5c45ee10a575dcd07e37edf54ee8b5a229c9dfd29cfbbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Nov 2021 07:36:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQkCAtZT5end4ilSdQQoEofrD4yBKYi4tpy70fxv59M%2Fsj7w2lD2FJYXlSomqH40Te2yW4tr081E9AJmYGVTP4Bnv%2Fhaj8cYS3awXxHc%2FZFA8JKdjEqzEGFwEZKmyzyEzEBf%2BQkGRMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e8f84e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26830
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Simple-and-Easy-Turkey-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/11/ 28 KB
28 KB 824ms
821ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/11/Simple-and-Easy-Turkey-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3cbeabb5b498ceab8db507fe474af38aeadfe18ece9449cc25513e261a02cd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Nov 2021 05:14:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fl4BRkM8S74B6zO%2BqDYvpAPCL%2BHDl7bji2V3lEVQ%2FDZm%2FfAU63%2BQy%2BTVgKxQr0HSOmWaEfuPB1GRZxtfo7JOlOeI1gzoMaeHTvbp6ChoLTaz0MaeNdAiC95h1mIwuWJwZQLYonjB4Dk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e8fb4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28583
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Printable-Fall-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/10/ 35 KB
36 KB 867ms
864ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/10/Printable-Fall-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 693beb315db9c326590dc470b805e69d750382319626d598cd94f05a73168995

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Oct 2021 06:40:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liPhF517gR%2BpiLh7E1l0cEgvYLs%2F8n9G9W4NAfX58qY2%2B9yQebqNvijUrR%2BdV9uIB9dms%2BWdvKcfqyJyeoU8r97UA3OmUCj6PmaFuqL13k%2B0KFd1wPz0FN81lQYvnH%2BBpWor5HHz2WI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e8fe4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36057
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Free-November-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/10/ 34 KB
34 KB 879ms
876ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/10/Free-November-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd6c8d0a9dd980b006b40c5194663fef45dd69875c38630bb91d5b5c9dfdca6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Oct 2021 07:09:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgVrXH4G1wqulT6tIfKpeuTHyYdmO6dZqm1lXZwxQ8sTJfZpMIzeFPCeIl%2BWq9FXC7N0n%2Bpua2vYjsbWbcvLoUbkq6H5FjBsqtxbg3YFK%2BZ%2BR4KURvriY0s21LC8BJ%2BcGqaNG%2F%2BcOgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e9024e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34619
expires: Thu, 06 Jan 2022 10:48:17 GMT

GET
H3 200 Kawaii-Cat-Girls-Free-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/10/ 22 KB
22 KB 838ms
834ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/10/Kawaii-Cat-Girls-Free-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff32526e7a5abbb6b4ada1892114802b03c79a6c0fa73279e17feb67c3397eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Thu, 21 Oct 2021 01:20:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tx7tvDQIPC1dHtBdF8wKBWZXvNoOwFcP5aX2CB%2FFekHvvtqXV8aTdto9hB478zZjsdB6KKzoHyDE7vIOSSArZxxl40h%2F2E8z99zy7t2sV2PZVQLRlbgOLf0NZ1q17bZ5uCfREGdJv%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e9034e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22264
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Free-Naruto-Coloring-Page-For-Kids-300x350.jpg
tsgos.com/wp-content/uploads/2021/10/ 30 KB
30 KB 875ms
872ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/10/Free-Naruto-Coloring-Page-For-Kids-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 253dc9f5554d2293f37923923dee95b6d425c51adf1f107e1c10690c905d65e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Oct 2021 01:17:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOmykCYYknIAoklPyn1c60H60xG1RstzAz1jQdkfVUomOsWevRJdnQL6OLqZmbQqkxwisEVQekwIwB9q%2F%2FL9i3Xs5V%2BDxBehTpHOggx6fwHBIz2cGLMO4WwhMcl3Fx2nU47pim8o1sA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e9074e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30512
expires: Thu, 06 Jan 2022 10:48:17 GMT

GET
H3 200 Halloween-Ghost-Coloring-Page-300x350.jpg
tsgos.com/wp-content/uploads/2021/10/ 33 KB
34 KB 887ms
884ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/10/Halloween-Ghost-Coloring-Page-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480e61d81c24f80ac4730a5e07ceb2ad97d1ae2355a72fb30af33db6004ffbf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Oct 2021 07:06:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fn6lx3uBRMFl%2BFg6PCp9yOlKXifRYcBRIXZ91ERxmF5UAwOMjnk7BCoVKDJCUNOrCg4XeQQlqJivDJhnbSzR%2FTXXlNNdGbwrIURV8iTJsKQ6j9lxBxxg8cugf49NtYzzYeoRf0ONLpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e90a4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34041
expires: Thu, 06 Jan 2022 10:48:17 GMT

GET
H3 200 Pete-The-Cat-Coloring-Page-Play-Guitar-and-Skateboard-300x350.jpg
tsgos.com/wp-content/uploads/2021/10/ 23 KB
23 KB 844ms
842ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/10/Pete-The-Cat-Coloring-Page-Play-Guitar-and-Skateboard-300x350.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5777f6dfc1cb374d58dd5f8932744e3e074f8a4ea61eb80d8b5352bfbd93ae28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Wed, 13 Oct 2021 01:13:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnhC6z%2BGval%2BbI%2FNMBvrIG8du8KgzPJ%2B9iSDsV06peHuRcCIsjpUnzOM5SZ1CiJWCEcgeA01Slu702t1x1SVq1xYsF8Wd%2BrnDnTCLYZAaEXBk1DnAsCM2OlTAJvSSLzssLBWjh1zdfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e90b4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23259
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Allosaurus-Colouring-Page-266x300.jpg
tsgos.com/wp-content/uploads/2019/07/ 12 KB
12 KB 722ms
720ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2019/07/Allosaurus-Colouring-Page-266x300.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dfd03d03215bbe66a10b0d50567f8541b8839ccf7d650234a3658e3752fc4a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Jul 2019 07:29:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxf3HeHzaP09If3G%2F7xFAZN71eOcYBaSugPMYt0Cp1fxEJBJSf8LFulirRC3TsPKu2NmIR7BpRPozs%2Bck3X4EG6rKNb7rPAmeShSfM3pz17C9c2R%2BhhbbG0BU%2FY%2FSPuU8bBxgUlgSmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e90f4e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12138
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 Mario-Coloring-Pages-20-Mario-Bros-Coloring-Pages-Dayleswood-300x235.jpg
tsgos.com/wp-content/uploads/2019/08/ 20 KB
21 KB 839ms
836ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2019/08/Mario-Coloring-Pages-20-Mario-Bros-Coloring-Pages-Dayleswood-300x235.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd35696e3cf95843301222c9451215875b6e279a6d38e8493e2e575f2279e39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Aug 2019 02:25:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BxDZRVYA1u0IqBA%2B872jqmTQVtisFSSRjwVWu3JKS4s4tmzy4IUTBkT83xtG1yB2zpFRKAsgMIqSeIzDYWIraRVc96yM4KAsCyZhmVr1AVozXkDXPElLN2jpnCyXw9SH9QTSX7bDsI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e9124e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20900
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 lol-dolls-coloring-pages-lil-sisters-c722fe029d8892bb475fe2f22e135855-nUmGhA-237x300.jpg
tsgos.com/wp-content/uploads/2020/06/ 17 KB
18 KB 729ms
727ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2020/06/lol-dolls-coloring-pages-lil-sisters-c722fe029d8892bb475fe2f22e135855-nUmGhA-237x300.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad444990772f8f1412283e54b01529bd77e40eec068412dee173ee685a147067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Sun, 14 Jun 2020 12:30:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bptuhfO%2FfUUQjt7oj6IzY4aoEB6fdSs0zem6%2FkB7P6GxscR%2BQDyStyrm3V1gT953ZDx0OPF5nVRuFNTH4YbBd4V7kbkynucenn5j9gdZJGoRakvgX%2BmWc4FrKGFVpCcD0NbyXWMS4nQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e9134e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17712
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 vrqt-lol-doll-coloring-page-b8f1fd39d6e5d8ef05461486b2790540-fgamDC-227x300.jpg
tsgos.com/wp-content/uploads/2020/06/ 16 KB
17 KB 725ms
722ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2020/06/vrqt-lol-doll-coloring-page-b8f1fd39d6e5d8ef05461486b2790540-fgamDC-227x300.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb9c29ab6c47ccb304e97ac953e5dbba0b70dceaab301c83f04c25348ff0950e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Sun, 14 Jun 2020 12:33:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OU1HcjDkjyWASxln3K1zf1DUEfMmFlxOBI078o31GIyT3YJ8MBwJbux5ZtCoeOVTksqGxcgz5YjzwLe6hfCIHKn%2FaH%2FqbdsMatjdM%2BEgj20Ark4r2x84JGXzR9SN5UzJdaSHJjnyUfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e9174e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16648
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H3 200 otis-the-tractor-coloring-page-175x200.jpg
tsgos.com/wp-content/uploads/2021/12/ 11 KB
11 KB 46ms
44ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2021/12/otis-the-tractor-coloring-page-175x200.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8a2b199cbcc12d26562f7c3796b9929d51a772bb02ec8b8b3df3a75aa0b7f68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336421
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10814
last-modified: Wed, 01 Dec 2021 07:35:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bewpc8pOoNwzom%2Fy%2BdcJN66Nrz8Raefpscsk4irWnWKr82cfESCI%2Fzvb8ZMbBAYO9Pezor%2BABBIcUJE1dwO2EJDy9nafkMgu34IQ3XVpJ57BTcWlTcq8wLJgCtRPWdfGPS6DTFa57p0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6b9d2e32e9184e9d-FRA
expires: Sun, 02 Jan 2022 13:21:14 GMT

GET
H3 200 Steam-Train-Coloring-Pages-300x233.jpg
tsgos.com/wp-content/uploads/2019/09/ 14 KB
15 KB 703ms
700ms Image
image/jpeg 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsgos.com/wp-content/uploads/2019/09/Steam-Train-Coloring-Pages-300x233.jpg
Requested by: Host: tsgos.com
URL: https://tsgos.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 969383bfd44ce60d7d1a2993ce4ed18233011d3c8996cdcaf8ca28fe3f0bc8fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 18:42:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OH0Vii1zekFfrjzhArDFU6Yt%2Boh60ymAINglDXVRMn2zEBHpKJkBu3XmNYduIxToaFN2RQJD%2FY3AJkNzvLQVPT2j%2Fmev3qNuisYLFEMWScdLcg7ypQFHDWx35LndnXp8n80A%2B0MKxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b9d2e32e9194e9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14574
expires: Thu, 06 Jan 2022 10:48:16 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
565 B 139ms
139ms XHR
application/json 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11968710&u1=C3458ED285F34F38E41A601EA1FA8C9D&java=1&security=603b59ef&sc_snum=1&sess=30eed3&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//tsgos.com/&t=TSgos.com%20-%20Mom%20And%20Kids%20Activity&invisible=1&sc_rum_e_s=1662&sc_rum_e_e=1666&sc_rum_f_s=0&sc_rum_f_e=1653&get_config=true
Requested by: Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b9d2e33094e4e3d-FRA
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://tsgos.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 273 KB
99 KB 80ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3047704409027046

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0af76dc6b05ed3fdc3abc8111d17634cdc5c8a8f05f817239bd23d2a20d5013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100872
x-xss-protection: 0
server: cafe
etag: 3337770461616938725
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 10:48:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/ Frame B042 11 KB
5 KB 58ms
21ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3047704409027046

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 06 Dec 2021 21:23:19 GMT
expires: Mon, 20 Dec 2021 21:23:19 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 48295
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
644 B 53ms
17ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tsgos.com&callback=_gfp_s_&client=ca-pub-3047704409027046

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

406982d4efff2f02cac5669738afc7fbd735f558119ee2948c4599c69e034f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
17ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tsgos.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 10:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0697 154 KB
42 KB 378ms
363ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&adk=1812271804&adf=3025194257&lmt=1638874094&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftsgos.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638874094619&bpp=3&bdt=254&idt=116&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1586713457240&frm=20&pv=2&ga_vid=1747039745.1638874095&ga_sid=1638874095&ga_hid=1951554063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31063865%2C31063867%2C31063246%2C31062931&oid=2&pvsid=2065705500978081&pem=346&tmod=459599292&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31829e697a620b2fbb3927da609a0d28cdc79f7867c78f5ef252c7e82e8ce2f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 07 Dec 2021 10:48:15 GMT
server: cafe
content-length: 42534
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Dec 2021 10:48:15 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CED 71 KB
27 KB 494ms
488ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&h=600&slotname=2458497676&adk=646582030&adf=45027081&pi=t.ma~as.2458497676&w=175&fwrn=4&fwrnh=100&lmt=1638874094&rafmt=1&psa=0&format=175x600&url=https%3A%2F%2Ftsgos.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638874094622&bpp=2&bdt=258&idt=132&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1586713457240&frm=20&pv=1&ga_vid=1747039745.1638874095&ga_sid=1638874095&ga_hid=1951554063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=306&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31063865%2C31063867%2C31063246%2C31062931&oid=2&pvsid=2065705500978081&pem=346&tmod=459599292&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6TjivQjMOb&p=https%3A//tsgos.com&dtd=137

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03fa1e7380430817fc65494b4de99f5c90269ba27f1d2c7c989a7aa79ce72820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 07 Dec 2021 10:48:15 GMT
server: cafe
content-length: 27741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Dec 2021 10:48:15 GMT
cache-control: private

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 148 KB
53 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a294ea47d228ebb60589ee745f20396cbd83bdb37fd6e6336a582d65b7b8f6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53770
x-xss-protection: 0
server: cafe
etag: 4673243594286606850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 10:48:15 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tsgos.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 10:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/ Frame 6FBB 11 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 06 Dec 2021 21:27:26 GMT
expires: Mon, 20 Dec 2021 21:27:26 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 48049
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 6FBB 4 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 09:36:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 10:48:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 10:48:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6FBB 205 B
744 B 31ms
7ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:34:25 GMT
x-content-type-options: nosniff
age: 335630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 03 Dec 2022 13:34:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6FBB 604 B
695 B 32ms
7ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:04:11 GMT
x-content-type-options: nosniff
age: 42244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Dec 2022 23:04:11 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 6FBB 19 KB
9 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d71682fbb31fc64ba19097a9eb389593ba1bf9f9f913bef6eaf563eb08c2a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:03:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8210
x-xss-protection: 0
server: cafe
etag: 6499249944067270656
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 10:03:09 GMT

GET
H3 200 6185450823530477362
tpc.googlesyndication.com/simgad/ Frame 5CED 33 KB
33 KB 28ms
9ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6185450823530477362

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&h=600&slotname=2458497676&adk=646582030&adf=45027081&pi=t.ma~as.2458497676&w=175&fwrn=4&fwrnh=100&lmt=1638874094&rafmt=1&psa=0&format=175x600&url=https%3A%2F%2Ftsgos.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638874094622&bpp=2&bdt=258&idt=132&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1586713457240&frm=20&pv=1&ga_vid=1747039745.1638874095&ga_sid=1638874095&ga_hid=1951554063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=306&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31063865%2C31063867%2C31063246%2C31062931&oid=2&pvsid=2065705500978081&pem=346&tmod=459599292&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6TjivQjMOb&p=https%3A//tsgos.com&dtd=137

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4b0454c0f39fa1b6ed290c239176e0b789ac072bf9dd80b0e42c5ad1eeac4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 11:08:48 GMT
x-content-type-options: nosniff
age: 517167
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34167
x-xss-protection: 0
last-modified: Mon, 06 Mar 2017 19:20:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 11:08:48 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 5CED 19 KB
8 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 10:33:06 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 5CED 2 KB
1 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 10:41:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CED 119 KB
37 KB 117ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 10:48:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 5CED 15 KB
6 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 10:32:01 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 5CED 27 KB
11 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e11652e7b04cdcc9c0bc7948055c05aaf8f7c066e6059d52f9b186c55368cb9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11392
x-xss-protection: 0
server: cafe
etag: 7769099329773015066
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 23:17:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5CED 0
0 56ms
55ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CU4Aa7juvYfL1L5GDjuwP456lqArI7JrnXdzL37GaBcbt2LmMDhABILGln44BYDWgAdPxpuQDyAEDqAMByAPJBKoExAFP0I7NFPSA8vWGY7v6xcVq4jlendw8Lf_wyV8MdD3KuxsYJuRHeLqGOge7zDXRCaBbOXdg3937ADG29hDda4xHmEvtxb6WWvDtXg7GrczsVWk3AfbsCnwfINg12abwzk_3LcEMzJ1GntCpQhLi9LbSPP9CMLuEWJh5pSW3TZdsV6FZ_QZHJCxhzhUrGY3xO6phbvaCAPIseNNl_CCSq98yBJQodD0l6ZGyX0ZXtcJVEIt_wVvFS7kMIOnqY13aaN1CxlLRwASDuqfosAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AHlY7ZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIbnGdIIBwiAYRABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMzA0NzcwNDQwOTAyNzA0NhgA&sigh=2Q48V5SddyI&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&h=600&slotname=2458497676&adk=646582030&adf=45027081&pi=t.ma~as.2458497676&w=175&fwrn=4&fwrnh=100&lmt=1638874094&rafmt=1&psa=0&format=175x600&url=https%3A%2F%2Ftsgos.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638874094622&bpp=2&bdt=258&idt=132&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1586713457240&frm=20&pv=1&ga_vid=1747039745.1638874095&ga_sid=1638874095&ga_hid=1951554063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=306&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31063865%2C31063867%2C31063246%2C31062931&oid=2&pvsid=2065705500978081&pem=346&tmod=459599292&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6TjivQjMOb&p=https%3A//tsgos.com&dtd=137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 07 Dec 2021 10:48:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Dec 2021 10:48:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B31F 3 KB
579 B 34ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 09:39:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 10:48:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 10:48:15 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame B31F 1 KB
880 B 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 10:29:42 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame B31F 19 KB
8 KB 19ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 10:33:06 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame B31F 2 KB
1 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 10:41:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B31F 119 KB
37 KB 54ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 10:48:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame B31F 15 KB
6 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 10:32:01 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame B31F 27 KB
11 KB 34ms
12ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:18:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Feb 2022 19:06:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C0E6 143 B
163 B 16ms
12ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3047704409027046&output=html&h=600&slotname=2458497676&adk=646582030&adf=45027081&pi=t.ma~as.2458497676&w=175&fwrn=4&fwrnh=100&lmt=1638874094&rafmt=1&psa=0&format=175x600&url=https%3A%2F%2Ftsgos.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638874094622&bpp=2&bdt=258&idt=132&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1586713457240&frm=20&pv=1&ga_vid=1747039745.1638874095&ga_sid=1638874095&ga_hid=1951554063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=306&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31063865%2C31063867%2C31063246%2C31062931&oid=2&pvsid=2065705500978081&pem=346&tmod=459599292&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6TjivQjMOb&p=https%3A//tsgos.com&dtd=137

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 07 Dec 2021 10:02:18 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB54 143 B
163 B 9ms
8ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 07 Dec 2021 10:02:18 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5CED 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae300350b24d144935836988115a69349ad53d1bdc0f5d421233e18913065ccc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C0E6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

54ms
53ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Dec 2021 10:48:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Dec 2021 10:48:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Dec 2021 10:48:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4293 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13379
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:16:26 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB54
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

68ms
67ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Dec 2021 10:48:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Dec 2021 10:48:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Dec 2021 10:48:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 46A9 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js

Requested by

Host: tsgos.com
URL: https://tsgos.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13379
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:16:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 61ms
31ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211201&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f947bb449993d53d3ffb105c13106c40a5278800e4426cdd209751d102b0707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 10:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8482
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 07 Dec 2021 10:48:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C12C 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 07 Dec 2021 10:33:00 GMT
expires: Wed, 07 Dec 2022 10:33:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FC6F 783 B
535 B 33ms
15ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec2a6ff52d615822fd56ec08d0bb77daef01ea4097b0b30a7d28332c02d556bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VuqEAQFo8TUib1XvEERGbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 Dec 2021 10:48:15 GMT
date: Tue, 07 Dec 2021 10:48:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VuqEAQFo8TUib1XvEERGbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js Show response
pagead2.googlesyndication.com/bg/ Frame C12C 35 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13379
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:16:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FC6F 0
0 62ms
62ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211201&jk=2065705500978081&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211201&jk=2065705500978081&bg=!DQ6lDkrNAAaQHwIOkB87ACkAdvg8WoiCEbBP29CZFmS5x_kuTAkrmNmIjDx-iMBRlyzhhzEaxkY-WAIAAABZUgAAAApoAQeZArFDdo81owzcziKUHBvZlw60mfADT7VLoxr2Xgyqaib8iFXP9JzRBM1PfxfmOUv4H83cNRLPK2x_Zu5x9zceZ_62oIUyAKWJUF2FUpTTAZMMNMAsE4yYIRiBPHSIqw_kT_W6p98N2GUXxmaTqVXjQQqdxJPoOVOCVCmQmb4ernUnQeQxGxDY0GP228z8BW6VjBuONfHpuhVEwYUs_IBbfkXGMx-VKJ_B9cpmRdmWIChiVkKFXg17pexzmDretX1b2tF-8LlBVeR4ZlK51ZvZVxeN_KaSeZxNK1BhUGKxw50Zv_iMvSxXZ4ZgZVSQ201m4zFcuf6xLUQ2B61ALfU0kMrBudCQDYDpZ3_-XULtxoiiBYce1z6WH8QfWj8RE3AZHVFl8vGCOey9FRRQ6WZwpAgJabqssN2Y_KU8hKYgTHeANVKB6Io4tuL67x1J5KdSh93bh40jigspq13kV1DN_CF4Zj-_zoX3wmW7aOc6B32Y7e59VZBOnliThOJ4XW_wAyDfASxpHgEl5SOULb0FnSowz0kP5pTF5CMnoO_yrkCVBWRGCU2WEgoP7lQTR2n9MLj9j79y8XU_tXsTpIYaiSBvPsaxcjKT8UjU_gnv2ZsECEI6isNS-n_jRMJpeySaygo5Gk_FOYTshqvH59jAlLF9ujzquX1QZgsKmk2Z2oLrTd3ZPde7oJ7BxHKKS0nrqVXa9-GtPbR5U-euLHvKvhC7qRPzBTg6lw6_Qffpzi-hSrdqu_MrCkCS_lWngpWL6B5IfVEkyHFHqicUjV4u3VawzyEZi5mSd6y7CfPqDEstV-Qqh8wFsEtMJILa6u5j1XARYaqS8AOnRSPoCTIcgGHPOXBpqq4qRTuHguQ2cKkDOwvnNqJBrO3C9V_A-3InAWDjhgIoTyMlJJ3FtvHrlbhwmA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tsgos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 10:48:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CED 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqQ0aYcdyg_z9tgCExuIdE1OoRZRltlclI8cfcL63FsJjeTNaWdmB-t5vDEOsTeJ8x6ylx1EALttTmPjBb1R5uXTW7XWHeD7aB7mlAREZoFAJ9VGA&sai=AMfl-YTNmlsTVT0KBI-TF5GluC5ViVVhs2ZIksGmwwBMlcdgvCqA-BPnAJrCTK5P1N7OG8DIOBvg77p6FMlE&sig=Cg0ArKJSzPK_pjM1jqcXEAE&id=lidar2&mcvt=1000&p=0,8,600,168&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=646582030&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638874094760&rpt=685&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 10:48:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.juquery.com
URL: http://www.juquery.com/compability.php?0.6367149748892129

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tsgos.com/	1970-01-20 16:45:46	Name: sc_is_visitor_unique Value: rx11968710.1638874095.C3458ED285F34F38E41A601EA1FA8C9D.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-21 19:02:59	Name: is_unique Value: sc11968710.1638874094.0
.statcounter.com/	1970-01-20 16:46:11	Name: is_visitor_unique Value: 1638874094429619206
.tsgos.com/	1970-01-20 08:36:10	Name: __gads Value: ID=9b47bdaae369b81e-2232066548cc004c:T=1638874094:RT=1638874094:S=ALNI_Mb1wy-_SGhzVVO70hnn9ZjSKs8zRg
.doubleclick.net/	1970-01-20 16:45:46	Name: IDE Value: AHWqTUlEKYqJADcI_E-C823Ee3lhdjMKOSX9Lb6aCuQPdcS34rb9OVSMe3xSwnwn9bE
.doubleclick.net/	1970-01-19 23:14:37	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://tsgos.com/wp-content/themes/tsgos/js/js-mainmenu.js?ver=5.7.4 Message: Mixed Content: The page at 'https://tsgos.com/' was loaded over HTTPS, but requested an insecure script 'http://www.juquery.com/compability.php?0.6367149748892129'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
c.statcounter.com
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
secure.statcounter.com
tpc.googlesyndication.com
tsgos.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.juquery.com
www.juquery.com
104.20.229.67
216.58.212.130
2606:4700:3030::ac43:94d3
2a00:1450:4001:803::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:829::200a
2a00:1450:4001:830::2002
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03fa1e7380430817fc65494b4de99f5c90269ba27f1d2c7c989a7aa79ce72820
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d455fbe48a68f48891359a4545c4e3ef5096b24fab909fde8bd534cf9192eef
1074e3f2a00d8da8377da439fe8e2a1e49d61e2af6d2c4ab34de4dbd5e4baa1f
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d71682fbb31fc64ba19097a9eb389593ba1bf9f9f913bef6eaf563eb08c2a7a
20445967c2d0b2ccdb216b16a2952bf07d5d0acc8901e412d02222effbd8d4db
253dc9f5554d2293f37923923dee95b6d425c51adf1f107e1c10690c905d65e1
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2ff32526e7a5abbb6b4ada1892114802b03c79a6c0fa73279e17feb67c3397eb
31829e697a620b2fbb3927da609a0d28cdc79f7867c78f5ef252c7e82e8ce2f4
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
366f102bbfed041461b6ecafcac7c00dd4f6be3da40aa69da2f00a31775093eb
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3aa6da378536786b920c80c12674408789e0d83a619ff727b7d752660bea90f0
3ef36c23fc3bb975205898dffb3ce93e30598f632ef71100c5c99d63c07ad26f
406982d4efff2f02cac5669738afc7fbd735f558119ee2948c4599c69e034f0e
4213eba6c464b3ca6fc71c748e2ba99f63f7f0b624199fd44127da67e40a3003
480e61d81c24f80ac4730a5e07ceb2ad97d1ae2355a72fb30af33db6004ffbf9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f4b0454c0f39fa1b6ed290c239176e0b789ac072bf9dd80b0e42c5ad1eeac4d
4f947bb449993d53d3ffb105c13106c40a5278800e4426cdd209751d102b0707
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5777f6dfc1cb374d58dd5f8932744e3e074f8a4ea61eb80d8b5352bfbd93ae28
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
693beb315db9c326590dc470b805e69d750382319626d598cd94f05a73168995
758a9ed4f241b24b8e21dc7e751c67f3d048a3ffc6f3717a5a9621e05115acc6
7aeac5cb758cd5903c8b911426ac4ab780c51e55b655d4874cfaefd5f8710058
8648530f2dbd2de47da2cb5489a0235e44e5f86b36446a5c7ed52d99f458e7a3
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8b0d0e7c5b7486e204d94e5d9b025cbbc9291940522228972d3076d204008f0a
8dfd03d03215bbe66a10b0d50567f8541b8839ccf7d650234a3658e3752fc4a6
8e0a5ef065b7b9b8e0c3c09774b87c020a6dfc54151bf3f4c84d514173624e6c
969383bfd44ce60d7d1a2993ce4ed18233011d3c8996cdcaf8ca28fe3f0bc8fa
970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894
98acb50a63047f16eac68d34144d1c73ee9fcc80bb9d0767785d5c39bbe4b5a7
9bd35696e3cf95843301222c9451215875b6e279a6d38e8493e2e575f2279e39
9be255b79e70eaae1d5c45ee10a575dcd07e37edf54ee8b5a229c9dfd29cfbbc
a294ea47d228ebb60589ee745f20396cbd83bdb37fd6e6336a582d65b7b8f6d6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad444990772f8f1412283e54b01529bd77e40eec068412dee173ee685a147067
ae300350b24d144935836988115a69349ad53d1bdc0f5d421233e18913065ccc
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b3cbeabb5b498ceab8db507fe474af38aeadfe18ece9449cc25513e261a02cd0
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b8a2b199cbcc12d26562f7c3796b9929d51a772bb02ec8b8b3df3a75aa0b7f68
b90f27b76217a9b142f9f3c5157294d3f2e978045b2ac8c42545949b0ed9915c
b994007d2f4abb80074dd18e5f3352a319857554ac530dceb5f110f329a1f2da
b9b85ab9c5d80e81f67926eb6f08dfa51fb59352a973a8b9e676ca7174754b6c
c0af76dc6b05ed3fdc3abc8111d17634cdc5c8a8f05f817239bd23d2a20d5013
cb9c29ab6c47ccb304e97ac953e5dbba0b70dceaab301c83f04c25348ff0950e
cd6c8d0a9dd980b006b40c5194663fef45dd69875c38630bb91d5b5c9dfdca6a
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
db8d2ade6dc2d26b101bba3127d3476bfacfabf1148cccc34adc654fd6cd448a
e11652e7b04cdcc9c0bc7948055c05aaf8f7c066e6059d52f9b186c55368cb9e
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ec2a6ff52d615822fd56ec08d0bb77daef01ea4097b0b30a7d28332c02d556bc
ed16a2a968148428297b2997f50da2acd51ce125a73ad642f017a0429ae53119
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

tsgos.com Open in urlscan Pro 2606:4700:3030::ac43:94d3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

87 Requests

99 %HTTPS

80 %IPv6

10 Domains

13 Subdomains

11 IPs

3 Countries

1287 kBTransfer

2414 kBSize

6 Cookies

5 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tsgos.com Open in urlscan Pro
2606:4700:3030::ac43:94d3 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

99 %
HTTPS

80 %
IPv6

10
Domains

13
Subdomains

11
IPs

3
Countries

1287 kB
Transfer

2414 kB
Size

6
Cookies

87 HTTP transactions
2 data transactions