gdz.fun Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

• https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//gdz.fun/;0.6001622736475047 HTTP 302
• https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//gdz.fun/;0.6001622736475047

Request Chain 41

• https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A1094109472599%3Ahid%3A966748013%3Az%3A0%3Ai%3A20230425035058%3Aet%3A1682394659%3Ac%3A1%3Arn%3A643934862%3Arqn%3A1%3Au%3A1682394659719964986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C35%2C249%2C2%2C0%2C0%2C%2C335%2C2%2C%2C%2C%2C633%3Aco%3A0%3Acpf%3A1%3Ans%3A1682394658076%3Ast%3A1682394659&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A1094109472599%3Ahid%3A966748013%3Az%3A0%3Ai%3A20230425035058%3Aet%3A1682394659%3Ac%3A1%3Arn%3A643934862%3Arqn%3A1%3Au%3A1682394659719964986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C35%2C249%2C2%2C0%2C0%2C%2C335%2C2%2C%2C%2C%2C633%3Aco%3A0%3Acpf%3A1%3Ans%3A1682394658076%3Ast%3A1682394659&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 43

• https://mc.yandex.ru/watch/53858797?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1064508382770%3Ahid%3A966748013%3Az%3A0%3Ai%3A20230425035058%3Aet%3A1682394659%3Ac%3A1%3Arn%3A539454402%3Arqn%3A1%3Au%3A1682394659719964986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C35%2C249%2C2%2C0%2C0%2C%2C335%2C2%2C%2C%2C%2C633%3Aco%3A0%3Acpf%3A1%3Ans%3A1682394658076%3Arqnl%3A1%3Ast%3A1682394659%3At%3A%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/53858797/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1064508382770%3Ahid%3A966748013%3Az%3A0%3Ai%3A20230425035058%3Aet%3A1682394659%3Ac%3A1%3Arn%3A539454402%3Arqn%3A1%3Au%3A1682394659719964986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C35%2C249%2C2%2C0%2C0%2C%2C335%2C2%2C%2C%2C%2C633%3Aco%3A0%3Acpf%3A1%3Ans%3A1682394658076%3Arqnl%3A1%3Ast%3A1682394659%3At%3A%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 59

• https://mc.webvisor.org/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9983.uqZczaVZlRQsrKhFz81NfnZQLcyKxs-NI_VJi_B50e7d_6VJ8cYf0MinKlWzjuKn._0yDETBRu7MnZE16CPEJpeujZEc%2C HTTP 302
• https://mc.webvisor.org/sync_cookie_image_decide?token=9983.0-uifC1db2ngsdF2vYQDRq7pTrqZXQCOH_YH9_ux3ZcPqx3JY-X-wXOwoyVPa4hgbI5g3FJ6AOXOhgtb57ueKind53YrqVxv2bAZfidCEG5BI8Ep8HvhuVyJpqk5tS1RlU8mGsDq90n79gexgdjojf3RcDxwtWdnHKq0QmcyXN8Y8yyeD414GBrBlLKaNoBwYMAVzRXvMRUGnz63BL7PhBMWf6QSVr9so_YZhIrchbA%2C._zAZrEvGNzWlZXalQQPKRoCVvLc%2C

Request Chain 145

• https://counter.yadro.ru/hit?t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04402;0.17496194489547 HTTP 302
• https://counter.yadro.ru/hit?q;t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04402;0.17496194489547

Request Chain 205

• https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=1875650&tail256=bazr.ru HTTP 302
• https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=1875650&tail256=bazr.ru&tuid=-4887608144

Request Chain 211

• https://moevideo-sync.rutarget.ru/sync HTTP 302
• https://rtb.moe.video/cs?b=w94xJ5EARZ8M&d=1

Request Chain 213

• https://px.adhigh.net/p/cm/moevideo HTTP 302
• https://px.adhigh.net/p/cm/moevideo?bounced=1

Request Chain 214

• https://sync.bumlam.com/?src=moe2&uid=8000c9ede62382490c93 HTTP 302
• https://sync.bumlam.com/?src=moe2&s_data=CAIQARimnJ2iBmIUODAwMGM5ZWRlNjIzODI0OTBjOTOiARBl2kLU4xwR7YbgACWQwGR8

Request Chain 215

• https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570 HTTP 302
• https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5749142833

Request Chain 216

• https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D HTTP 301
• https://cs-0.moevideo.biz/ssp/cs?d=81&b=c014ae8e-b654-49bc-59dd-e44ca12d6083

Request Chain 217

• https://sync.upravel.com/moevideo/sync HTTP 302
• https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
• https://cs-0.moevideo.biz/ssp/cs?d=91&b=96114934-d084-4460-bbfc-2415d6d75710

Request Chain 220

• https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
• https://cs-0.moevideo.biz/ssp/cs?d=161&b=c21bf223-7fd8-5273-82ed-b87fe6aaf659

Request Chain 221

• https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/native%3Fid%3Dmv-content-roll-3779%26slot%3Dcontent%26api%3D2.0%26ref%3Dbazr.ru%26frp%3DaHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x%26instream%3D HTTP 307
• https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-3779%26slot%3Dcontent%26api%3D2.0%26ref%3Dbazr.ru%26frp%3DaHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x%26instream%3D&bounce=1&random=2618181405 HTTP 302
• https://rd.frontend.weborama.fr/rd?key=wamsync HTTP 307
• https://rd.frontend.weborama.fr/rd?key=wamsync&bounce=1&random=2828828560 HTTP 302
• https://dx.frontend.weborama.com/collect?dsp_id=0&eid=PjIjLmyS34I@

Request Chain 222

• https://match.new-programmatic.com/userbind?src=moevideo&id=8000c9ede62382490c93 HTTP 302
• https://cs-0.moevideo.biz/ssp/cs?d=111&b==

Request Chain 223

• https://inv-nets.admixer.net/adxcm.aspx?ssp=03012A8F-9C5C-4F0A-B5C5-EF2E17D61EBD&id=8000c9ede62382490c93 HTTP 302
• https://m.trafmag.com/images/1px-matching-go2net.gif?id=e8e655f9563e4027b5de52545de2f1c3

Request Chain 224

• https://kimberlite.io/rtb/sync/moevideo?u=8000c9ede62382490c93 HTTP 307
• https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fweborama%3Fu%3D%7BWEBO_CID%7D%26f%3Dhttps%253A%252F%252Fcs-0.moevideo.biz%252Fssp%252Fcs%253Fd%253D201%2526b%253DZEdOJjIeG-s%26n%3D1 HTTP 302
• https://kimberlite.io/rtb/sync/weborama?u=rYdK4s0HaqRgBcUvt/TjPe&f=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D201%26b%3DZEdOJjIeG-s&n=1 HTTP 307
• https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZEdOJjIeG-s HTTP 301
• https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZEdOJjIeG-s HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=52264a0c-31de-4f17-896f-8d283152f65a&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FUiZKDDHeTxeJb40oMVL2Wg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D1663480042 HTTP 302
• https://an.yandex.ru/setud/mts_banner/UiZKDDHeTxeJb40oMVL2Wg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1663480042

Request Chain 226

• https://sm.rtb.mts.ru/p?ssp=moevideo&id=8000c9ede62382490c93 HTTP 301
• https://sm.rtb.mts.ru/match/second?ssp=22&exu=8000c9ede62382490c93 HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=52264a0c-31de-4f17-896f-8d283152f65a&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D22%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
• https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D22%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
• https://sm.rtb.mts.ru/em?next=22&em=1&ssp=konnektu&id= HTTP 301
• https://cs-0.moevideo.biz/ssp/cs?d=121&b=52264a0c-31de-4f17-896f-8d283152f65a

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
14 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gdz.fun/	173 KB 9 KB	296ms 249ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gdz.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash 0f216e29beb31aaa0da25ce3af718d9d17887e35c2f833d717b91e96b353e995 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://gdz.fun https://bazr.ru https://advideo.ru alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7bd39ff54bb4b6f8-AMS content-encoding br content-type text/html; charset=UTF-8 date Tue, 25 Apr 2023 03:50:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLyZocwthpTJoCBSj0xZw8Esn%2BkX8sTQMz2oX0uDyDNB9CiaxguUikEr0sOtVPus2nKpnrDEJxyfqpqmD1Oyg6guW1ADNXnCTNi11BSe3ytWK5ffiG8P8vtpJrsxb%2BnvxWxA%2Bcyb"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.40
GET H2	200	openapi.js Show response vk.com/js/api/	104 KB 23 KB	169ms 42ms	Script application/x-javascript	87.240.132.78 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/js/api/openapi.js?150 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv78-132-240-87.vk.com Software kittenx / Resource Hash 2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding br x-frontend front225205 last-modified Fri, 02 Dec 2022 07:14:40 GMT server kittenx etag "6389a5e0-5b16" content-type application/x-javascript access-control-expose-headers X-Frontend cache-control max-age=345600 content-length 23318 expires Sat, 29 Apr 2023 03:50:58 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	135 KB 47 KB	179ms 109ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c0435d867ce60ee634e45c2b18adaaabfbd2bcb558eda0caf99c9eb5d3cc51e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47342 x-xss-protection 0 server cafe etag 11706493045659036342 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 25 Apr 2023 03:50:58 GMT
GET H2	200	index.d3d43097f717f714f44a.css gdz.fun/build/assets/css/	23 KB 6 KB	22ms 22ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45e8cf0daec45bbf1afbf1adadbe44daac2d00c46223cca1db8b3f31ad328763 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1875980 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Mon, 27 Feb 2023 12:56:14 GMT server cloudflare etag W/"63fca86e-5cb5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRqiDM%2BKf%2F907%2FsVF5sb24PiLO23%2Bz6zmrFmBV5CdYLM11c7AN8EFyOc3HbeHRg9C0wZXNTukxUUVIiDJ4MowDL25CJBPBFXqKIp8Yijxa7LRMEoraO6xos5wqF94K9jgEeUK%2Fya"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=2592000 cf-ray 7bd39ff6ec2fb6f8-AMS expires Wed, 03 May 2023 10:44:38 GMT
GET H3	200	1.png gdz.fun/img/	2 KB 2 KB	22ms 20ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/1.png Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ccd99b4d8efb07f1583526b52bd05a10f55a4aa4826f1d77c416e435a6321a5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 162061 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1675 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-68b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JP4WavPRp7gDUr0sKrvfs6BedJiuj8edCvWZ%2B09MPksMCnAla%2BbRzJVOFcN%2B0ggdTn5pkCjbovu4r7Q0%2BjmuKzGXCoFN9wCY%2FOF7SvyqEpgLQk%2FKdQ96TxTPi2euQY8qowknfDq"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849e50b5e-AMS expires Tue, 23 May 2023 06:49:57 GMT
GET H3	200	2.png gdz.fun/img/	2 KB 3 KB	39ms 36ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/2.png Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5621b1145fb2f42e5c394f47d3446150e5f463c38f90727c5aba4652000e503 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 162061 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2433 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-981" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wREyxll8Im0JJyuOqfLJLP08BFwUfUhar33Z8JdZW6EHDlYCH5%2FiYMAOIsQzoYzlUOcECCgXvkDGpiKogcjhMYubgPymO%2Fdl11WdoUwFGBvWxPwzXAnWmP7cyxlTdvvwyPwnpSO"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849e70b5e-AMS expires Tue, 23 May 2023 06:49:57 GMT
GET H3	200	3.png gdz.fun/img/	2 KB 3 KB	36ms 34ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/3.png Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf8f6fc480553227663d734086fe1d999aabc7e7a3e1df3437b5607a8b58beff Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 922052 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2489 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-9b9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mG524M7MgM3NonUN%2FqSiFC315UvVoBsoCUaL%2FUpmfO0A3stXnz64PNbcwdq2eEtsfEvK7f7dvfucgJJLftz2MJR32z3HFAWFXIplBaGk7Hwo%2BTzArUxKDG6zf6nJMlldwPgAeWd1"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849e80b5e-AMS expires Sun, 14 May 2023 11:43:26 GMT
GET H3	200	4.png gdz.fun/img/	2 KB 3 KB	37ms 35ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/4.png Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6a0f1bd5c9d4d922b7abd16111f803453855e93927c1a52bd6b977856189b75 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 67372 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2176 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-880" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1BHcXkzZeXdcb9%2F29amefw2eqwMHO7nN%2FhQr5skQR9ZIVJ9ZBV6YbC30AAYBcl4yZfSJC5NtEfwHOnGGDHu7F5yU%2B1qlhhnrzczBOMiS3aFC1boObNC4wx2qtLuKTVIoHVWPiTE"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849e90b5e-AMS expires Wed, 24 May 2023 09:08:06 GMT
GET H3	200	5.png gdz.fun/img/	2 KB 3 KB	35ms 33ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/5.png Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15068ce173b5f59720a278d34c5d8bf34ea304f9f07749c10f07773dfecdc116 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 922052 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2500 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-9c4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yx6h9MQsn%2B7h9ht3pdUHg7KgJYX8a2h5q%2FK%2Ff9FEzJTMzZFcUaddi%2F8p8dc1H0tnPd1Wto9v08vySadLM7PK62MM6dc%2FmEpSoaCX6JtAoFpJyAULg2Qwy5kTVsJ2mzUc7rVWCznW"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849ea0b5e-AMS expires Sun, 14 May 2023 11:43:26 GMT
GET H3	200	6.png gdz.fun/img/	2 KB 3 KB	115ms 114ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/6.png Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d61c7a0eb55637e24d168b7c74fe513992fbaa34b91b5567ee81f6f6e6e3687 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1025235 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2390 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-956" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKSZ%2FPQfP1c2a0aX5Tp4HVStyT1SyrkQAzagIvcQ2Gp1YzwpBqRQ1zmiY82dnnyVZz3bNPVRFynmKe8WHpKKG8M9IIUninN4YoTJ2UCRUUGcnLK1ipfmSg0OCbfcd9Gs2d63olHg"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849eb0b5e-AMS expires Sat, 13 May 2023 07:03:43 GMT
GET H3	200	7.png gdz.fun/img/	2 KB 3 KB	90ms 88ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/7.png Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f1f89123032d9a70ff9f5d98480062f69ac1a9e580a2bf6ac0eb3e38ac7e8c6 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 162061 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2107 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-83b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKcdkVjaEvybym%2B%2FT1BtH0lEcV%2FY6M5HIKhGGl80o1AacOimDRbvyLirBcism7twF0eK9aroUcSVr4OIL3q%2Be6CYnYQKrom1Z4hkYuaIYwylVvNJ6wwORJsOy77pRDPP2p5yRnxu"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849ec0b5e-AMS expires Tue, 23 May 2023 06:49:57 GMT
GET H3	200	8.png gdz.fun/img/	2 KB 3 KB	48ms 46ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/8.png Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d989782ba2e619a35b3379f514bcc66a773e09212318f126a688fa59f42c5852 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 922052 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2518 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-9d6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8C384GdRs9KtlaKRlhD0uWbuzL5qGaFh4yjVhjtCwjOm6J6sfV7xjfQ8YKhaooHbvfkxPFaLLONlG0WuV75oIA%2B%2Bnn3VBruvuSby9WPtq%2FbBmzhbNEFWo9Cew7%2BxMUZY6pzpH%2Fpe"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849ed0b5e-AMS expires Sun, 14 May 2023 11:43:26 GMT
GET H3	200	9.png gdz.fun/img/	2 KB 3 KB	38ms 36ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/9.png Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9874a79199dea3848fa76aa85191a10bc396746b6f83b696038de72842bc7990 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2308131 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2346 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-92a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9dO53TOKw%2FKSnc6qQQ6sRRlio6JEpNDdaWEZzzl%2FgCXsovi%2F6FporM5Ih4MIW8EFdYiKChB7p7H5dsbL8UKzF6Jy4JeqA5s8O6p4Zp%2FNZvrahKkY7AZ1%2BjIEnOqBxvo10UMyl1c"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849ee0b5e-AMS expires Fri, 28 Apr 2023 10:42:07 GMT
GET H3	200	10.png gdz.fun/img/	3 KB 4 KB	36ms 35ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/10.png Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91c3ed18d67e4991eab66a6c94eb46f9f5642770e6a63c3d9d8e8b93b554a721 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 922052 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3113 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-c29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnvnyG80Ib9w0TmCeJikXZwyUVaTRklRy1xj%2BZyaCBPfrwDoS1%2BC%2BQLrKYZAs83jYWLdkbr%2BM9eyXPbJ4crMPFxW9leV2tMuvzqoIT3IDaGNge82LzVzzJnwonyx6hYFQ5BOjfzK"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849ef0b5e-AMS expires Sun, 14 May 2023 11:43:26 GMT
GET H3	200	11.png gdz.fun/img/	2 KB 3 KB	49ms 48ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/11.png Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db5d533abb20cd17fe6323f4202b9cf83b063ad023310bd3d88c5cbda077cd1b Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 922052 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2290 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-8f2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9v6aif7fCq2LpzqnpDbSYTHOgjuaJM1bP1QoCHZZyXehEzVRp%2FkbdAb3spWW1LnwOhUYiYxyv3eERNJry1W0zRyS3fLtHlB%2FARrYDXhC7H3p0WczQKDjCFErTeBfQdQLq1LMTAUU"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849f00b5e-AMS expires Sun, 14 May 2023 11:43:26 GMT
GET H2	200	usocial.js Show response usocial.pro/usocial/	5 KB 2 KB	153ms 71ms	Script application/javascript	185.129.100.122 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://usocial.pro/usocial/usocial.js?v=6.1.4 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / PHP/7.4.24 Resource Hash b6cb38e7943cacaac857705ddf6e9534d8e60bf86006feea8a1737ddfa148ef9 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; date Tue, 25 Apr 2023 03:50:58 GMT content-encoding br server ddos-guard age 0 x-powered-by PHP/7.4.24 vary Accept-Encoding content-type application/javascript; charset=utf-8 ddg-cache-status MISS
GET H3	200	email-decode.min.js Show response gdz.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	19ms 19ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gdz.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 Apr 2023 16:29:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"643ec584-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XU%2Bghkcqgv2YikqTXkR%2BPuY%2F%2FmB9XtOmKQRQhUXlUnkr%2FA3Ue9PZnRHS1IiwdDHY9OzcCjEL%2FRXhh0r2e1msXhuJu5nNydi8pZEhd6uv4%2BIjHmkpPlCShQLJvV%2FRADryeW4tpXPF"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 7bd39ff839db0b5e-AMS expires Thu, 27 Apr 2023 03:50:58 GMT
GET H3	200	vendors.68325d94f2ede5da7840.js Show response gdz.fun/build/assets/js/	193 KB 63 KB	79ms 78ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9166fe3447219848f248c3bb9b052a948baf8b10713be00b9e1e89ebae15720 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2368456 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Mon, 27 Feb 2023 12:56:14 GMT server cloudflare etag W/"63fca86e-3044d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouU16a%2FmumeDCsEkA4vM7u%2B8Uyy8u5jaZsC02f1oHV93PcFB5EJ%2Bq0b8JROZkmCFqP3KkQ7w9MrTpT7DXZ1zdwLksXi2NESOTyzckIiBDPOlRVpN%2FFD%2FC00dnX1fDeXCkGIanDAo"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 7bd39ff839e00b5e-AMS expires Thu, 27 Apr 2023 17:56:42 GMT
GET H3	200	index.e4be5bb18d2ebbe3d3ec.js Show response gdz.fun/build/assets/js/	21 KB 9 KB	23ms 22ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gdz.fun/build/assets/js/index.e4be5bb18d2ebbe3d3ec.js Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eaec0b5d43c86d9c734fdbb6f6d2e393e0ee6905950396c37e30e84b915c277 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 227976 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Mon, 27 Feb 2023 12:56:14 GMT server cloudflare etag W/"63fca86e-53dd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yg0LWqw4kXfJhbgKMsIImKQGT%2FE9ReqMAFY93daveK9drZE8%2FjOAFRwjObSz1PBiV0WUnnnadoEs5NgXGg4y1Bu7rxqNJR3%2FZ4Uwg6JMummbSwR3T1MKo05WwjdKVcxEdzImSCsc"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 7bd39ff849e40b5e-AMS expires Mon, 22 May 2023 12:31:22 GMT
GET H3	200	bg.png gdz.fun/img/	7 KB 8 KB	48ms 47ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/bg.png Requested by Host: gdz.fun URL: https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dfcd684d3ded36f1cb5e4993cfd81df93dbdc969ac2540eb8257e30d33aaac4d Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2229236 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7609 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-1db9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flW18%2BXfk75psifUWo%2ByMeI823zvecvOdUbvKkPNRBeEBZh8Zb7mXJBHbdjkvP7mss2OZGRRvcEcdg7IqlGx9hKCfkTaoDVBYdZ1FRhunwHBrckr%2FVErSuAJ9r8n8ZLwGOBUUcyB"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849f10b5e-AMS expires Sat, 29 Apr 2023 08:37:02 GMT
GET H3	200	arrow.png gdz.fun/img/	215 B 731 B	47ms 47ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gdz.fun/img/arrow.png Requested by Host: gdz.fun URL: https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1db1c23ec42a6bc60d10989af067dd619ca65f356f06d649b3cd4365abb59f4a Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1351914 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 215 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fe4lQbRoRthIBNUuMxF4yQZPloes1faxTxw8tQt7EL7z73jR09gnefTc8DbdyX3gRUI94IXIs7jvIZPDyNh3nF37GRwV7vxAwEOGr7L5bGyZYLM6rpYnKl1g6NXBJqSotWJs5lpP"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849f20b5e-AMS expires Tue, 09 May 2023 12:19:04 GMT
GET H3	200	PT_Sans-Narrow-Web-Regular.ttf gdz.fun/build/assets/fonts/	217 KB 218 KB	86ms 86ms	Font application/octet-stream	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gdz.fun/build/assets/fonts/PT_Sans-Narrow-Web-Regular.ttf Requested by Host: gdz.fun URL: https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7953b4c69887d13b8242512869243830ac5dd9f64d521736ec46b0f5e6208d1 Request headers Referer https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css Origin https://gdz.fun accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1446713 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 222568 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-36568" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e6nMs0JH0kVIdqUGr3nZjY6WxCEi4Oh0LkX4kqCFaJ8O18gK80%2FslNxstmNO%2BAA0HYdwjRyH1vbDg7u2FmRZImfedWVrDu3EzVoceHEvgYuOFFuuBA%2F2SEPB2jbBxCKEPEI%2FP8D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849f30b5e-AMS expires Mon, 08 May 2023 09:59:05 GMT
GET H3	200	Roboto-Bold.ttf gdz.fun/build/assets/fonts/	167 KB 167 KB	47ms 47ms	Font application/octet-stream	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gdz.fun/build/assets/fonts/Roboto-Bold.ttf Requested by Host: gdz.fun URL: https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86 Request headers Referer https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css Origin https://gdz.fun accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2356097 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 170760 pragma public last-modified Mon, 27 Feb 2023 12:56:15 GMT server cloudflare etag "63fca86f-29b08" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNFQV5HMcupgqH16mvs7NLg%2BYR6LDTJdEFzD%2FqhLLln5WyHgRBrlDEgZCBarNcetykUBGEOl0%2BKaxlIi7HRs%2ByJd6Z6GJ8KngE1IKco4mUXkYGaRosal2SPwd1Za9oA3WjiaNCvA"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7bd39ff849f40b5e-AMS expires Thu, 27 Apr 2023 21:22:40 GMT
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/	354 KB 119 KB	85ms 84ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f955ff13c82f056691478d01ed8fd04eab2f6f6ea770ed602c0402c1763e6bb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 121809 x-xss-protection 0 server cafe etag 18170147857899258206 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 25 Apr 2023 03:50:58 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/ Frame 1977	10 KB 5 KB	69ms 20ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 34146 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 24 Apr 2023 18:21:52 GMT etag 2378337311435320485 expires Mon, 08 May 2023 18:21:52 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	index.js Show response gdz.fun/media/	5 KB 3 KB	27ms 27ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gdz.fun/media/index.js?1677502575 Requested by Host: gdz.fun URL: https://gdz.fun/build/assets/js/index.e4be5bb18d2ebbe3d3ec.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d031f464130ac6bd181b343bbcf8df9aa8bfd843b65946f8f34a3b8c1e63ef19 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 799 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Tue, 07 Sep 2021 06:24:27 GMT server cloudflare etag W/"6137059b-124c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aipMA3Ueo4nLcO3QEZhUHHJ9wRb8It7Qiw8cDiz%2FgQNCHmVMURSklPIlSU82azV07tYdmyWAOTm%2FYbdRfB4XVN2RQYVvkioYIEhsgWuAbKP1yQHDBFqwuZ9rOEYXFA%2B8HM6gDjHt"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin https://gdz.fun https://bazr.ru https://advideo.ru cache-control public, max-age=14400 access-control-allow-credentials true cf-ray 7bd39ff8ea650b5e-AMS expires Tue, 25 Apr 2023 03:56:34 GMT
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//gdz.fun/;0.6001622736475047 https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//gdz.fun/;0.6001622736475047	43 B 528 B	53ms 52ms	Image image/gif	88.212.201.204 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//gdz.fun/;0.6001622736475047 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol HTTP/1.1 Server 88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host204.rax.ru Software nginx/1.17.9 / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 Apr 2023 03:50:58 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type image/gif P3P policyref="/w3c/p3p.xml", CP="UNI" Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Length 43 Expires Sun, 24 Apr 2022 21:00:00 GMT Redirect headers Pragma no-cache Date Tue, 25 Apr 2023 03:50:58 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type text/html Location https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//gdz.fun/;0.6001622736475047 P3P policyref="/w3c/p3p.xml", CP="UNI" Cache-control no-cache Connection keep-alive Content-Length 32 Expires Sun, 24 Apr 2022 21:00:00 GMT
GET H/1.1	200 OK	0.9627818370794017 mc.gdz.work/	43 B 295 B	223ms 58ms	Image image/gif	185.191.197.56 ESERVER
General Check archive.org Show headers Download Go to Show image Full URL https://mc.gdz.work/0.9627818370794017?e=eyJ0eXBlIjoiaGl0IiwiZGF0YSI6W119&u=https%3A%2F%2Fgdz.fun%2F Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.191.197.56 , Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS Software nginx/1.22.1 / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:50:58 GMT Server nginx/1.22.1 Connection keep-alive Content-Length 43 Content-Type image/gif
GET H3	200	data.json Show response gdz.fun/media/	17 KB 2 KB	216ms 216ms	XHR application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gdz.fun/media/data.json Requested by Host: gdz.fun URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.0.33 Resource Hash a9c404b6b915758ccf256401134c07f48b7cd818f9dccf7518daf98dc2df535e Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://gdz.fun/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma public date Tue, 25 Apr 2023 03:50:58 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.0.33 x-ratelimit-remaining 59 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKJlfqAtJBmNMgKIjk6oTu10Fi6Ro9py3%2FAjBE8U6T60FkbnIUYvD0moLC7A%2B15zRpKLmT28GvVYdbMGzFm0qkFDlzGdpnWGj5sfuBmW%2Fy%2FPYIzR0borIZVi5aa94lDS%2FVOdZVZ3"}],"group":"cf-nel","max_age":604800} content-type application/json cache-control max-age=1800, public x-ratelimit-limit 60 cf-ray 7bd39ff93ac30b5e-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 25 Apr 2023 04:20:58 GMT
GET H2	200	usocial.share.js Show response usocial.pro/usocial/	39 KB 11 KB	18ms 18ms	Script application/javascript	185.129.100.122 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://usocial.pro/usocial/usocial.share.js?js=7.1.5 Requested by Host: usocial.pro URL: https://usocial.pro/usocial/usocial.js?v=6.1.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 334cda11e7aa1e23faad3fb7eb37ec5a54c98e54291f4faa30aa4bd97db88e15 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; date Tue, 25 Apr 2023 03:49:36 GMT content-encoding br age 83 content-length 10816 last-modified Fri, 29 Jan 2021 14:35:50 GMT server ddos-guard etag "60141d46-9c68" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * ddg-cache-status HIT access-control-expose-headers Content-Length,Content-Range cache-control max-age=300, public access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	uscl.css usocial.pro/usocial/css/	397 KB 26 KB	21ms 20ms	Stylesheet text/css	185.129.100.122 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://usocial.pro/usocial/css/uscl.css?v=7.1.5 Requested by Host: usocial.pro URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 1a875e0abd8b4a044ca48094a7e067a52388c0d022efbe77d995af2f1b26bce8 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; date Tue, 25 Apr 2023 03:48:08 GMT content-encoding br age 170 content-length 26246 last-modified Tue, 04 Feb 2020 13:54:50 GMT server ddos-guard etag "5e3977aa-6335e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * ddg-cache-status HIT access-control-expose-headers Content-Length,Content-Range cache-control max-age=300, public access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	uscl.woff2 usocial.pro/usocial/fonts/	7 KB 7 KB	89ms 61ms	Font font/woff2	185.129.100.122 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://usocial.pro/usocial/fonts/uscl.woff2?n2tjsc Requested by Host: usocial.pro URL: https://usocial.pro/usocial/css/uscl.css?v=7.1.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 485e3c6dee567f7280fa8a0224612e00bfb502cc239e175deda45147339aba40 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Referer https://usocial.pro/usocial/css/uscl.css?v=7.1.5 Origin https://gdz.fun accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; date Tue, 25 Apr 2023 03:50:58 GMT content-encoding gzip age 0 content-length 6839 last-modified Mon, 29 Mar 2021 13:57:09 GMT server ddos-guard etag "6061dcb5-1aa0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type font/woff2 access-control-allow-origin * ddg-cache-status MISS access-control-expose-headers Content-Length,Content-Range cache-control max-age=300, public accept-ranges bytes access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	tag.js Show response cdn.jsdelivr.net/npm/yandex-metrica-watch/	213 KB 86 KB	59ms 28ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Requested by Host: usocial.pro URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8f0f56344362696c76f83dea699bb8faa81830d16a3bcf3250a49b40d31b9e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 27177 x-jsd-version 1.269.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra-eddf8230100-FRA, cache-yyz4525-YYZ x-jsd-version-type version server cloudflare etag W/"3555d-StYezTX7IGqidM7BkrBhk1pf6ek" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0t5vhfc7FCBR92KUHWXg8VtOiv5O8SxAgJ4b7h5KY3mbtEQAiwLTaEz4CzJbAGq7b6mjUOcescWvwpURanuIYw8jPMIxcL3MTz3%2BQXUBLI9ZMfP5oaonrqm7iQJDYzw3zkvfUhwPoIUXxuPvAg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 7bd39ff9db770b60-AMS
GET H2	200	share.php Show response vk.com/	21 B 568 B	52ms 51ms	Script text/html	87.240.132.78 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/share.php?act=count&index=0&url=https://gdz.fun/&callback=uSocialShare.uShare.CallbackRegistry.cb438123 Requested by Host: usocial.pro URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv78-132-240-87.vk.com Software kittenx / KPHP/7.4.113700 Resource Hash a349ff483262fec531ee2cc40ab8db69c967ee32ff16e2508b4fda2d9a5b4ea7 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding gzip x-frontend front225205 strict-transport-security max-age=15768000 server kittenx x-powered-by KPHP/7.4.113700 content-type text/html; charset=windows-1251 access-control-expose-headers X-Frontend cache-control no-store content-length 41
GET H2	200	dk Show response connect.ok.ru/	11 B 2 KB	226ms 56ms	XHR application/json	217.20.147.3 VK-AS
General Check archive.org Show headers Download Go to Full URL https://connect.ok.ru/dk?st.cmd=extLike&tp=json&ref=https://gdz.fun/ Requested by Host: gdz.fun URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.20.147.3 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS ip3.147.odnoklassniki.ru Software apache / Resource Hash 6aea6dfe6561984cdc5c54ead84d47d2cf29e48253ae282aef237404adad4661 Security Headers Name Value Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report; Strict-Transport-Security max-age=63072000;includeSubdomains;preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:59 GMT content-security-policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report; x-content-type-options nosniff strict-transport-security max-age=63072000;includeSubdomains;preload content-encoding br content-security-policy-report-only default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always; rendered-blocks WidgetExtLike x-xss-protection 1; mode=block pragma no-cache server apache vary Accept-Encoding content-type application/json;charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	share_count Show response connect.mail.ru/	61 B 682 B	186ms 59ms	Script text/javascript	94.100.180.54 VK-AS
General Check archive.org Show headers Download Go to Full URL https://connect.mail.ru/share_count?url_list=https://gdz.fun/&callback=0&func=mail&callback=uSocialShare.uShare.CallbackRegistry.cb508824 Requested by Host: usocial.pro URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.100.180.54 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS connect.mail.ru Software nginx / Resource Hash 52c08cdea4207c2e87bcd2989fa162051da50f790c2a818eed709290a3a66cc5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:50:58 GMT x-content-type-options nosniff Server nginx x-webkit-csp-report-only default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript: x-frame-options DENY Content-Type text/javascript; charset=UTF-8 p3p policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA" cache-control no-cache, no-store, must-revalidate, private x-envoy-upstream-service-time 3 Connection keep-alive Content-Length 61 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	200	shares Show response usocial.pro/data/	38 B 229 B	83ms 62ms	XHR text/html	185.129.100.122 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://usocial.pro/data/shares?providers=fb,twi,telegram&url=https://gdz.fun/ Requested by Host: gdz.fun URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / PHP/7.4.24 Resource Hash c82a52cc2f5542e0c0390f2d4c0e3be7147fcdfcffcd946e556e4dbfb128ba04 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; date Tue, 25 Apr 2023 03:50:58 GMT content-encoding gzip server ddos-guard x-powered-by PHP/7.4.24 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	381 B 601 B	113ms 40ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=gdz.fun&callback=_gfp_s_&client=ca-pub-2891046647766967 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d8a946c25091654fc71f01f08ef0a70cea937132f4cc2562f1f2e8366a06426b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 250 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.nl/adsid/	107 B 531 B	90ms 33ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.nl/adsid/integrator.js?domain=gdz.fun Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	88ms 32ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=gdz.fun Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:58 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame E17D	416 KB 85 KB	285ms 284ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&adk=1812271804&adf=3025194257&lmt=1682394658&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_r&format=0x0&url=https%3A%2F%2Fgdz.fun%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658624&bpp=11&bdt=249&idt=243&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=658926926049&frm=20&pv=2&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e7d5f116b80c37be5cedc51fbfed3ddeec8f5e55d82d0839d52596adf52dd7d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 86932 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 25 Apr 2023 03:50:59 GMT expires Tue, 25 Apr 2023 03:50:59 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame F216	102 KB 34 KB	207ms 206ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3d740ff2f1773f2e5c8ed49b143fb46916fefab5eb64b0141079d0fc831a1c6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 34929 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 25 Apr 2023 03:50:59 GMT expires Tue, 25 Apr 2023 03:50:59 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	1 Show response mc.yandex.ru/watch/3/ Redirect Chain https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3... https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...	264 B 300 B	61ms 61ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A1094109472599%3Ahid%3A966748013%3Az%3A0%3Ai%3A20230425035058%3Aet%3A1682394659%3Ac%3A1%3Arn%3A643934862%3Arqn%3A1%3Au%3A1682394659719964986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C35%2C249%2C2%2C0%2C0%2C%2C335%2C2%2C%2C%2C%2C633%3Aco%3A0%3Acpf%3A1%3Ans%3A1682394658076%3Ast%3A1682394659&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 06a7fa3440affba61377404bbd3123f85596ef8994ac8899989da85be21fef03 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:50:59 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 25-Apr-2023 03:50:59 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://gdz.fun cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 264 x-xss-protection 1; mode=block expires Tue, 25-Apr-2023 03:50:59 GMT Redirect headers pragma no-cache date Tue, 25 Apr 2023 03:50:59 GMT strict-transport-security max-age=31536000 last-modified Tue, 25-Apr-2023 03:50:59 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/3/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A1094109472599%3Ahid%3A966748013%3Az%3A0%3Ai%3A20230425035058%3Aet%3A1682394659%3Ac%3A1%3Arn%3A643934862%3Arqn%3A1%3Au%3A1682394659719964986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C35%2C249%2C2%2C0%2C0%2C%2C335%2C2%2C%2C%2C%2C633%3Aco%3A0%3Acpf%3A1%3Ans%3A1682394658076%3Ast%3A1682394659&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 access-control-allow-origin https://gdz.fun cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 25-Apr-2023 03:50:59 GMT
GET H2	200	advert.gif mc.yandex.ru/metrika/	43 B 511 B	171ms 56ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:59 GMT strict-transport-security max-age=31536000 last-modified Fri, 21 Apr 2023 13:01:10 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "64425ee6-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Tue, 25 Apr 2023 04:50:59 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/53858797/ Redirect Chain https://mc.yandex.ru/watch/53858797?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3... https://mc.yandex.ru/watch/53858797/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala...	454 B 573 B	61ms 60ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/53858797/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1064508382770%3Ahid%3A966748013%3Az%3A0%3Ai%3A20230425035058%3Aet%3A1682394659%3Ac%3A1%3Arn%3A539454402%3Arqn%3A1%3Au%3A1682394659719964986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C35%2C249%2C2%2C0%2C0%2C%2C335%2C2%2C%2C%2C%2C633%3Aco%3A0%3Acpf%3A1%3Ans%3A1682394658076%3Arqnl%3A1%3Ast%3A1682394659%3At%3A%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 7c88f9e9ba6130bc33ecc6daa18a42b265e7f05806dfa653431d4c067bf10727 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:50:59 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 25-Apr-2023 03:50:59 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://gdz.fun cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 454 x-xss-protection 1; mode=block expires Tue, 25-Apr-2023 03:50:59 GMT Redirect headers pragma no-cache date Tue, 25 Apr 2023 03:50:59 GMT strict-transport-security max-age=31536000 last-modified Tue, 25-Apr-2023 03:50:59 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/53858797/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1064508382770%3Ahid%3A966748013%3Az%3A0%3Ai%3A20230425035058%3Aet%3A1682394659%3Ac%3A1%3Arn%3A539454402%3Arqn%3A1%3Au%3A1682394659719964986%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C35%2C249%2C2%2C0%2C0%2C%2C335%2C2%2C%2C%2C%2C633%3Aco%3A0%3Acpf%3A1%3Ans%3A1682394658076%3Arqnl%3A1%3Ast%3A1682394659%3At%3A%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 access-control-allow-origin https://gdz.fun cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 25-Apr-2023 03:50:59 GMT
GET H2	200	advideo_init.js Show response cdn.advideo.ru/videocontent/global/js/v2/	38 KB 15 KB	229ms 54ms	Script application/javascript	178.218.223.43 ESERVER
General Check archive.org Show headers Download Go to Full URL https://cdn.advideo.ru/videocontent/global/js/v2/advideo_init.js?playlistId=35603 Requested by Host: gdz.fun URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.218.223.43 , Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS space1.unassigned.ru.eserver.net Software nginx/1.18.0 / Resource Hash c38471abe21fcd667fb3e2328a6f035ae3cb2da69e4135ccca98172c5870e1d0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip last-modified Mon, 17 Oct 2022 18:42:14 GMT server nginx/1.18.0 etag W/"634da206-99e4" access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=86400 access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires Wed, 26 Apr 2023 03:50:59 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1974	91 KB 32 KB	210ms 209ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38ed42cc3f64010c210e082be2679724b973d67b29fe2515ca42776c7b46444a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 32778 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 25 Apr 2023 03:50:59 GMT expires Tue, 25 Apr 2023 03:50:59 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 16DA	91 KB 32 KB	219ms 219ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 590e4c5dcf3047a5f319087ee70cf6d006e74a8f0b18d1b003170eb558a411ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 32728 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 25 Apr 2023 03:50:59 GMT expires Tue, 25 Apr 2023 03:50:59 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 0F8E	103 KB 34 KB	239ms 238ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 547e97fac1d5c88eb45ae681201f2f7e25ad7e71ab4b8e714f942d8b1c526501 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 35187 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 25 Apr 2023 03:50:59 GMT expires Tue, 25 Apr 2023 03:50:59 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	css fonts.googleapis.com/ Frame F216	9 KB 1 KB	103ms 30ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Apr 2023 02:04:42 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Apr 2023 03:50:59 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame F216	2 KB 818 B	85ms 26ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame F216	0 0	66ms 65ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CsEnfIk5HZIPhOY2Y6gS8kZzwC7eUo51w3O_ro58Rx_jdmLoBEAEg9IXYe2CRhICAjBigAYW357IpyAEJqAMByAPLBKoEsQFP0OpNvBc-gZTfb53OnJFwihASzF0-dsNd0uIUDzrUqKY2JoIqYND97InZQN90P41Z38ryb77j3HViOjom_H3KtWwScb48w6s80LkLD5JVpSffMAhriHjtljlbLb06nK4eSACZdBvDf1R7f_El-U4gJkJ5n_Th1-6ATwm-ssuwZqlgc5XQhST_2kjTkxZFqL-VXHzz1HZR5ootjMH1ZpedlSBu-hcjWiWDUW9y-LD7B0zABKu-x-apBJIFBAgEGAGSBQQIBRgEoAYugAeF77eSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMTqBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTI4OTEwNDY2NDc3NjY5NjcYAA&sigh=zbBfAzsEcXI&uach_m=[UACH]&cid=CAQSGwBygQiD6sOp7WObJV5bNHMRjzx-1Vu2bbzm3xgB&template_id=5000 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 25 Apr 2023 03:50:59 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 25 Apr 2023 03:50:59 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame F216	21 KB 9 KB	69ms 20ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame F216	3 KB 1 KB	75ms 27ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:26:41 GMT content-encoding br x-content-type-options nosniff age 41058 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:26:41 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame F216	19 KB 8 KB	71ms 23ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 21:21:45 GMT content-encoding br x-content-type-options nosniff age 23354 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 21:21:45 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F216	159 KB 49 KB	1342ms 1259ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Apr 2023 03:51:00 GMT
GET H2	200	f8970ecc2196f374e9d99027c476dd6b.js Show response www.gstatic.com/mysidia/ Frame F216	32 KB 14 KB	76ms 22ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:50:21 GMT content-encoding gzip x-content-type-options nosniff age 252038 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13747 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 21 Jul 2023 05:50:21 GMT
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/2367221101357095428/ Frame F216	31 KB 31 KB	80ms 37ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2367221101357095428/14763004658117789537?w=600&h=314 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97733e0fe92a74dca85c20690cec1287a596fc5b57bcecb3861d41d344eeff1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 23 Apr 2023 00:36:39 GMT x-content-type-options nosniff age 184460 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31600 x-xss-protection 0 last-modified Sat, 08 Apr 2023 15:43:31 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 22 Apr 2024 00:36:39 GMT
GET DATA	200 OK	truncated / Frame F216	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame F216	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	sync_cookie_image_decide mc.webvisor.org/ Redirect Chain https://mc.webvisor.org/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9983.uqZczaVZlRQsrKhFz81NfnZQLcyKxs-NI_VJi_B50e7d_6VJ8cYf0MinKlWzjuKn._0yDETBRu7MnZE16CPEJpeujZEc%2C https://mc.webvisor.org/sync_cookie_image_decide?token=9983.0-uifC1db2ngsdF2vYQDRq7pTrqZXQCOH_YH9_ux3ZcPqx3JY-X-wXOwoyVPa4hgbI5g3FJ6AOXOhgtb57ueKind53YrqVxv2bAZfidCEG5BI8Ep8HvhuVyJpqk5tS1RlU8mGsDq9...	43 B 506 B	61ms 60ms	Image image/gif	80.239.201.34 TWELVE99 Arelion
General Check archive.org Show headers Download Go to Show image Full URL https://mc.webvisor.org/sync_cookie_image_decide?token=9983.0-uifC1db2ngsdF2vYQDRq7pTrqZXQCOH_YH9_ux3ZcPqx3JY-X-wXOwoyVPa4hgbI5g3FJ6AOXOhgtb57ueKind53YrqVxv2bAZfidCEG5BI8Ep8HvhuVyJpqk5tS1RlU8mGsDq90n79gexgdjojf3RcDxwtWdnHKq0QmcyXN8Y8yyeD414GBrBlLKaNoBwYMAVzRXvMRUGnz63BL7PhBMWf6QSVr9so_YZhIrchbA%2C._zAZrEvGNzWlZXalQQPKRoCVvLc%2C Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H2 Server 80.239.201.34 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:59 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.webvisor.org/sync_cookie_image_decide?token=9983.0-uifC1db2ngsdF2vYQDRq7pTrqZXQCOH_YH9_ux3ZcPqx3JY-X-wXOwoyVPa4hgbI5g3FJ6AOXOhgtb57ueKind53YrqVxv2bAZfidCEG5BI8Ep8HvhuVyJpqk5tS1RlU8mGsDq90n79gexgdjojf3RcDxwtWdnHKq0QmcyXN8Y8yyeD414GBrBlLKaNoBwYMAVzRXvMRUGnz63BL7PhBMWf6QSVr9so_YZhIrchbA%2C._zAZrEvGNzWlZXalQQPKRoCVvLc%2C date Tue, 25 Apr 2023 03:50:59 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	css fonts.googleapis.com/ Frame 1974	6 KB 768 B	30ms 28ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Apr 2023 02:06:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Apr 2023 03:50:59 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 1974	2 KB 799 B	26ms 24ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 1974	21 KB 8 KB	22ms 20ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 1974	3 KB 1 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:26:41 GMT content-encoding br x-content-type-options nosniff age 41058 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:26:41 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 1974	19 KB 8 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 21:21:45 GMT content-encoding br x-content-type-options nosniff age 23354 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 21:21:45 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1974	159 KB 49 KB	1303ms 1302ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Apr 2023 03:51:00 GMT
GET H2	200	f8970ecc2196f374e9d99027c476dd6b.js Show response www.gstatic.com/mysidia/ Frame 1974	32 KB 13 KB	21ms 19ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:50:21 GMT content-encoding gzip x-content-type-options nosniff age 252038 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13747 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 21 Jul 2023 05:50:21 GMT
GET H2	200	css fonts.googleapis.com/ Frame 16DA	6 KB 768 B	30ms 28ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Apr 2023 02:02:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Apr 2023 03:50:59 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 16DA	2 KB 799 B	26ms 24ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 16DA	21 KB 8 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 16DA	3 KB 1 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:26:41 GMT content-encoding br x-content-type-options nosniff age 41058 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:26:41 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 16DA	19 KB 8 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 21:21:45 GMT content-encoding br x-content-type-options nosniff age 23354 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 21:21:45 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 16DA	159 KB 49 KB	1239ms 1238ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Apr 2023 03:51:00 GMT
GET H2	200	f8970ecc2196f374e9d99027c476dd6b.js Show response www.gstatic.com/mysidia/ Frame 16DA	32 KB 13 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:50:21 GMT content-encoding gzip x-content-type-options nosniff age 252038 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13747 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 21 Jul 2023 05:50:21 GMT
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/	149 KB 51 KB	109ms 109ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 284380e852868e51e0127a0ac932f65f8a0568591ad136b0c452a6a620d94a27 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:59 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51691 x-xss-protection 0 server cafe etag 1775013462615603657 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 25 Apr 2023 03:50:59 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	55ms 55ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=2255&su=gdz.fun&d=0&pvc=2167677448698496&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:50:59 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 1974	0 0	66ms 66ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CB_fMI05HZP6iAo7s6gTDwYi4DbeUo51w3O_ro58R_8u9_McBEAEg9IXYe2CRhICAjBigAYW357IpyAEJqAMByAPLBKoEsQFP0EmCvl6X3J3rPenPtREPc3LOaNFs1XBpOIkPJgT-81ToliyotTtbGeOQ9GSW6oEyzib_0TLNDe7zr859YFMg6aF2z5dM1LFdfsYCND-GGXiz7lRsXU0hA8D8cM62V-AcYbwndNxy-xPhnzvE24SmKYGsaQnshWC-GuhnWaPb4PR8rhTrupLaDHSGKkhOCsqfN2Ox9oSTEzhps7jtLoS9utNNByiHweC_Bo-IgfpFmUzABKu-x-apBJIFBAgEGAGSBQQIBRgEoAYugAeF77eSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJLGBdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0yODkxMDQ2NjQ3NzY2OTY3GAA&sigh=5JbVx0-y7BQ&uach_m=[UACH]&cid=CAQSGwBygQiDGHQ8Rm5cqJFsdSal4v5LLiqPbf6ENxgB&template_id=484 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 25 Apr 2023 03:50:59 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	css fonts.googleapis.com/ Frame 0F8E	9 KB 921 B	29ms 28ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Apr 2023 02:01:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Apr 2023 03:50:59 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 0F8E	2 KB 765 B	20ms 19ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 0F8E	21 KB 8 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 0F8E	3 KB 1 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:26:41 GMT content-encoding br x-content-type-options nosniff age 41058 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:26:41 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 0F8E	19 KB 8 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 21:21:45 GMT content-encoding br x-content-type-options nosniff age 23354 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 21:21:45 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0F8E	159 KB 49 KB	1194ms 1193ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Apr 2023 03:51:00 GMT
GET H2	200	f8970ecc2196f374e9d99027c476dd6b.js Show response www.gstatic.com/mysidia/ Frame 0F8E	32 KB 13 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:50:21 GMT content-encoding gzip x-content-type-options nosniff age 252038 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13747 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 21 Jul 2023 05:50:21 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 16DA	0 0	66ms 66ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CqvGhI05HZM_2AoWg6wTfnq7gDbeUo51w3O_ro58Rx_jdmLoBEAEg9IXYe2CRhICAjBigAYW357IpyAEJqAMByAPLBKoEsQFP0KnGT1ala5vVt8yW7811gGizMH3YXSOY8DQuUXcDyNvkBnjlG1YrkDYrRyiH1-z1YM_vTpq03C__F6U2vBY9lmFo4rRcwMWo-NUCMALAO3G19c2VTdrWG1cf1j6o7LEStBMv6tTuFLpGGIDhMSp9o6lE3j8dqblznWcXaw-k_lTKTy6Y1xdSHAEt1zgprfxKUCpHf644WHAl5bVFaupJO4exFzjHASKKe_o-0xqlVGXABKu-x-apBJIFBAgEGAGSBQQIBRgEoAYugAeF77eSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDENQ30ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMMiBQC0BUBgBcBshccChoIABIUcHViLTI4OTEwNDY2NDc3NjY5NjcYAA&sigh=T2PmBsnATsU&uach_m=[UACH]&cid=CAQSGwBygQiDBv-wccHsY5cCZT3gUml08G9HXSGHuhgB&template_id=484 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 25 Apr 2023 03:50:59 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/2367221101357095428/ Frame 1974	17 KB 17 KB	20ms 20ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2367221101357095428/14763004658117789537?w=400&h=209 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f7fb5f5133e3b6d2f4c71f094a6e9d432ee2eeffb8ef498f5e819817cb3236f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:17:06 GMT x-content-type-options nosniff age 254033 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17067 x-xss-protection 0 last-modified Sat, 08 Apr 2023 15:43:31 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 21 Apr 2024 05:17:06 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/1072357827322464021/ Frame 1974	3 KB 3 KB	24ms 24ms	Image image/png	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1072357827322464021/14763004658117789537?w=100&h=100 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2310cf3d680c464cb0356fa62683588f414bd48b514c021a4f711fce258475f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 22:49:37 GMT x-content-type-options nosniff age 190882 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3473 x-xss-protection 0 last-modified Thu, 06 Apr 2023 18:41:52 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 21 Apr 2024 22:49:37 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/2367221101357095428/ Frame 16DA	17 KB 17 KB	20ms 20ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2367221101357095428/14763004658117789537?w=400&h=209 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f7fb5f5133e3b6d2f4c71f094a6e9d432ee2eeffb8ef498f5e819817cb3236f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:17:06 GMT x-content-type-options nosniff age 254033 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17067 x-xss-protection 0 last-modified Sat, 08 Apr 2023 15:43:31 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 21 Apr 2024 05:17:06 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/1072357827322464021/ Frame 16DA	3 KB 3 KB	27ms 27ms	Image image/png	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1072357827322464021/14763004658117789537?w=100&h=100 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2310cf3d680c464cb0356fa62683588f414bd48b514c021a4f711fce258475f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 22:49:37 GMT x-content-type-options nosniff age 190882 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3473 x-xss-protection 0 last-modified Thu, 06 Apr 2023 18:41:52 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 21 Apr 2024 22:49:37 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 0F8E	0 0	66ms 65ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=ClNqHI05HZNzuApLE6gTiy5bABbeUo51w3O_ro58R_8u9_McBEAEg9IXYe2CRhICAjBigAYW357IpyAEJqAMByAPLBKoEsQFP0ABooyocWxOL6m3I4_HqcVm0p2KOmJuCYcRHi2I0bOm7Dbrrva6Kb8vDXsaSEALY-5_1Cynz6E5bIFWnzd2X9_wYjJ7PMKnv_4oeIytZsv4UkXdZI2BlonBGp6tKbwWSwTIaJsMMFV4xm8jnlETeA5mt8M1TFs75IbYGl9nFoTETzYqUmE_jGVsNCGhxGXzrvcm3AM3Ky7G4OXZmDw3ED3d-ErxMFYRr5oOd0O92MYfABKu-x-apBJIFBAgEGAGSBQQIBRgEoAYugAeF77eSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEOto0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMjg5MTA0NjY0Nzc2Njk2NxgA&sigh=VdGTVOiarLg&uach_m=[UACH]&cid=CAQSGwBygQiDKuUzYbGuUI5lZ4-bnApSFj0jT-C8QRgB&template_id=5000 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 25 Apr 2023 03:50:59 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	54ms 54ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=s&pg_h=2255&su=gdz.fun&d=0&pvc=2167677448698496&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:50:59 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame F216	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 47fda4023bf451cc60261636ee1107f5510a8ee58b444e6971bf0ed79f3ef561 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/4630059954815993061/ Frame 0F8E	128 KB 128 KB	21ms 20ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4630059954815993061/14763004658117789537 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 398cc42a378b37ceeb5d0fee1872062a852ca8f2bfcc6b326d67719a07e42251 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:19:31 GMT x-content-type-options nosniff age 253888 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131382 x-xss-protection 0 last-modified Sat, 08 Apr 2023 15:43:26 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 21 Apr 2024 05:19:31 GMT
GET DATA	200 OK	truncated / Frame 0F8E	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 0F8E	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	ping stat.advideo.ru/	8 B 147 B	262ms 65ms	Image text/html	178.218.213.168 ESERVER
General Check archive.org Show headers Download Go to Show image Full URL https://stat.advideo.ru/ping?showplaylistId=35603&rnd=642 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.218.213.168 , Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS mail.small-games.info Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip access-control-allow-credentials true server nginx/1.16.1 content-type text/html;charset=utf-8
GET H2	200	statistics faststat.advideo.ru/	2 B 107 B	280ms 60ms	Image text/plain	178.218.213.168 ESERVER
General Check archive.org Show headers Download Go to Show image Full URL https://faststat.advideo.ru/statistics?event_type=code_load&url=https%3A%2F%2Fgdz.fun%2F&playlist_id=35603&uid=0b932c90-9400-42b6-abfd-31b095e10bcd&rnd=252 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.218.213.168 , Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS mail.small-games.info Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:59 GMT access-control-allow-credentials true server nginx/1.16.1 content-length 2 content-type text/plain; charset=utf8
GET H2	200	init Show response bazr.ru/videocontent/global/js/v2/	1 KB 705 B	250ms 51ms	XHR application/json	178.218.212.115 ESERVER
General Check archive.org Show headers Download Go to Full URL https://bazr.ru/videocontent/global/js/v2/init?playlistId=35603&v=4.0.3&dvc=d&d Requested by Host: gdz.fun URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.218.212.115 , Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS cdn.bazr.ru Software nginx/1.16.1 / Resource Hash 4670fc4946c7edfb3c0358e0385a76f25cdb2cf97daf4396bb9b7fe2a16fb2d8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip last-modified Thu, 01 Oct 2020 08:12:32 GMT server nginx/1.16.1 etag W/"5f758f70-4e4" content-type application/json access-control-allow-origin * access-control-allow-credentials true
GET DATA	200 OK	truncated / Frame 1974	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b0f663016ee55b694917bae834fadf52e197ec8b89d4e31de2aa27db34072512 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	integrator.js Show response adservice.google.nl/adsid/	107 B 165 B	30ms 28ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.nl/adsid/integrator.js?domain=gdz.fun Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	30ms 29ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=gdz.fun Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/ Frame A396	10 KB 4 KB	20ms 20ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 44356 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 24 Apr 2023 15:31:43 GMT etag 2378337311435320485 expires Mon, 08 May 2023 15:31:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/ Frame 589C	10 KB 4 KB	20ms 20ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 44356 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 24 Apr 2023 15:31:43 GMT etag 2378337311435320485 expires Mon, 08 May 2023 15:31:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/ Frame 8E64	10 KB 4 KB	20ms 20ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 44356 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 24 Apr 2023 15:31:43 GMT etag 2378337311435320485 expires Mon, 08 May 2023 15:31:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 16DA	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d9f0dde005c5aa4823a3a3449707995b945aa5a2a52c415c938c531d1230911c Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 0F8E	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d8e20068b330473cdbe0193c0cabaf353b028e365d7628485f6423540562deee Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H3	200	css2 fonts.googleapis.com/ Frame A396	5 KB 659 B	29ms 29ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Apr 2023 02:10:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Apr 2023 03:50:59 GMT
GET H3	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame A396	205 B 229 B	22ms 21ms	Image image/png	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 22:21:29 GMT x-content-type-options nosniff age 19770 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 23 Apr 2024 22:21:29 GMT
GET H3	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame A396	604 B 628 B	22ms 22ms	Image image/png	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 23:04:47 GMT x-content-type-options nosniff age 17172 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 23 Apr 2024 23:04:47 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/ Frame A396	19 KB 8 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 15:24:08 GMT content-encoding br x-content-type-options nosniff age 44811 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8167 x-xss-protection 0 server cafe etag 3140062999518874537 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 15:24:08 GMT
GET H3	200	css fonts.googleapis.com/ Frame 589C	6 KB 695 B	56ms 56ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Apr 2023 03:20:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Apr 2023 03:50:59 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 589C	2 KB 765 B	44ms 44ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 589C	21 KB 8 KB	43ms 43ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 589C	3 KB 1 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:26:41 GMT content-encoding br x-content-type-options nosniff age 41058 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:26:41 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 589C	19 KB 8 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 21:21:45 GMT content-encoding br x-content-type-options nosniff age 23354 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 21:21:45 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 589C	159 KB 49 KB	1008ms 1007ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Apr 2023 03:51:00 GMT
GET H3	200	f8970ecc2196f374e9d99027c476dd6b.js Show response www.gstatic.com/mysidia/ Frame 589C	32 KB 13 KB	46ms 46ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:50:21 GMT content-encoding gzip x-content-type-options nosniff age 252038 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13747 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 21 Jul 2023 05:50:21 GMT
GET H3	200	css fonts.googleapis.com/ Frame 8E64	9 KB 921 B	42ms 40ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Apr 2023 02:40:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Apr 2023 03:50:59 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 8E64	2 KB 765 B	34ms 34ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 8E64	0 0	83ms 82ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CkuU4Ik5HZPilOcXl6wTf8o-IDLeUo51w3O_ro58Rx_jdmLoBEAEg9IXYe2CRhICAjBigAYW357IpyAEJqAMByAPLBKoEsgFP0MyI8kb9nWgSIw3U6-io-JCLdrigGusXb8kdUhhEMq17lPQLzPQ9KYRpx41P6ct7J7INTUL5A17kldVQmaXwJYGjrcZtkNGJZ8GQgZfUkOZW--gLe4BE4hLwp9a4GlgBqbvRdAs9c3B_oQ9sQd2GMdu3E76qm_IXr_gCIIlPy2K-N9uG582QxOYZYJMopEMTh3lmWaX0fYDuEp1PGWzAY8W7Ss1Wk9B0VkapelwS8IaWwASrvsfmqQSSBQQIBBgBkgUECAUYBKAGLoAHhe-3kgSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDb5gHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0yODkxMDQ2NjQ3NzY2OTY3GAA&sigh=rTHUPNawNwE&uach_m=[UACH]&cid=CAQSGwBygQiD0pnvtLwfpsnkP1myY2V3SpXdwbB3ZxgB&template_id=5000 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 25 Apr 2023 03:50:59 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 8E64	21 KB 8 KB	33ms 33ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 8E64	3 KB 1 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:26:41 GMT content-encoding br x-content-type-options nosniff age 41058 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:26:41 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 8E64	19 KB 8 KB	45ms 44ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 21:21:45 GMT content-encoding br x-content-type-options nosniff age 23354 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 21:21:45 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8E64	159 KB 49 KB	1029ms 1027ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Apr 2023 03:51:00 GMT
GET H3	200	f8970ecc2196f374e9d99027c476dd6b.js Show response www.gstatic.com/mysidia/ Frame 8E64	32 KB 13 KB	44ms 43ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:50:21 GMT content-encoding gzip x-content-type-options nosniff age 252038 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13747 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 21 Jul 2023 05:50:21 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/2367221101357095428/ Frame 8E64	17 KB 17 KB	45ms 45ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2367221101357095428/14763004658117789537?w=400&h=209 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f7fb5f5133e3b6d2f4c71f094a6e9d432ee2eeffb8ef498f5e819817cb3236f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:17:06 GMT x-content-type-options nosniff age 254033 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17067 x-xss-protection 0 last-modified Sat, 08 Apr 2023 15:43:31 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 21 Apr 2024 05:17:06 GMT
GET DATA	200 OK	truncated / Frame 8E64	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 8E64	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	css fonts.googleapis.com/ Frame 6CAB	6 KB 695 B	41ms 40ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Apr 2023 03:15:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Apr 2023 03:50:59 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 6CAB	2 KB 765 B	36ms 35ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 6CAB	21 KB 8 KB	34ms 34ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:42:18 GMT content-encoding br x-content-type-options nosniff age 40121 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:42:18 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 6CAB	3 KB 1 KB	34ms 33ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 16:26:41 GMT content-encoding br x-content-type-options nosniff age 41058 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 16:26:41 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 6CAB	19 KB 8 KB	35ms 31ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 21:21:45 GMT content-encoding br x-content-type-options nosniff age 23354 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 May 2023 21:21:45 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6CAB	159 KB 49 KB	991ms 986ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Apr 2023 03:51:00 GMT
GET H3	200	f8970ecc2196f374e9d99027c476dd6b.js Show response www.gstatic.com/mysidia/ Frame 6CAB	32 KB 13 KB	32ms 28ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:50:21 GMT content-encoding gzip x-content-type-options nosniff age 252038 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13747 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 21 Jul 2023 05:50:21 GMT
GET DATA	200 OK	truncated / Frame 8E64	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 821695072fc13f1f9449da41fea4b82622b420d6e4a40fd1b72058473a1146a8 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	player Show response bazr.ru/ Frame DFFB	25 KB 7 KB	179ms 68ms	Document text/html	178.218.212.115 ESERVER
General Check archive.org Show headers Download Go to Full URL https://bazr.ru/player?playlistId=35603&v1.0.1.1 Requested by Host: cdn.advideo.ru URL: https://cdn.advideo.ru/videocontent/global/js/v2/advideo_init.js?playlistId=35603 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.218.212.115 , Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS cdn.bazr.ru Software nginx/1.16.1 / Resource Hash 45dffef6d8d446fb517185cb9c5b034bd8b30ee5a9c430b53e2d04dffe34f2d3 Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin * content-encoding gzip content-type text/html;charset=utf-8 date Tue, 25 Apr 2023 03:50:59 GMT server nginx/1.16.1
GET H2	200	stkan_adv.js Show response cdn.advideo.ru/videocontent/global/js/v2/4.0.3/	25 KB 8 KB	53ms 52ms	Script application/javascript	178.218.223.43 ESERVER
General Check archive.org Show headers Download Go to Full URL https://cdn.advideo.ru/videocontent/global/js/v2/4.0.3/stkan_adv.js?v3.0.4 Requested by Host: cdn.advideo.ru URL: https://cdn.advideo.ru/videocontent/global/js/v2/advideo_init.js?playlistId=35603 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.218.223.43 , Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS space1.unassigned.ru.eserver.net Software nginx/1.18.0 / Resource Hash fbf0a830afe254a99c79b62c2cad9dc1e82697d2db8478ad4663a4f33e1272c8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:50:59 GMT content-encoding gzip last-modified Mon, 17 Oct 2022 18:42:12 GMT server nginx/1.18.0 etag W/"634da204-649a" access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=86400 access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires Wed, 26 Apr 2023 03:50:59 GMT
GET H2	200	jquery.min.js Show response cdn.bazr.ru/videocontent/omovi/js1/ Frame DFFB	91 KB 38 KB	425ms 56ms	Script application/javascript	178.218.210.133 ESERVER
General Check archive.org Show headers Download Go to Full URL https://cdn.bazr.ru/videocontent/omovi/js1/jquery.min.js Requested by Host: bazr.ru URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.218.210.133 Moscow Oblast, Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS dcw-unknown.maxhost.ru Software nginx/1.18.0 / Resource Hash 5b6725689f9ca035bdd1f325690447c2cab1e9a27c39b3a3a6d702ab888236ac Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip last-modified Tue, 21 Apr 2015 13:37:22 GMT server nginx/1.18.0 etag W/"55365292-16b31" access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=86400 access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires Wed, 26 Apr 2023 03:51:00 GMT
GET H2	200	advideo.js Show response cdn.bazr.ru/videocontent/global/newplayer/ Frame DFFB	21 KB 6 KB	426ms 57ms	Script application/javascript	178.218.210.133 ESERVER
General Check archive.org Show headers Download Go to Full URL https://cdn.bazr.ru/videocontent/global/newplayer/advideo.js?30112020134221112 Requested by Host: bazr.ru URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.218.210.133 Moscow Oblast, Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS dcw-unknown.maxhost.ru Software nginx/1.18.0 / Resource Hash d7eefeda6c8559f00c4ea5549267673816b6d69118a6ddf16cc4c7359ce2323b Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip last-modified Wed, 01 Dec 2021 10:02:15 GMT server nginx/1.18.0 etag W/"61a74827-5252" access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=86400 access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires Wed, 26 Apr 2023 03:51:00 GMT
GET H2	204	vidpub.js Show response sync.dmp.otm-r.com/match/ Frame DFFB	0 69 B	101ms 24ms	Script text/plain	195.201.152.104 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sync.dmp.otm-r.com/match/vidpub.js?pub=bfr8braac88i0cq3hkt0 Requested by Host: bazr.ru URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.152.104 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.104.152.201.195.clients.your-server.de Software nginx/1.17.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-origin * date Tue, 25 Apr 2023 03:51:00 GMT server nginx/1.17.6
GET H2	200	playerstat Show response stat.advideo.ru/ Frame DFFB	6 B 178 B	171ms 59ms	XHR text/html	178.218.213.168 ESERVER
General Check archive.org Show headers Download Go to Full URL https://stat.advideo.ru/playerstat?event=init&trackId=1&contentManagerId=215&playlistId=35603&domainId=2723&ref=https%3A%2F%2Fgdz.fun%2F&firstTime=1&isflash=0&rand=0.4906607576780506&visitor_id=notset-B6CB4B94-09C0-4059-A5E8-605AC0C1E0F1 Requested by Host: cdn.bazr.ru URL: https://cdn.bazr.ru/videocontent/omovi/js1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.218.213.168 , Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS mail.small-games.info Software nginx/1.16.1 / Resource Hash 69f68e885d5443aefbb9333555cc5ac032588c035aed52163005fe7c3ebf3db6 Request headers Accept */* Referer https://bazr.ru/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-origin https://bazr.ru date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip access-control-allow-credentials true server nginx/1.16.1 content-type text/html;charset=utf-8
GET H2	200	player Show response faststat.advideo.ru/ Frame DFFB	2 B 139 B	169ms 57ms	XHR text/plain	178.218.213.168 ESERVER
General Check archive.org Show headers Download Go to Full URL https://faststat.advideo.ru/player?event_type=init&statistics_type=adv&url=https%3A%2F%2Fgdz.fun%2F&cm_id=215&prev_cm_id=0&track_id=1&playlist_id=35603&site_id=2723&project_id=0&chain_id=2&vast_chain_id=28&is_firsttime=1&is_native=0&is_vast=0&visitor_id=notset-B6CB4B94-09C0-4059-A5E8-605AC0C1E0F1&session=D5ECB320-57F0-4EE4-8513-E8EAF658EB1A&sex=0&age=0&time_passed=7&media_type=&has_flash=0&ad_id=0&viewable=1&pl_ver=0&cm_time=2&ancestor_origins=https%3A%2F%2Fgdz.fun Requested by Host: cdn.bazr.ru URL: https://cdn.bazr.ru/videocontent/omovi/js1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.218.213.168 , Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS mail.small-games.info Software nginx/1.16.1 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Accept */* Referer https://bazr.ru/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-origin https://bazr.ru date Tue, 25 Apr 2023 03:51:00 GMT access-control-allow-credentials true server nginx/1.16.1 content-length 2 content-type text/plain; charset=utf8
GET H2	200	player Show response faststat.advideo.ru/ Frame DFFB	2 B 140 B	168ms 56ms	XHR text/plain	178.218.213.168 ESERVER
General Check archive.org Show headers Download Go to Full URL https://faststat.advideo.ru/player?event_type=request&statistics_type=adv&url=https%3A%2F%2Fgdz.fun%2F&cm_id=215&prev_cm_id=0&track_id=1&playlist_id=35603&site_id=2723&project_id=0&chain_id=2&vast_chain_id=28&is_firsttime=1&is_native=0&is_vast=0&visitor_id=notset-B6CB4B94-09C0-4059-A5E8-605AC0C1E0F1&session=D5ECB320-57F0-4EE4-8513-E8EAF658EB1A&sex=0&age=0&time_passed=8&media_type=&has_flash=0&ad_id=0&viewable=1&pl_ver=0&cm_time=3&ancestor_origins=https%3A%2F%2Fgdz.fun Requested by Host: cdn.bazr.ru URL: https://cdn.bazr.ru/videocontent/omovi/js1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.218.213.168 , Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS mail.small-games.info Software nginx/1.16.1 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Accept */* Referer https://bazr.ru/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-origin https://bazr.ru date Tue, 25 Apr 2023 03:51:00 GMT access-control-allow-credentials true server nginx/1.16.1 content-length 2 content-type text/plain; charset=utf8
GET H/1.1	200 OK	mvpt.min.js Show response moevideo.biz/embed/js/ Frame DFFB	176 KB 52 KB	289ms 149ms	Script application/javascript	92.223.103.13 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moevideo.biz/embed/js/mvpt.min.js Requested by Host: cdn.bazr.ru URL: https://cdn.bazr.ru/videocontent/global/newplayer/advideo.js?30112020134221112 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.103.13 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f47.moevideo.net Software nginx / Resource Hash 9c9981570082f0c9e2dc51206ff296a57e9a72d1fd915fed947adf484ef2bd3a Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:00 GMT Content-Encoding gzip Last-Modified Thu, 26 Jan 2023 13:15:09 GMT Server nginx X-My-Name s172 ETag W/"63d27cdd-2c0d4" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive X-My-Reqtime 0.029
GET H/1.1	200 OK	hit counter.yadro.ru/ Frame DFFB Redirect Chain https://counter.yadro.ru/hit?t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04402;0.17496194489547 https://counter.yadro.ru/hit?q;t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04402;0.17496194489547	140 B 445 B	52ms 52ms	Image image/gif	88.212.201.204 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04402;0.17496194489547 Requested by Host: bazr.ru URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1 Protocol HTTP/1.1 Server 88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host204.rax.ru Software nginx/1.17.9 / Resource Hash a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 Apr 2023 03:51:00 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type image/gif Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Length 140 Expires Sun, 24 Apr 2022 21:00:00 GMT Redirect headers Pragma no-cache Date Tue, 25 Apr 2023 03:51:00 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type text/html Location https://counter.yadro.ru/hit?q;t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04402;0.17496194489547 P3P policyref="/w3c/p3p.xml", CP="UNI" Cache-control no-cache Connection keep-alive Content-Length 32 Expires Sun, 24 Apr 2022 21:00:00 GMT
GET H2	200	loading2.svg cdn.bazr.ru/videocontent/global/images/ Frame DFFB	965 B 1 KB	55ms 54ms	Image image/svg+xml	178.218.210.133 ESERVER
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bazr.ru/videocontent/global/images/loading2.svg Requested by Host: bazr.ru URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.218.210.133 Moscow Oblast, Russian Federation, ASN42244 (ESERVER, SK), Reverse DNS dcw-unknown.maxhost.ru Software nginx/1.18.0 / Resource Hash e1748bd2faf8b430d2990aef6024f115c4fee9a64fb22cd50442ce566638a201 Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT last-modified Thu, 10 Dec 2020 17:35:59 GMT server nginx/1.18.0 etag "5fd25c7f-3c5" access-control-allow-methods GET, POST, OPTIONS content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=604800 accept-ranges bytes access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range content-length 965 expires Tue, 02 May 2023 03:51:00 GMT
GET H2	200	top100.js Show response st.top100.ru/top100/ Frame DFFB	108 KB 34 KB	218ms 104ms	Script application/javascript	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://st.top100.ru/top100/top100.js Requested by Host: bazr.ru URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash a6d968584e92c01f5bf29c9de2d18c8f8c81e5ac4f43357e97e20ff64839028e Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip last-modified Mon, 24 Apr 2023 09:01:16 GMT server nginx/1.19.4 x-amz-request-id tx00000000000025620b3f8-0064474c99-f85be6-default etag W/"5643b3a5407da1e93e7e60d90ce31927" vary Accept-Encoding content-type application/javascript p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" x-rgw-object-type Normal cache-control max-age=3600 expires Tue, 25 Apr 2023 04:51:00 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/ Frame DFFB	213 KB 73 KB	57ms 56ms	Script application/javascript	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: bazr.ru URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash a26b4febdb7690008890d735d5f32ecb59441835704251420f9bb3d4dd4417ea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Fri, 21 Apr 2023 13:01:10 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "64425ee6-122e6" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 74470 expires Tue, 25 Apr 2023 04:51:00 GMT
GET H2	200	0x2.js Show response adverdata.net/0x200/04cde9ff880/ Frame DFFB	20 KB 8 KB	180ms 53ms	Script application/javascript	91.218.228.87 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://adverdata.net/0x200/04cde9ff880/0x2.js?t=1682394660439 Requested by Host: bazr.ru URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.87 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.15.8 / Resource Hash efe3d5f447ad4c9be314641f3004746cdca3ce0a8e30179897037a58cae9e6fd Security Headers Name Value Strict-Transport-Security max-age=0; Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT content-encoding gzip strict-transport-security max-age=0; last-modified Fri, 10 Mar 2023 11:58:42 GMT server nginx/1.15.8 etag "640b1b72-203e" content-type application/javascript access-control-allow-origin * content-length 8254
GET H3	200	2076313506083323656 tpc.googlesyndication.com/simgad/4630059954815993061/ Frame 589C	35 KB 35 KB	21ms 20ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4630059954815993061/2076313506083323656 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2c13c7d5a0f91728f686dcca281c72d832340b82233056f11052b17d4b6aa3b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 23 Apr 2023 07:30:18 GMT x-content-type-options nosniff age 159642 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36101 x-xss-protection 0 last-modified Sat, 08 Apr 2023 15:43:23 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 22 Apr 2024 07:30:18 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/1072357827322464021/ Frame 589C	3 KB 3 KB	23ms 22ms	Image image/png	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1072357827322464021/14763004658117789537?w=100&h=100 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2310cf3d680c464cb0356fa62683588f414bd48b514c021a4f711fce258475f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 22:49:37 GMT x-content-type-options nosniff age 190883 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3473 x-xss-protection 0 last-modified Thu, 06 Apr 2023 18:41:52 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 21 Apr 2024 22:49:37 GMT
GET DATA	200 OK	truncated / Frame 589C	221 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 589C	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 029889472cceca983eeedd1657150b7dd90556d642d90849b943387d74bef169 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v46/ Frame F216	29 KB 30 KB	89ms 31ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:16:02 GMT x-content-type-options nosniff age 254098 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29728 x-xss-protection 0 last-modified Mon, 03 Apr 2023 16:59:50 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Apr 2024 05:16:02 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 1974	15 KB 15 KB	114ms 63ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 15:24:53 GMT x-content-type-options nosniff age 217567 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Apr 2024 15:24:53 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 1974	15 KB 16 KB	108ms 59ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 17:04:15 GMT x-content-type-options nosniff age 211605 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Apr 2024 17:04:15 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 1974	15 KB 15 KB	116ms 69ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 02:05:23 GMT x-content-type-options nosniff age 351937 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 20 Apr 2024 02:05:23 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 16DA	15 KB 15 KB	137ms 93ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 15:24:53 GMT x-content-type-options nosniff age 217567 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Apr 2024 15:24:53 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 16DA	15 KB 16 KB	133ms 89ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 17:04:15 GMT x-content-type-options nosniff age 211605 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Apr 2024 17:04:15 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 16DA	15 KB 15 KB	140ms 96ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 02:05:23 GMT x-content-type-options nosniff age 351937 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 20 Apr 2024 02:05:23 GMT
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v46/ Frame 0F8E	29 KB 29 KB	117ms 77ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 05:16:02 GMT x-content-type-options nosniff age 254098 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29728 x-xss-protection 0 last-modified Mon, 03 Apr 2023 16:59:50 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Apr 2024 05:16:02 GMT
GET H3	200	sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response pagead2.googlesyndication.com/bg/ Frame 1E73	36 KB 14 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 18:20:47 GMT content-encoding br x-content-type-options nosniff age 34213 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 23 Apr 2024 18:20:47 GMT
GET H3	200	sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response pagead2.googlesyndication.com/bg/ Frame C9A6	36 KB 14 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 18:20:47 GMT content-encoding br x-content-type-options nosniff age 34213 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 23 Apr 2024 18:20:47 GMT
GET H2	200	advert.gif mc.yandex.ru/metrika/ Frame DFFB	43 B 113 B	56ms 56ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Requested by Host: bazr.ru URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:00 GMT strict-transport-security max-age=31536000 last-modified Fri, 21 Apr 2023 13:01:10 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "64425ee6-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Tue, 25 Apr 2023 04:51:00 GMT
GET H2	200	28186854 Show response mc.yandex.ru/watch/ Frame DFFB	428 B 639 B	61ms 60ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/28186854?wmode=7&page-url=https%3A%2F%2Fbazr.ru%2Fplayer%3FplaylistId%3D35603%26v1.0.1.1&page-ref=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afp%3A828%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A186124492898%3Ahid%3A276300667%3Az%3A0%3Ai%3A20230425035100%3Aet%3A1682394661%3Ac%3A1%3Arn%3A825747079%3Arqn%3A1%3Au%3A1682394661984130071%3Aw%3A600x340%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C110%2C68%2C0%2C0%2C0%2C%2C576%2C2%2C%2C%2C%2C756%3Aco%3A0%3Acpf%3A1%3Ans%3A1682394659684%3Arqnl%3A1%3Ast%3A1682394661%3At%3A%D0%9F%D0%BB%D0%B5%D0%B5%D1%802&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 406b635ab9bda2243c3fbc44655dd3d1a295cba3e4c3da1e40cb5eb6f7f13937 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:00 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 25-Apr-2023 03:51:00 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://bazr.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 428 x-xss-protection 1; mode=block expires Tue, 25-Apr-2023 03:51:00 GMT
GET H3	200	sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response pagead2.googlesyndication.com/bg/ Frame DB3E	36 KB 14 KB	34ms 33ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 18:20:47 GMT content-encoding br x-content-type-options nosniff age 34213 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 23 Apr 2024 18:20:47 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 589C	0 19 B	67ms 67ms	Image text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C-0p_Ik5HZPelOcXl6wTf8o-IDLeUo51w3O_ro58Rx_jdmLoBEAEg9IXYe2CRhICAjBigAYW357IpyAEJqAMByAPLBKoEsQFP0A3aI44HWun6BMeGmh94ztmkM7hVeG0Dk1zOaT7gtqwKUM-tLZLi9nkYFigK6x3Vja7ICN5TZWhk3mcbSq5e0jn85N4q4yx9zl7Yvt0UXcbD4dW0BsuM3XhNGInupAZSu48yexdQiQtHesIktszK6rnbacho5sy6FJcudH3W-r8EbQJwksnbNsFeMul4v2xQtbsv3mBAq7R-QW1PTKg0NofGi_VdP04GrCoLV75aNhPABKu-x-apBJIFBAgEGAGSBQQIBRgEoAYugAeF77eSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOueAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0yODkxMDQ2NjQ3NzY2OTY3GAA&sigh=Mk7JgTm9ojE&uach_m=[UACH]&cid=CAQSGwBygQiD0pnvtLwfpsnkP1myY2V3SpXdwbB3ZxgB&template_id=484&vis=1 Requested by Host: gdz.fun URL: https://gdz.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 25 Apr 2023 03:51:00 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	userip Show response kraken.rambler.ru/ Frame DFFB	11 B 411 B	238ms 52ms	XHR text/plain	81.19.89.18 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://kraken.rambler.ru/userip Requested by Host: st.top100.ru URL: https://st.top100.ru/top100/top100.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash 4f90517cacb50330482d96051191ba7e82b60e7c01060bc7213fffdddb814ee6 Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-origin https://bazr.ru date Tue, 25 Apr 2023 03:51:01 GMT content-type application/octet-stream, text/plain server nginx/1.19.4 x-srv 2kraken-prod0001.ad.rambler.tech content-length 11 p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
GET H2	200	usability.js Show response st.top100.ru/top100/3.13.20/ Frame DFFB	14 KB 4 KB	53ms 52ms	Script application/javascript	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://st.top100.ru/top100/3.13.20/usability.js Requested by Host: st.top100.ru URL: https://st.top100.ru/top100/top100.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash 1fca7e2d421875b496a5a6bfe5857d62e277d9bf8dc41a7815481a680b3e1be6 Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:01 GMT content-encoding gzip last-modified Mon, 24 Apr 2023 09:01:16 GMT server nginx/1.19.4 x-amz-request-id tx000000000000256208ff8-0064474c59-f85be6-default etag W/"aca17a264fc4dcb15d7447bcea8197ff" vary Accept-Encoding content-type application/javascript p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" x-rgw-object-type Normal cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	version Show response moevideo.biz/embed/core/ Frame DFFB	45 B 219 B	76ms 76ms	Script application/javascript	92.223.103.13 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moevideo.biz/embed/core/version?jsonp=&jsonpCallback=jsonp_1682394661111_65855 Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/js/mvpt.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.103.13 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f47.moevideo.net Software nginx / Resource Hash db406e11133478a9cca74e47e6c287478daa1ed4108c9667bdb42edf02f0ffaa Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:01 GMT Server nginx Connection keep-alive Content-Length 45 X-My-Reqtime 0.022 Content-Type application/javascript
POST H2	200	665278.png 204.adverdata.net/log/images/ Frame DFFB	68 B 324 B	67ms 55ms	Ping image/png	91.218.228.87 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://204.adverdata.net/log/images/665278.png?ate=18764&cache=1682394661127&aA=127&time=1682394661&bHh=TmV0c2NhcGU=&version=90&interactive=1&size=900x13&bDat=MTY4MjM5NDY2MTEyNw==&bundle=648 Requested by Host: adverdata.net URL: https://adverdata.net/0x200/04cde9ff880/0x2.js?t=1682394660439 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.87 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.15.8 / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Security Headers Name Value Strict-Transport-Security max-age=0; Request headers Referer https://bazr.ru/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundary1t0iej7MNBRh7aUD Response headers x-response-time 3ms date Tue, 25 Apr 2023 03:51:01 GMT strict-transport-security max-age=0; server nginx/1.15.8 vary Origin content-type image/png access-control-allow-origin https://bazr.ru content-length 68
GET H3	200	sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response pagead2.googlesyndication.com/bg/ Frame 6AB0	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658635&bpp=2&bdt=260&idt=268&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PpbmPfGOhu&p=https%3A//gdz.fun&dtd=271 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 18:20:47 GMT content-encoding br x-content-type-options nosniff age 34214 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 23 Apr 2024 18:20:47 GMT
GET H3	200	sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response pagead2.googlesyndication.com/bg/ Frame DAD5	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Yf21xwt77J&p=https%3A//gdz.fun&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 18:20:47 GMT content-encoding br x-content-type-options nosniff age 34214 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 23 Apr 2024 18:20:47 GMT
GET H3	200	sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response pagead2.googlesyndication.com/bg/ Frame C62D	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682394659&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=1&bdt=612&idt=1&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=U9oVANqhR0&p=https%3A//gdz.fun&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 18:20:47 GMT content-encoding br x-content-type-options nosniff age 34214 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 23 Apr 2024 18:20:47 GMT
GET H3	200	sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response pagead2.googlesyndication.com/bg/ Frame BE02	36 KB 14 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682394658&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682394658987&bpp=2&bdt=612&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=658926926049&frm=20&pv=1&ga_vid=2026965810.1682394659&ga_sid=1682394659&ga_hid=847424138&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073974%2C44785292&oid=2&pvsid=2167677448698496&tmod=152443014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Gc6mbVbHRf&p=https%3A//gdz.fun&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 18:20:47 GMT content-encoding br x-content-type-options nosniff age 34214 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 23 Apr 2024 18:20:47 GMT
GET H/1.1	200 OK	native Show response moevideo.biz/ Frame E213	40 KB 16 KB	119ms 118ms	Document text/html	92.223.103.13 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/js/mvpt.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.103.13 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f47.moevideo.net Software nginx / PHP/5.5.38 Resource Hash 7fcce295ffb154d1fab5c3934de91e5f2fae84dc641eeec019b92ec237b73eff Request headers Referer https://bazr.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control max-age=0 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 25 Apr 2023 03:51:01 GMT Expires Thu, 19 Feb 1998 13:24:18 GMT Last-Modified Tue, 25 Apr 2023 03:51:01 GMT Pragma no-cache Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Mv-Embed-Version 1414 X-Mv-TryCache 0 X-My-Adv-Time 0.00374603271484 X-My-App-Time 0.031 X-My-Name s141 X-My-Reqtime 0.054 X-Powered-By PHP/5.5.38
GET H2	200	/ kraken.rambler.ru/cnt/ Frame DFFB	43 B 587 B	159ms 53ms	Image image/gif	81.19.89.18 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kraken.rambler.ru/cnt/?et=pv&v=3.13.20&pid=6579761&tid=t1.6579761.1744105385.1682394661084&rid=1682394661.078-801646282&fid=pA8AAENKs1c8BYrjAUflKAA%3D&fip=pA8AAENKs1d8LPZCAUFqkAA%3D&eid=816046616473253&stid=0_0&sn=0&sen=0&ce=1&bs=600x340&rf=https%3A%2F%2Fgdz.fun%2F&en=UTF-8&pt=%D0%9F%D0%BB%D0%B5%D0%B5%D1%802&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&ct=web&url=https%3A%2F%2Fbazr.ru%2Fplayer%3FplaylistId%3D35603%26v1.0.1.1&lv&exp=%5B%5B%22exp_ws%22%2C%22no%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=686440416 Requested by Host: bazr.ru URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:01 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.19.4 x-srv 2kraken-prod0002.ad.rambler.tech access-control-allow-methods GET, POST, OPTIONS content-type image/gif, image/gif p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" cache-control no-cache access-control-allow-credentials true access-control-allow-headers content-type content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	styles.css moevideo.biz/embed/player/1860/skins/gray/ Frame E213	54 KB 15 KB	78ms 77ms	Stylesheet text/css	92.223.103.13 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moevideo.biz/embed/player/1860/skins/gray/styles.css Requested by Host: moevideo.biz URL: https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.103.13 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f47.moevideo.net Software nginx / Resource Hash 8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:01 GMT Content-Encoding gzip Last-Modified Thu, 26 Jan 2023 13:03:25 GMT Server nginx X-My-Name s199 ETag W/"63d27a1d-d99f" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive X-My-Reqtime 0.023
GET H/1.1	200 OK	mvplayer.min.js Show response moevideo.biz/embed/player/1860/ Frame E213	597 KB 152 KB	169ms 90ms	Script application/javascript	92.223.103.13 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moevideo.biz/embed/player/1860/mvplayer.min.js Requested by Host: moevideo.biz URL: https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.103.13 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f47.moevideo.net Software nginx / Resource Hash 4d50f79fdb320efa3f58c176d2bdb09fcc458be41aad03f55711bf8417d4a4db Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:01 GMT Content-Encoding gzip Last-Modified Thu, 26 Jan 2023 13:11:55 GMT Server nginx X-My-Name s179 ETag W/"63d27c1b-954a5" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive X-My-Reqtime 0.025
GET H/1.1	200 OK	set Show response playreplay.me/api/cookie/ Frame E213	0 332 B	190ms 55ms	Script text/plain	92.38.138.49 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%228000c9ede62382490c93%22},{%22key%22:%22mvsid%22,%22value%22:%22da7a5d89-55d6-435e-840d-6d173d92a969%22}] Requested by Host: moevideo.biz URL: https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.38.138.49 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f28.moevideo.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:01 GMT Server nginx Connection keep-alive Content-Length 0 X-My-Reqtime 0.000
GET H/1.1	200 OK	set Show response thesame.tv/api/cookie/ Frame E213	0 332 B	174ms 53ms	Script text/plain	5.188.150.126 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%228000c9ede62382490c93%22},{%22key%22:%22mvsid%22,%22value%22:%22da7a5d89-55d6-435e-840d-6d173d92a969%22}] Requested by Host: moevideo.biz URL: https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.188.150.126 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx Connection keep-alive Content-Length 0 X-My-Reqtime 0.001
GET H/1.1	200 OK	set Show response moevideo.biz/api/cookie/ Frame E213	0 332 B	55ms 55ms	Script text/plain	92.223.103.13 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%228000c9ede62382490c93%22},{%22key%22:%22mvsid%22,%22value%22:%22da7a5d89-55d6-435e-840d-6d173d92a969%22}] Requested by Host: moevideo.biz URL: https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.103.13 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f47.moevideo.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:01 GMT Server nginx Connection keep-alive Content-Length 0 X-My-Reqtime 0.000
GET H/1.1	200 OK	set Show response cs-0.moevideo.biz/api/cookie/ Frame E213	0 332 B	192ms 57ms	Script text/plain	92.223.106.20 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%228000c9ede62382490c93%22},{%22key%22:%22mvsid%22,%22value%22:%22da7a5d89-55d6-435e-840d-6d173d92a969%22}] Requested by Host: moevideo.biz URL: https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.106.20 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f60.moevideo.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx Connection keep-alive Content-Length 0 X-My-Reqtime 0.001
GET H/1.1	200 OK	set Show response playreplay.net/api/cookie/ Frame E213	0 332 B	196ms 55ms	Script text/plain	5.188.150.28 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%228000c9ede62382490c93%22},{%22key%22:%22mvsid%22,%22value%22:%22da7a5d89-55d6-435e-840d-6d173d92a969%22}] Requested by Host: moevideo.biz URL: https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.188.150.28 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx Connection keep-alive Content-Length 0 X-My-Reqtime 0.001
GET H2	200	/ kraken.rambler.ru/cnt/v2/ Frame DFFB	43 B 487 B	55ms 54ms	Image image/gif	81.19.89.18 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6579761&session_id=0_0&session_number=0&session_event_number=0&version=3.13.20&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6579761.1744105385.1682394661084&fingerprint=pA8AAENKs1c8BYrjAUflKAA%3D&fingerprint_ip=pA8AAENKs1d8LPZCAUFqkAA%3D&url=https%3A%2F%2Fbazr.ru%2Fplayer%3FplaylistId%3D35603%26v1.0.1.1&request_id=1682394661.078-801646282&event_id=816046616473253&meta=%7B%22title%22%3A%22%D0%9F%D0%BB%D0%B5%D0%B5%D1%802%22%2C%22referer%22%3A%22https%3A%2F%2Fgdz.fun%2F%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%22600x340%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%220%22%7D&rn=170754700 Requested by Host: bazr.ru URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:01 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.19.4 x-srv 2kraken-prod0002.ad.rambler.tech access-control-allow-methods GET, POST, OPTIONS content-type image/gif, image/gif p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" cache-control no-cache access-control-allow-credentials true access-control-allow-headers content-type content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 8E64	42 B 64 B	121ms 57ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoEQ9E_Hxjt5DRp3tGmoq6IKd9Bk3Gbd3egoUi5j-aq0dq8wDKuLeWR2f8T451lTJ1PUmGelANRpDjNjTSTDHuEk_4Izh5FO8sPufr5So_Yec0em45b4aovQohMwmJ5a117qrM4Q&sai=AMfl-YT9UBQudYqEAlQEib0rr-77K0N6ynDj3u6onp2YGFoIJv4fIqjK103t5-88g93mnRe7rOrT_DhcPatN&sig=Cg0ArKJSzKcRw8F0opCrEAE&cid=CAQSGwBygQiD0pnvtLwfpsnkP1myY2V3SpXdwbB3ZxgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=933,1000,1000,1000,1000&tos=933,67,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682394659438&rpt=1395&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:01 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	3930 Show response ad.mail.ru/vast/ Frame DFFB	0 356 B	245ms 63ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/3930 Requested by Host: adverdata.net URL: https://adverdata.net/0x200/04cde9ff880/0x2.js?t=1682394660439 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://bazr.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://bazr.ru Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	storage.html Show response moe.video/ Frame 9E1B	18 KB 6 KB	221ms 77ms	Document text/html	92.38.138.108 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moe.video/storage.html?v=08 Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.38.138.108 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f49.moevideo.net Software nginx / Resource Hash 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660 Request headers Referer https://moevideo.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 25 Apr 2023 03:51:02 GMT ETag W/"63d27cca-4783" Last-Modified Thu, 26 Jan 2023 13:14:50 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-B-Name f49 X-My-Name s150 X-My-Reqtime 0.023
GET DATA	200 OK	truncated / Frame E213	313 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 589C	42 B 64 B	58ms 57ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVHZrIwTD6nZf8l8DUlVb1TgqFq7ZNlCPOnC6_Spve_DKYsKHBPN6DbyHj6VmaCwXkTQc9kY1yPIkJKkYUWBlfxt1KwLeyWVRSnTPiueF-LnOIWOAgfFBkMXfKULVfE3-AzDulRw&sai=AMfl-YSX6cDcM9YhpIkKDRSJ3AaE7WdprP9nCr38WItqKmpH0V8o1XQMGYGryuE-0BmolwYE1CvibfPQqFhd&sig=Cg0ArKJSzKn7q7oXZnRDEAE&cid=CAQSGwBygQiD0pnvtLwfpsnkP1myY2V3SpXdwbB3ZxgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682394659435&rpt=1336&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:02 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	762055.png Show response 204.adverdata.net/200/1/images/ Frame DFFB	246 B 445 B	60ms 60ms	Fetch application/json	91.218.228.87 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://204.adverdata.net/200/1/images/762055.png?res=24&version=85&aA=170&size=52x153&ver=3.25&format=6&colors=24 Requested by Host: adverdata.net URL: https://adverdata.net/0x200/04cde9ff880/0x2.js?t=1682394660439 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.87 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.15.8 / Resource Hash 201a2738c602ab8a42e0de0f3ac53f406ded728277ee9b2265aca30989bdf514 Security Headers Name Value Strict-Transport-Security max-age=0; Request headers Referer https://bazr.ru/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 content-type application/x-www-form-urlencoded Response headers x-response-time 6ms date Tue, 25 Apr 2023 03:51:02 GMT strict-transport-security max-age=0; content-encoding gzip server nginx/1.15.8 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://bazr.ru access-control-allow-credentials true
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 1974	42 B 64 B	58ms 57ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzRJwbUr9C1AxvcLnY_7MzeWS8xD_eS4SkfhaOOHh8RfHe_xLlxM52Vl7E77Hu_jx6HQta1ZBrup1iQTwsUEp0lpvfpXtYy5tEzLe16GrCkt7SswWjcTo43m--WXQZ67_qQxbBRw&sai=AMfl-YSqn513JWSw2ix9AaS9LtozCF7izlOvruFk_5ZqQcZTe0tLVQvElrOhnEW5OwuK2-scRxHH58D-Ce4H&sig=Cg0ArKJSzITkt-FReA3MEAE&cid=CAQSGwBygQiDGHQ8Rm5cqJFsdSal4v5LLiqPbf6ENxgB&id=lidar2&mcvt=1011&p=0,0,280,900&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=29863360&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682394658997&rpt=2171&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:02 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame F216	42 B 64 B	57ms 56ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsue1d2uWJWTYEN2_z64wgNb1SOJ_MPIlZO_-hKwoWomVaMKNQwWGu3eMAErv4TXcO6-hV6uSC7EwTYiKnQ00qnriSfcec5yNKPKpvPM8ctep70ZcaO24hMiqGWCp-n2P6rLBwFdKQ&sai=AMfl-YQNfvCEp2t9dVekOichgVMB30Xl-lS-4bmpPMGyI65brF8erf88KR0DbmhhSIVKB7yR_Ts3GpSdRNSP&sig=Cg0ArKJSzIGK-jjmzuxPEAE&cid=CAQSGwBygQiD6sOp7WObJV5bNHMRjzx-1Vu2bbzm3xgB&id=lidar2&mcvt=1012&p=0,0,280,900&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4059467728&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682394658907&rpt=2236&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:02 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0F8E	42 B 64 B	56ms 56ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKZd9VLubxOUxMKl29USLI0zfLDp2SiP0UdF3UYesYmfEpM31JEn1N3d_1SXD0EbDix1qJCnEkDdQcIm-S-YsyZlNQC-2EhdXAIFQGnQM-1VPuuPXlKScf1HJWitdQ6rrvnpRR7A&sai=AMfl-YSsWSyJIwPfAEo8fyR2UQ7S-kM8JDQtLuK1UQ7WVAuVf9SfnRZXl-ivMiYc9QXtQffdw5qDgZlg9Jal&sig=Cg0ArKJSzIn5pFJusyPmEAE&cid=CAQSGwBygQiDKuUzYbGuUI5lZ4-bnApSFj0jT-C8QRgB&id=lidar2&mcvt=1014&p=0,0,600,300&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4043957354&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682394659007&rpt=2177&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:02 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H/1.1	204 No Content	auction_multi am-0.moevideo.biz/ssp/ Frame	0 0	199ms 57ms	Preflight	92.223.103.115 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://am-0.moevideo.biz/ssp/auction_multi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.103.115 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f3.moevideo.net Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://moevideo.biz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Connection keep-alive Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx
POST H/1.1	200 OK	auction_multi Show response am-0.moevideo.biz/ssp/ Frame E213	2 B 470 B	206ms 206ms	Fetch application/json	92.223.103.115 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://am-0.moevideo.biz/ssp/auction_multi Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.103.115 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f3.moevideo.net Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type application/json Response headers Pragma no-cache Date Tue, 25 Apr 2023 03:51:02 GMT X-Balancer-Name f3 Last-Modified Tue, 25 Apr 2023 03:51:02 GMT Server nginx Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://moevideo.biz X-B-Name f3 Cache-Control no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 Expires Thu, 19 Feb 1998 13:24:18 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame E213	49 KB 20 KB	68ms 19ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: moevideo.biz URL: https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 25 Apr 2023 02:35:44 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 4518 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Tue, 25 Apr 2023 04:35:44 GMT
GET H/1.1	200 OK	ads-async.js Show response ad.mail.ru/static/ Frame E213	193 B 502 B	262ms 58ms	Script application/javascript	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/static/ads-async.js Requested by Host: moevideo.biz URL: https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash 1f6b3955ed549424aa8c570c649df14d93319c84d44e8bbb96215d7062cea85a Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type application/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=600 Connection keep-alive Timing-Allow-Origin * Expires Tue, 25 Apr 2023 04:01:02 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	69ms 68ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230420&st=env Requested by Host: gdz.fun URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a0c35623fc6e239868305a5a41bdeb3da39acb9d3bd4d83a1f12b746506d6fcc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:02 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11202 x-xss-protection 0
GET H/1.1	200 OK	storage.html Show response moe.video/ Frame DF75	18 KB 6 KB	60ms 60ms	Document text/html	92.38.138.108 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moe.video/storage.html?v=08 Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.38.138.108 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f49.moevideo.net Software nginx / Resource Hash 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660 Request headers Referer https://moevideo.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 25 Apr 2023 03:51:02 GMT ETag W/"63d27ce8-4783" Last-Modified Thu, 26 Jan 2023 13:15:20 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-B-Name f49 X-My-Name s193 X-My-Reqtime 0.004
GET H/1.1	200 OK	storage.html Show response moe.video/ Frame E5ED	18 KB 6 KB	136ms 76ms	Document text/html	92.38.138.108 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moe.video/storage.html?v=08 Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.38.138.108 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f49.moevideo.net Software nginx / Resource Hash 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660 Request headers Referer https://moevideo.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 25 Apr 2023 03:51:02 GMT ETag W/"63d27ccc-4783" Last-Modified Thu, 26 Jan 2023 13:14:52 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-B-Name f49 X-My-Name s153 X-My-Reqtime 0.022
GET H2	200	instreamr_wl1_legalcontent Show response relap.mail.ru/vast/ Frame E213	95 B 1 KB	301ms 61ms	XHR application/xml	95.163.43.46 VK-AS
General Check archive.org Show headers Download Go to Full URL https://relap.mail.ru/vast/instreamr_wl1_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS relap.io Software nginx / Resource Hash 7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978 Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:02 GMT strict-transport-security max-age=5184000; includeSubdomains; x-content-type-options nosniff server nginx vary Origin access-control-max-age 1728000 content-type application/xml access-control-allow-origin https://moevideo.biz access-control-allow-methods GET, POST, DELETE, PUT, OPTIONS, PATCH access-control-allow-credentials true x-server vast33 access-control-allow-headers Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID content-length 95 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	200	instreamr_spec_wl1_legalcontent Show response relap.mail.ru/vast/ Frame E213	95 B 1 KB	300ms 62ms	XHR application/xml	95.163.43.46 VK-AS
General Check archive.org Show headers Download Go to Full URL https://relap.mail.ru/vast/instreamr_spec_wl1_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS relap.io Software nginx / Resource Hash 7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978 Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:02 GMT strict-transport-security max-age=5184000; includeSubdomains; x-content-type-options nosniff server nginx vary Origin access-control-allow-methods GET, POST, DELETE, PUT, OPTIONS, PATCH content-type application/xml access-control-allow-origin https://moevideo.biz access-control-max-age 1728000 access-control-allow-credentials true x-server vast43 access-control-allow-headers Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID content-length 95 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H/1.1	200 OK	389706 Show response ad.mail.ru/vast/ Frame E213	61 B 414 B	103ms 87ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/389706?pr=8643573&sc=86511&dl=bazr.ru Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778 Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	erle.cgi Show response ad.adriver.ru/cgi-bin/ Frame E213 Redirect Chain https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=1875650&tail256=bazr.ru https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=1875650&tail256=bazr.ru&tuid=-4887608144	142 B 863 B	140ms 67ms	XHR text/xml	195.209.108.45 ADRIVER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=1875650&tail256=bazr.ru&tuid=-4887608144 Protocol HTTP/1.1 Server 195.209.108.45 , Russian Federation, ASN52007 (ADRIVER-AS, RU), Reverse DNS Software / Resource Hash c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 Apr 2023 03:51:02 GMT Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz P3P policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA" Cache-control no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store Access-Control-Allow-Credentials true Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 25 Apr 2023 03:51:02 GMT Transfer-Encoding chunked P3P policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA Content-Type text/html Location /cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=1875650&tail256=bazr.ru&tuid=-4887608144 Cache-control no-cache, max-age=0, must-revalidate, no-store Access-Control-Allow-Credentials true Access-Control-Allow-Origin https://moevideo.biz Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:02 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 25 Apr 2023 03:51:02 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9617	13 KB 5 KB	21ms 20ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 38070 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 24 Apr 2023 17:16:32 GMT expires Tue, 23 Apr 2024 17:16:32 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame C555	783 B 1 KB	153ms 81ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7a96b537c86e4d9e45f9fbca3e6ad503a29d0075a388206d9a855b526f98ffc7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-LH1zGns4olJt_OgV51TmLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-LH1zGns4olJt_OgV51TmLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 25 Apr 2023 03:51:02 GMT expires Tue, 25 Apr 2023 03:51:02 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response pagead2.googlesyndication.com/bg/ Frame 9617	36 KB 14 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Mon, 24 Apr 2023 18:20:47 GMT content-encoding br x-content-type-options nosniff age 34215 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14209 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 23 Apr 2024 18:20:47 GMT
GET H/1.1	200 OK	storage.html Show response moe.video/ Frame 5A82	18 KB 6 KB	76ms 75ms	Document text/html	92.38.138.108 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moe.video/storage.html?v=08 Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.38.138.108 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f49.moevideo.net Software nginx / Resource Hash 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660 Request headers Referer https://moevideo.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 25 Apr 2023 03:51:02 GMT ETag W/"63d27cd9-4783" Last-Modified Thu, 26 Jan 2023 13:15:05 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-B-Name f49 X-My-Name s167 X-My-Reqtime 0.019
GET H2	200	cs rtb.moe.video/ Frame E213 Redirect Chain https://moevideo-sync.rutarget.ru/sync https://rtb.moe.video/cs?b=w94xJ5EARZ8M&d=1	0 191 B	162ms 45ms	Image text/plain	94.26.231.114 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.moe.video/cs?b=w94xJ5EARZ8M&d=1 Protocol H2 Server 94.26.231.114 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:02 GMT strict-transport-security max-age=15724800; includeSubDomains content-length 0 version v1.2.0 Redirect headers Location https://rtb.moe.video/cs?b=w94xJ5EARZ8M&d=1 Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx Connection close Content-Length 0 P3P CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
GET H2	204	match dm-eu.hybrid.ai/ Frame E213	0 281 B	65ms 16ms	Image text/plain	37.230.131.22 HYBRID-POLAND
General Check archive.org Show headers Download Go to Show image Full URL https://dm-eu.hybrid.ai/match?id=117 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.230.131.22 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:02 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin https://moevideo.biz cache-control no-cache, no-store access-control-allow-credentials true x-mode 519 x-xss-protection 1; mode=block expires -1
GET H2	200	moevideo px.adhigh.net/p/cm/ Frame E213 Redirect Chain https://px.adhigh.net/p/cm/moevideo https://px.adhigh.net/p/cm/moevideo?bounced=1	49 B 326 B	59ms 58ms	Image image/gif	194.190.76.41 UMA-TECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.adhigh.net/p/cm/moevideo?bounced=1 Protocol H2 Server 194.190.76.41 , Russian Federation, ASN48061 (UMA-TECH-AS, RU), Reverse DNS smtp1.senders.rutube.ru Software nginx / Resource Hash d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:02 GMT server nginx x-backend-id f11-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin * content-type image/gif cache-control no-cache, no-store access-control-allow-credentials true content-length 49 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 25 Apr 2023 03:51:02 GMT server nginx x-backend-id f11-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin * location https://px.adhigh.net/p/cm/moevideo?bounced=1 cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	/ sync.bumlam.com/ Frame E213 Redirect Chain https://sync.bumlam.com/?src=moe2&uid=8000c9ede62382490c93 https://sync.bumlam.com/?src=moe2&s_data=CAIQARimnJ2iBmIUODAwMGM5ZWRlNjIzODI0OTBjOTOiARBl2kLU4xwR7YbgACWQwGR8	43 B 552 B	21ms 21ms	Image image/gif	31.172.81.159 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bumlam.com/?src=moe2&s_data=CAIQARimnJ2iBmIUODAwMGM5ZWRlNjIzODI0OTBjOTOiARBl2kLU4xwR7YbgACWQwGR8 Protocol HTTP/1.1 Server 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/gif Date Tue, 25 Apr 2023 03:51:02 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Length 43 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Redirect headers Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx ETag 65da42d4-e31c-11ed-86e0-002590c0647c P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location //sync.bumlam.com/?src=moe2&s_data=CAIQARimnJ2iBmIUODAwMGM5ZWRlNjIzODI0OTBjOTOiARBl2kLU4xwR7YbgACWQwGR8 Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Connection keep-alive Content-Length 0
GET H/1.1	200 OK	rle.cgi ad.adriver.ru/cgi-bin/ Frame E213 Redirect Chain https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570 https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5749142833	42 B 581 B	69ms 69ms	Image image/gif	195.209.108.45 ADRIVER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5749142833 Protocol HTTP/1.1 Server 195.209.108.45 , Russian Federation, ASN52007 (ADRIVER-AS, RU), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 Apr 2023 03:51:02 GMT Transfer-Encoding chunked P3P policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA" Content-Type image/gif Cache-control no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 25 Apr 2023 03:51:02 GMT Transfer-Encoding chunked P3P policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA Content-Type text/html Location /cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5749142833 Cache-control no-cache, max-age=0, must-revalidate, no-store Access-Control-Allow-Credentials true Access-Control-Allow-Origin * Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	cs cs-0.moevideo.biz/ssp/ Frame E213 Redirect Chain https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D https://cs-0.moevideo.biz/ssp/cs?d=81&b=c014ae8e-b654-49bc-59dd-e44ca12d6083	36 B 208 B	80ms 79ms	Image image/gif	92.223.106.20 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://cs-0.moevideo.biz/ssp/cs?d=81&b=c014ae8e-b654-49bc-59dd-e44ca12d6083 Protocol HTTP/1.1 Server 92.223.106.20 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f60.moevideo.net Software nginx / Resource Hash 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx Connection keep-alive Content-Length 36 Content-Type image/gif Redirect headers location https://cs-0.moevideo.biz/ssp/cs?d=81&b=c014ae8e-b654-49bc-59dd-e44ca12d6083 date Tue, 25 Apr 2023 03:51:02 GMT server nginx content-length 115 serverid TODO content-type text/html; charset=utf-8
GET H/1.1	200 OK	cs cs-0.moevideo.biz/ssp/ Frame E213 Redirect Chain https://sync.upravel.com/moevideo/sync https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ https://cs-0.moevideo.biz/ssp/cs?d=91&b=96114934-d084-4460-bbfc-2415d6d75710	36 B 208 B	174ms 82ms	Image image/gif	92.223.106.20 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://cs-0.moevideo.biz/ssp/cs?d=91&b=96114934-d084-4460-bbfc-2415d6d75710 Protocol HTTP/1.1 Server 92.223.106.20 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f60.moevideo.net Software nginx / Resource Hash 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx Connection keep-alive Content-Length 36 Content-Type image/gif Redirect headers date Tue, 25 Apr 2023 03:51:02 GMT server nginx access-control-allow-methods GET, POST, OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cs-0.moevideo.biz/ssp/cs?d=91&b=96114934-d084-4460-bbfc-2415d6d75710 access-control-allow-origin * content-type image/png access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials false access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range content-length 0
GET H2	204	moevideo sync.dmp.otm-r.com/match/ Frame E213	0 68 B	112ms 110ms	Image text/plain	195.201.152.104 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.dmp.otm-r.com/match/moevideo Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.152.104 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.104.152.201.195.clients.your-server.de Software nginx/1.17.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-origin * date Tue, 25 Apr 2023 03:51:02 GMT server nginx/1.17.6
GET H/1.1	204 No Content	myvideo-sync rtb.com.ru/ Frame E213	0 110 B	189ms 54ms	Image text/plain	83.222.114.186 MNOGOBYTE-AS Moscow
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.com.ru/myvideo-sync?uid=8000c9ede62382490c93 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 83.222.114.186 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Connection keep-alive Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx/1.18.0
GET H/1.1	200 OK	cs cs-0.moevideo.biz/ssp/ Frame E213 Redirect Chain https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D&crf=1 https://cs-0.moevideo.biz/ssp/cs?d=161&b=c21bf223-7fd8-5273-82ed-b87fe6aaf659	36 B 208 B	155ms 155ms	Image image/gif	92.223.106.20 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://cs-0.moevideo.biz/ssp/cs?d=161&b=c21bf223-7fd8-5273-82ed-b87fe6aaf659 Protocol HTTP/1.1 Server 92.223.106.20 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f60.moevideo.net Software nginx / Resource Hash 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx Connection keep-alive Content-Length 36 Content-Type image/gif Redirect headers location https://cs-0.moevideo.biz/ssp/cs?d=161&b=c21bf223-7fd8-5273-82ed-b87fe6aaf659 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H3	204	collect dx.frontend.weborama.com/ Frame E213 Redirect Chain https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/native%3Fid%3Dmv-content-roll-3779%26slot%3Dcontent%26api%3D2.0%26ref%3Dbazr.ru%26frp%3DaHR0cHM6Ly9iYXpyLnJ1L3BsYXll... https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-3779%26slot%3Dcontent%26api%3D2.0%26ref%3Dbazr.ru%26frp%3DaHR0cHM6Ly9iYXpyLnJ1L3... https://rd.frontend.weborama.fr/rd?key=wamsync https://rd.frontend.weborama.fr/rd?key=wamsync&bounce=1&random=2828828560 https://dx.frontend.weborama.com/collect?dsp_id=0&eid=PjIjLmyS34I@	0 17 B	20ms 19ms	Image text/plain	34.111.205.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dx.frontend.weborama.com/collect?dsp_id=0&eid=PjIjLmyS34I@ Protocol H3 Server 34.111.205.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.205.111.34.bc.googleusercontent.com Software Weborama Collect Frontend / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:02 GMT via 1.1 google last-modified Tue, 25 Apr 2023 03:51:02 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 03 Jul 2001 06:00:00 GMT Redirect headers pragma no-cache date Tue, 25 Apr 2023 03:51:02 GMT via 1.1 google last-modified Tue, 25 Apr 2023 03:51:02 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" location https://dx.frontend.weborama.com/collect?dsp_id=0&eid=PjIjLmyS34I@ access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H/1.1	403 Forbidden	cs cs-0.moevideo.biz/ssp/ Frame E213 Redirect Chain https://match.new-programmatic.com/userbind?src=moevideo&id=8000c9ede62382490c93 https://cs-0.moevideo.biz/ssp/cs?d=111&b==	0 0	87ms 57ms	Image text/html	92.223.106.20 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://cs-0.moevideo.biz/ssp/cs?d=111&b== Protocol HTTP/1.1 Server 92.223.106.20 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f60.moevideo.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Redirect headers Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx/1.22.1 Vary Origin Access-Control-Allow-Origin * Location https://cs-0.moevideo.biz/ssp/cs?d=111&b== Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H/1.1	200 OK	1px-matching-go2net.gif m.trafmag.com/images/ Frame E213 Redirect Chain https://inv-nets.admixer.net/adxcm.aspx?ssp=03012A8F-9C5C-4F0A-B5C5-EF2E17D61EBD&id=8000c9ede62382490c93 https://m.trafmag.com/images/1px-matching-go2net.gif?id=e8e655f9563e4027b5de52545de2f1c3	35 B 351 B	163ms 15ms	Image image/gif	193.200.65.6 GIVEME-CLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://m.trafmag.com/images/1px-matching-go2net.gif?id=e8e655f9563e4027b5de52545de2f1c3 Protocol HTTP/1.1 Server 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL), Reverse DNS adforce.team Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/gif Date Tue, 25 Apr 2023 03:51:02 GMT Server nginx Connection keep-alive Content-Length 35 P3P CP="NON DSP COR CURa TIA" Redirect headers date Tue, 25 Apr 2023 03:51:02 GMT server nginx p3p CP="NID DSP ALL COR" access-control-allow-origin * location https://m.trafmag.com/images/1px-matching-go2net.gif?id=e8e655f9563e4027b5de52545de2f1c3 access-control-allow-credentials true keep-alive timeout=25 content-length 0 x-xss-protection 0
GET H2	404	UiZKDDHeTxeJb40oMVL2Wg an.yandex.ru/setud/mts_banner/ Frame E213 Redirect Chain https://kimberlite.io/rtb/sync/moevideo?u=8000c9ede62382490c93 https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fweborama%3Fu%3D%7BWEBO_CID%7D%26f%3Dhttps%253A%252F%252Fcs-0.moevideo.biz%252Fssp%252Fcs%253Fd%253D201%2526b%... https://kimberlite.io/rtb/sync/weborama?u=rYdK4s0HaqRgBcUvt/TjPe&f=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D201%26b%3DZEdOJjIeG-s&n=1 https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZEdOJjIeG-s https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZEdOJjIeG-s https://tech.rtb.mts.ru/?dsp_uid=52264a0c-31de-4f17-896f-8d283152f65a&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FUiZKDDHeTxeJb40oMVL2Wg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts... https://an.yandex.ru/setud/mts_banner/UiZKDDHeTxeJb40oMVL2Wg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1663480042	43 B 392 B	200ms 70ms	Image image/gif	2a02:6b8::90
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/setud/mts_banner/UiZKDDHeTxeJb40oMVL2Wg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1663480042 Protocol H2 Server 2a02:6b8::90 -, , ASN (), Reverse DNS Software / Resource Hash ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Tue, 25 Apr 2023 03:51:03 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 25 Apr 2023 03:51:03 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=windows-1251 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 25 Apr 2023 03:51:03 GMT Redirect headers Date Tue, 25 Apr 2023 03:51:03 GMT Server nginx/1.20.2 Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=utf-8 Location https://an.yandex.ru/setud/mts_banner/UiZKDDHeTxeJb40oMVL2Wg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1663480042 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET H2	200	moevideo_direct_ssp sync.dsp.solta.io/match/ Frame E213	43 B 158 B	176ms 55ms	Image image/gif	185.40.31.214 NETRACK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.dsp.solta.io/match/moevideo_direct_ssp?id=8000c9ede62382490c93 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.40.31.214 Tula, Russian Federation, ASN61400 (NETRACK-AS, RU), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload server nginx content-length 43 content-type image/gif
GET H/1.1	200 OK	cs cs-0.moevideo.biz/ssp/ Frame E213 Redirect Chain https://sm.rtb.mts.ru/p?ssp=moevideo&id=8000c9ede62382490c93 https://sm.rtb.mts.ru/match/second?ssp=22&exu=8000c9ede62382490c93 https://tech.rtb.mts.ru/?dsp_uid=52264a0c-31de-4f17-896f-8d283152f65a&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%... https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D22%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D https://sm.rtb.mts.ru/em?next=22&em=1&ssp=konnektu&id= https://cs-0.moevideo.biz/ssp/cs?d=121&b=52264a0c-31de-4f17-896f-8d283152f65a	36 B 208 B	81ms 81ms	Image image/gif	92.223.106.20 EDGECENTERLLC
General Check archive.org Show headers Download Go to Show image Full URL https://cs-0.moevideo.biz/ssp/cs?d=121&b=52264a0c-31de-4f17-896f-8d283152f65a Protocol HTTP/1.1 Server 92.223.106.20 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f60.moevideo.net Software nginx / Resource Hash 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 25 Apr 2023 03:51:03 GMT Server nginx Connection keep-alive Content-Length 36 Content-Type image/gif Redirect headers Date Tue, 25 Apr 2023 03:51:03 GMT Server nginx Vary Origin Access-Control-Allow-Methods HEAD,GET,POST,PUT,DELETE,OPTIONS Access-Control-Allow-Origin * Location https://cs-0.moevideo.biz/ssp/cs?d=121&b=52264a0c-31de-4f17-896f-8d283152f65a Cache-Control no-store, no-cache, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	4BAF3D.js Show response r.mradx.net/img/3F/ Frame E213	190 KB 57 KB	219ms 106ms	Script application/javascript	2a00:1148:db00::28 VK-AS
General Check archive.org Show headers Download Go to Full URL https://r.mradx.net/img/3F/4BAF3D.js Requested by Host: ad.mail.ru URL: https://ad.mail.ru/static/ads-async.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a00:1148:db00::28 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash 5d9d9bc4c508fdee4f64438e24996aa8535fbb3ca082746e88d99a00d43e8287 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Content-Encoding gzip Last-Modified Mon, 24 Apr 2023 11:58:41 GMT Server nginx ETag W/"64466ef1-2f7c1" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Timing-Allow-Origin * Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame C555	0 0	53ms 53ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230420&jk=2167677448698496&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 9617	0 10 B	20ms 19ms	Image text/plain	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?tFoQJQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:02 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	myvideo-vast Show response adx.com.ru/ Frame E213	60 B 388 B	323ms 61ms	XHR text/xml	83.222.117.2 MNOGOBYTE-AS Moscow
General Check archive.org Show headers Download Go to Full URL https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Fbazr.ru%2F&uid=&vpaid=false&rolltype=outstream Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 83.222.117.2 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU), Reverse DNS Software nginx/1.22.0 / Resource Hash 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:03 GMT server nginx/1.22.0 p3p CP="adx.com.ru does not have a P3P policy" access-control-allow-origin https://moevideo.biz content-type text/xml; charset=utf-8 cache-control max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate access-control-allow-credentials true content-length 60
GET H/1.1	200 OK	980546 Show response ad.mail.ru/vast/ Frame E213	60 B 413 B	71ms 70ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/980546?pr=6939961&sc=86511&dl=https%3A%2F%2Fbazr.ru%2F Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	726513 Show response ad.mail.ru/vast/ Frame E213	59 B 412 B	59ms 59ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/726513?dl=bazr.ru Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	1151494 Show response ad.mail.ru/vast/ Frame E213	60 B 413 B	131ms 72ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1151494?pr=5971220&sc=86511&dl=bazr.ru Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	389706 Show response ad.mail.ru/vast/ Frame E213	61 B 414 B	135ms 69ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/389706?pr=2481310&sc=86511&dl=bazr.ru Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778 Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	993463 Show response ad.mail.ru/vast/ Frame E213	60 B 413 B	165ms 64ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/993463?rand=5053388&sc=86511&dl=moevideo.biz Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:02 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	vkAuth.html Show response ad.mail.ru/dist/ Frame EBBA	523 B 802 B	57ms 57ms	Document text/html	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/dist/vkAuth.html Requested by Host: r.mradx.net URL: https://r.mradx.net/img/3F/4BAF3D.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82 Request headers Referer https://moevideo.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control max-age=600 Connection keep-alive Content-Length 523 Content-Type text/html;charset=UTF-8 Date Tue, 25 Apr 2023 03:51:03 GMT Expires Tue, 25 Apr 2023 04:01:03 GMT Server nginx Timing-Allow-Origin *
GET H/1.1	200 OK	/ Show response ad.mail.ru/adq/ Frame E213	83 B 762 B	63ms 63ms	Script application/x-javascript	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/adq/?callback=mailru_ad1682394663215&q=199847&vk=0&containerWidth=600&containerHeight=338&last_shown_ids=&_=301022692 Requested by Host: r.mradx.net URL: https://r.mradx.net/img/3F/4BAF3D.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash d5492109ea7758801197b5244ca901c798453fd17c79c09a8b032dbf1857519a Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:03 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT" Content-Type application/x-javascript; charset=utf-8 Cache-Control private, no-cache, no-store Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	1061630 Show response ad.mail.ru/vast/ Frame E213	59 B 412 B	61ms 60ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1061630?pr=6612797&sc=86511&dl=https%3A%2F%2Fbazr.ru%2F Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:03 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	389706 Show response ad.mail.ru/vast/ Frame E213	59 B 412 B	55ms 54ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/389706?pr=4641869&sc=86511&dl=moevideo.biz Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:03 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	1078843 Show response ad.mail.ru/vast/ Frame E213	59 B 412 B	61ms 59ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1078843?dl=bazr.ru Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:03 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	362146 Show response ad.mail.ru/vast/ Frame E213	59 B 412 B	55ms 54ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/362146?rand=7584527&sc=86511&dl=moevideo.biz Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:03 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H2	200	instreamr_wl4_legalcontent Show response relap.mail.ru/vast/ Frame E213	95 B 732 B	85ms 82ms	XHR application/xml	95.163.43.46 VK-AS
General Check archive.org Show headers Download Go to Full URL https://relap.mail.ru/vast/instreamr_wl4_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS relap.io Software nginx / Resource Hash 7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978 Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:03 GMT strict-transport-security max-age=5184000; includeSubdomains; x-content-type-options nosniff server nginx vary Origin access-control-allow-methods GET, POST, DELETE, PUT, OPTIONS, PATCH content-type application/xml access-control-allow-origin https://moevideo.biz access-control-max-age 1728000 access-control-allow-credentials true x-server vast20 access-control-allow-headers Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID content-length 95 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	200	openapi.js Show response vk.com/js/api/ Frame EBBA	104 KB 23 KB	87ms 87ms	Script application/x-javascript	87.240.132.78 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/js/api/openapi.js?169 Requested by Host: ad.mail.ru URL: https://ad.mail.ru/dist/vkAuth.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv78-132-240-87.vk.com Software kittenx / Resource Hash 2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e Request headers accept-language nl-NL,nl;q=0.9 Referer https://ad.mail.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:03 GMT content-encoding br x-frontend front225205 last-modified Fri, 02 Dec 2022 07:14:40 GMT server kittenx etag "6389a5e0-5b16" content-type application/x-javascript access-control-expose-headers X-Frontend cache-control max-age=345600 content-length 23318 expires Sat, 29 Apr 2023 03:51:03 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	56ms 56ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230420&jk=2167677448698496&bg=!jo2ljdnNAAYfNdXmPzU7ADkAdvg8WsdTBMQNUfb1jnRAFxGZIHPaRnZEFmnbFcSb5fCgkBK43V3QIRH8i_yoU3PkGkHkqsDeofgCAAAArlIAAAALaAEHmQLiKsHZK4p_1Godk9v-ZOjkoom3tfhRpMl4_z4dFyvmsMGZYsOWjaTl2BGRTde5jMk_nakTddGMV3ILUPKglard7UfWv16UWrJSGCqB2XL5EBfJJcmgSMUjUT4CBSRrvUcC6iGu86lqn-BXgB5NgRQcVOp7_oV69Po5lgTlsojU1l8DgBIBoKP4b0Ncn5up9RtsQIBuO8uu1I7I_bwFLEoeiy6IH0rWIXzYkg-3WW2fOiDfc-yxtLrmmKbL4VCb6D5iYoq84z6vuHvaEi7FX98R_2gubeAAZhZa7PvSbhfYLj4mYh7v1u0oli4lkTlM8FyY_UJIg52sLCPOmj8wl6hxSozqRUd9OAJRVsQSEBoy9NOtGo5dOUOb3eNFBigeDzjscIwFfKXiP1uLcu8VsvD95HxYVLj-tjtbwlGjJeSbWYYPvWB7mhTeCU7XhUWo3WnfarvxwLaKqe-OlR-sGF7jwxIk_tWVyrPcebjV8HtCNIrmXMin2VVUKbPc7ct4BUY6EWl5_a8SJQZqGR8o8SHX3STdn6KD4CPTkln-EtuRYlRILVAwvF4vRsThANZCLMoNCWtwaZxz4HIYEQPUTqKVWD0cIez42JiUYLQddw8a5bXwiAx5lLlQZ2VPGFuhLynotwZH_0y5FYNSknqOar9BS0_dtTEgofLpofPl1KOJS2rMT9fHMYbKlrXIFqHQS3lWZHluQMrMXem6zCl6-Rr6bygwsAeM0TdWSOBip5t7738il5F1XW9Q_XhrLimYJvtmy0KgZ4P4M_-4f8kY8otMpx02kY_K1rI4v2vKrU0jxCRqHvWenknksLiPAT0ARrlawnepg1PUj5IqOOhHiyPNP7z6LL85hJcKetf62GGx0TtH-PzfB2s28Nbe4joB5SC5EIq-0yqMfH4eGtNxJmyhpH435n87dSR5OHYQHL8s3qOCB1IRhI9NL4FgvsOaf-MSE9B8rMkALrjM51H-I7nG4bhO Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H2	200	/ Show response login.vk.com/ Frame EBBA	27 B 728 B	189ms 51ms	XHR text/html	87.240.129.181
General Check archive.org Show headers Download Go to Full URL https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1 Requested by Host: vk.com URL: https://vk.com/js/api/openapi.js?169 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.129.181 -, , ASN (), Reverse DNS Software kittenx / KPHP/7.4.113700 Resource Hash 52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ad.mail.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:03 GMT content-encoding gzip strict-transport-security max-age=15768000 server kittenx x-powered-by KPHP/7.4.113700 access-control-allow-methods GET p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type text/html; charset=windows-1251 access-control-allow-origin https://ad.mail.ru cache-control no-store access-control-allow-credentials true content-length 41
GET H2	200	instreamr_spec_wl4_legalcontent Show response relap.mail.ru/vast/ Frame E213	95 B 733 B	74ms 74ms	XHR application/xml	95.163.43.46 VK-AS
General Check archive.org Show headers Download Go to Full URL https://relap.mail.ru/vast/instreamr_spec_wl4_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS relap.io Software nginx / Resource Hash 7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978 Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:03 GMT strict-transport-security max-age=5184000; includeSubdomains; x-content-type-options nosniff server nginx vary Origin access-control-max-age 1728000 content-type application/xml access-control-allow-origin https://moevideo.biz access-control-allow-methods GET, POST, DELETE, PUT, OPTIONS, PATCH x-server vast31 access-control-allow-credentials true access-control-allow-headers Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID content-length 95 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H/1.1	200 OK	726513 Show response ad.mail.ru/vast/ Frame E213	59 B 412 B	60ms 60ms	XHR text/xml	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/726513?pr=8478857&sc=86511&dl=https%3A%2F%2Fbazr.ru%2F Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers Accept */* Referer https://moevideo.biz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:03 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/xml Access-Control-Allow-Origin https://moevideo.biz Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	native Show response moevideo.biz/ Frame E213	39 KB 16 KB	171ms 170ms	Document text/html	92.223.103.13 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/js/mvpt.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.103.13 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f47.moevideo.net Software nginx / PHP/5.5.38 Resource Hash da2274b22679a72b9af56af52311160fc15f5c5baa99c1528e3817886eb6c057 Request headers Referer https://bazr.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control max-age=0 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 25 Apr 2023 03:51:04 GMT Expires Thu, 19 Feb 1998 13:24:18 GMT Last-Modified Tue, 25 Apr 2023 03:51:04 GMT Pragma no-cache Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Mv-Embed-Version 1414 X-Mv-TryCache 0 X-My-Adv-Time 0.0118188858032 X-My-App-Time 0.034 X-My-Name s163 X-My-Reqtime 0.062 X-Powered-By PHP/5.5.38
GET H/1.1	200 OK	styles.css moevideo.biz/embed/player/1860/skins/gray/ Frame E213	54 KB 15 KB	74ms 74ms	Stylesheet text/css	92.223.103.13 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moevideo.biz/embed/player/1860/skins/gray/styles.css Requested by Host: moevideo.biz URL: https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.103.13 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f47.moevideo.net Software nginx / Resource Hash 8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:04 GMT Content-Encoding gzip Last-Modified Thu, 26 Jan 2023 13:03:25 GMT Server nginx X-My-Name s140 ETag W/"63d27a1d-d99f" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive X-My-Reqtime 0.020
GET H/1.1	200 OK	mvplayer.min.js Show response moevideo.biz/embed/player/1860/ Frame E213	597 KB 152 KB	142ms 142ms	Script application/javascript	92.223.103.13 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moevideo.biz/embed/player/1860/mvplayer.min.js Requested by Host: moevideo.biz URL: https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.223.103.13 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f47.moevideo.net Software nginx / Resource Hash 4d50f79fdb320efa3f58c176d2bdb09fcc458be41aad03f55711bf8417d4a4db Request headers accept-language nl-NL,nl;q=0.9 Referer https://moevideo.biz/native?id=mv-content-roll-3779&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 25 Apr 2023 03:51:04 GMT Content-Encoding gzip Last-Modified Thu, 26 Jan 2023 13:11:55 GMT Server nginx X-My-Name s200 ETag W/"63d27c1b-954a5" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive X-My-Reqtime 0.033
GET H2	200	upload.gif vk.com/images/	230 B 403 B	43ms 42ms	Image image/gif	87.240.132.78 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://vk.com/images/upload.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv78-132-240-87.vk.com Software kittenx / Resource Hash 0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gdz.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT last-modified Tue, 22 Sep 2020 20:30:00 GMT server kittenx etag "5f6a5ec8-e6" content-type image/gif cache-control max-age=604800 accept-ranges bytes content-length 230 expires Tue, 02 May 2023 03:51:04 GMT
GET H2	200	widget_community.php Show response vk.com/ Frame 526E	35 KB 14 KB	146ms 145ms	Document text/html	87.240.132.78 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e96 Requested by Host: vk.com URL: https://vk.com/js/api/openapi.js?150 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv78-132-240-87.vk.com Software kittenx / KPHP/7.4.113700 Resource Hash 4850d79a6c4893a9cdf4600acd85fea5e07347df0d6e5f6a73416259fe5ec71f Security Headers Name Value Content-Security-Policy default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp Strict-Transport-Security max-age=15768000 X-Xss-Protection 1; report=/xss_reports Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-expose-headers X-Frontend cache-control no-store content-encoding gzip content-length 12594 content-security-policy default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp content-type text/html; charset=windows-1251 date Tue, 25 Apr 2023 03:51:04 GMT server kittenx strict-transport-security max-age=15768000 x-frontend front225205 x-powered-by KPHP/7.4.113700 x-xss-protection 1; report=/xss_reports
GET H2	200	widget_subscribe.php Show response vk.com/ Frame 554C	10 KB 5 KB	77ms 77ms	Document text/html	87.240.132.78 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e98 Requested by Host: vk.com URL: https://vk.com/js/api/openapi.js?150 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv78-132-240-87.vk.com Software kittenx / KPHP/7.4.113700 Resource Hash 2f50acef5a2c435b1e57049eeca472f740ed75afa4626c98094dee2800c17eee Security Headers Name Value Content-Security-Policy default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp Strict-Transport-Security max-age=15768000 X-Xss-Protection 1; report=/xss_reports Request headers Referer https://gdz.fun/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-expose-headers X-Frontend cache-control no-store content-encoding gzip content-length 4227 content-security-policy default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp content-type text/html; charset=windows-1251 date Tue, 25 Apr 2023 03:51:04 GMT server kittenx strict-transport-security max-age=15768000 x-frontend front225205 x-powered-by KPHP/7.4.113700 x-xss-protection 1; report=/xss_reports
GET H2	200	loader_nav20841529519_61.js vk.com/js/ Frame 554C	40 KB 0	135ms 128ms	Script text/javascript	87.240.132.78 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/js/loader_nav20841529519_61.js Requested by Host: vk.com URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e98 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv78-132-240-87.vk.com Software kittenx / KPHP/7.4.113700 Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e98 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding gzip x-frontend front225205 strict-transport-security max-age=15768000 server kittenx x-powered-by KPHP/7.4.113700 content-type text/javascript; charset=windows-1251 access-control-expose-headers X-Frontend cache-control no-store content-length 57544
GET H2	200	lite.e2bc4e64119fb514bd81.css st6-22.vk.com/css/al/ Frame 554C	275 KB 36 KB	117ms 14ms	Stylesheet text/css	95.142.206.2
General Check archive.org Show headers Download Go to Full URL https://st6-22.vk.com/css/al/lite.e2bc4e64119fb514bd81.css Requested by Host: vk.com URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e98 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.142.206.2 -, , ASN (), Reverse DNS Software kittenx / Resource Hash 0150557da172018ee6272c40a707d2ed34e3c7d18229b8f6b56f12fe7d2af9fa Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front6-22 strict-transport-security max-age=15768000 last-modified Tue, 04 Apr 2023 08:07:29 GMT server kittenx etag "642bdac1-8d28" content-type text/css access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes content-length 36136 expires Sat, 29 Apr 2023 03:51:04 GMT
GET H2	200	lite.js Show response vk.com/js/al/ Frame 554C	263 KB 61 KB	86ms 84ms	Script application/x-javascript	87.240.132.78 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/js/al/lite.js?107 Requested by Host: vk.com URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e98 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv78-132-240-87.vk.com Software kittenx / Resource Hash 117316d3d31f7a005b4db41da5c4e4398c9a5079203f7f7f66baa5a87b052c39 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e98 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front225205 last-modified Wed, 12 Apr 2023 20:56:09 GMT server kittenx etag "64371ae9-f20c" content-type application/x-javascript access-control-expose-headers X-Frontend cache-control max-age=345600 content-length 61964 expires Sat, 29 Apr 2023 03:51:04 GMT
GET		lang61_0.js vk.com/js/ Frame 554C	0 0
GET		xdm.js st6-22.vk.com/js/api/ Frame 554C	0 0
GET		al_subscribe.js st6-22.vk.com/js/api/widgets/ Frame 554C	0 0
GET H2	200	widget_subscribe.b7a6ac2b611d2473b6a5.css st6-22.vk.com/css/al/ Frame 554C	4 KB 1 KB	130ms 33ms	Stylesheet text/css	95.142.206.2
General Check archive.org Show headers Download Go to Full URL https://st6-22.vk.com/css/al/widget_subscribe.b7a6ac2b611d2473b6a5.css Requested by Host: vk.com URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e98 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.142.206.2 -, , ASN (), Reverse DNS Software kittenx / Resource Hash edd78ceafc944128477b74904a8e08e777f580c9d263e279efffcc7837b62c1d Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front6-22 strict-transport-security max-age=15768000 last-modified Sat, 28 Jan 2023 10:21:26 GMT server kittenx etag "63d4f726-46d" content-type text/css access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes content-length 1133 expires Sat, 29 Apr 2023 03:51:04 GMT
GET H2	200	base.94021168f233b4ce2096.css st6-22.vk.com/css/al/ Frame 554C	125 KB 19 KB	131ms 33ms	Stylesheet text/css	95.142.206.2
General Check archive.org Show headers Download Go to Full URL https://st6-22.vk.com/css/al/base.94021168f233b4ce2096.css Requested by Host: vk.com URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e98 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.142.206.2 -, , ASN (), Reverse DNS Software kittenx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front6-22 strict-transport-security max-age=15768000 last-modified Wed, 19 Apr 2023 10:04:00 GMT server kittenx etag "643fbc90-4bb1" content-type text/css access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes content-length 19377 expires Sat, 29 Apr 2023 03:51:04 GMT
GET		IQaHo8-FvX3FSyl_n5BRzoXOpKByRBgsgkPEQcKP4cO0ioinjtE7mB5Q4ApDp2JtMCioDXDD.jpg sun6-21.userapi.com/s/v1/if1/ Frame 554C	0 0
GET H/1.1	200 OK	storage.html moe.video/ Frame DF96	18 KB 6 KB	87ms 85ms	Document text/html	92.38.138.108 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://moe.video/storage.html?v=08 Requested by Host: moevideo.biz URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.38.138.108 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS f49.moevideo.net Software nginx / Resource Hash Request headers Referer https://moevideo.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 25 Apr 2023 03:51:04 GMT ETag W/"63d27cd4-4783" Last-Modified Thu, 26 Jan 2023 13:15:00 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-B-Name f49 X-My-Name s161 X-My-Reqtime 0.025
GET DATA	200 OK	truncated / Frame E213	313 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET		loader_nav20841529519_61.js vk.com/js/ Frame 526E	0 0
GET H2	200	fonts_cnt.a289ed70815ffbd082ae.css st6-22.vk.com/css/al/ Frame 526E	295 KB 0	72ms 44ms	Stylesheet text/css	95.142.206.2
General Check archive.org Show headers Download Go to Full URL https://st6-22.vk.com/css/al/fonts_cnt.a289ed70815ffbd082ae.css Requested by Host: vk.com URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e96 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.142.206.2 -, , ASN (), Reverse DNS Software kittenx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front6-22 strict-transport-security max-age=15768000 last-modified Mon, 06 Feb 2023 15:27:38 GMT server kittenx etag "63e11c6a-3e078" content-type text/css access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes content-length 254072 expires Sat, 29 Apr 2023 03:51:04 GMT
GET H2	200	lite.e2bc4e64119fb514bd81.css st6-22.vk.com/css/al/ Frame 526E	0 0	80ms 52ms	Stylesheet text/css	95.142.206.2
General Check archive.org Show headers Download Go to Full URL https://st6-22.vk.com/css/al/lite.e2bc4e64119fb514bd81.css Requested by Host: vk.com URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e96 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.142.206.2 -, , ASN (), Reverse DNS Software kittenx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front6-22 strict-transport-security max-age=15768000 last-modified Tue, 04 Apr 2023 08:07:29 GMT server kittenx etag "642bdac1-8d28" content-type text/css access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes content-length 36136 expires Sat, 29 Apr 2023 03:51:04 GMT
GET		lite.js vk.com/js/al/ Frame 526E	0 0
GET		lang61_0.js vk.com/js/ Frame 526E	0 0
GET		xdm.js st6-22.vk.com/js/api/ Frame 526E	0 0
GET H2	200	ui_common.1ec26762e84ba436308f.css st6-22.vk.com/css/al/ Frame 526E	0 0	78ms 52ms	Stylesheet text/css	95.142.206.2
General Check archive.org Show headers Download Go to Full URL https://st6-22.vk.com/css/al/ui_common.1ec26762e84ba436308f.css Requested by Host: vk.com URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e96 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.142.206.2 -, , ASN (), Reverse DNS Software kittenx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front6-22 strict-transport-security max-age=15768000 last-modified Tue, 04 Apr 2023 08:07:29 GMT server kittenx etag "642bdac1-39ca" content-type text/css access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes content-length 14794 expires Sat, 29 Apr 2023 03:51:04 GMT
GET		polyfills.708b756b1b87c44334d8.js st6-22.vk.com/dist/ Frame 526E	0 0
GET		react.98bc663d415258ce240e.js st6-22.vk.com/dist/ Frame 526E	0 0
GET H2	200	palette.ae379dcc9b8302134cfb.css st6-22.vk.com/dist/ Frame 526E	0 0	77ms 53ms	Stylesheet text/css	95.142.206.2
General Check archive.org Show headers Download Go to Full URL https://st6-22.vk.com/dist/palette.ae379dcc9b8302134cfb.css Requested by Host: vk.com URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e96 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.142.206.2 -, , ASN (), Reverse DNS Software kittenx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front6-22 strict-transport-security max-age=15768000 last-modified Tue, 18 Apr 2023 23:46:06 GMT server kittenx etag "643f2bbe-3b50" content-type text/css access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes content-length 15184 expires Sat, 29 Apr 2023 03:51:04 GMT
GET		palette.762c4886666b8cd2e28b.js st6-22.vk.com/dist/ Frame 526E	0 0
GET		vkui.e4d670f36de4368e7b1a.js st6-22.vk.com/dist/ Frame 526E	0 0
GET H2	200	vkcom-kit.16d5987cc781503fd040.css st6-22.vk.com/dist/ Frame 526E	0 0	77ms 53ms	Stylesheet text/css	95.142.206.2
General Check archive.org Show headers Download Go to Full URL https://st6-22.vk.com/dist/vkcom-kit.16d5987cc781503fd040.css Requested by Host: vk.com URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e96 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.142.206.2 -, , ASN (), Reverse DNS Software kittenx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front6-22 strict-transport-security max-age=15768000 last-modified Mon, 24 Apr 2023 15:32:05 GMT server kittenx etag "6446a0f5-28e0" content-type text/css access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes content-length 10464 expires Sat, 29 Apr 2023 03:51:04 GMT
GET		vkcom-kit.9c9b2665b410327a3841.js st6-22.vk.com/dist/ Frame 526E	0 0
GET		state-management.7a9355439064b079c032.js st6-22.vk.com/dist/ Frame 526E	0 0
GET H2	200	audioplayer.6a81d0158a2b441eac12.css st6-22.vk.com/dist/ Frame 526E	0 0	76ms 53ms	Stylesheet text/css	95.142.206.2
General Check archive.org Show headers Download Go to Full URL https://st6-22.vk.com/dist/audioplayer.6a81d0158a2b441eac12.css Requested by Host: vk.com URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e96 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.142.206.2 -, , ASN (), Reverse DNS Software kittenx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front6-22 strict-transport-security max-age=15768000 last-modified Wed, 19 Apr 2023 10:40:02 GMT server kittenx etag "643fc502-8d9" content-type text/css access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes content-length 2265 expires Sat, 29 Apr 2023 03:51:04 GMT
GET		audioplayer.4bb05d1765f7772963f5.js st6-22.vk.com/dist/ Frame 526E	0 0
GET		common.bd0995d4509c6a4764f9.js st6-22.vk.com/dist/ Frame 526E	0 0
GET		ui_common.6b878d4cd292627287af.js st6-22.vk.com/dist/web/ Frame 526E	0 0
GET		audioplayer.76ca6927ee09d8edecc2.js st6-22.vk.com/dist/web/ Frame 526E	0 0
GET H2	200	widget_community.461c04150f1c05e585d0.css st6-22.vk.com/css/al/ Frame 526E	0 0	76ms 54ms	Stylesheet text/css	95.142.206.2
General Check archive.org Show headers Download Go to Full URL https://st6-22.vk.com/css/al/widget_community.461c04150f1c05e585d0.css Requested by Host: vk.com URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e96 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.142.206.2 -, , ASN (), Reverse DNS Software kittenx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front6-22 strict-transport-security max-age=15768000 last-modified Sat, 28 Jan 2023 10:21:26 GMT server kittenx etag "63d4f726-e24" content-type text/css access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes content-length 3620 expires Sat, 29 Apr 2023 03:51:04 GMT
GET		likes.9b4a12d0bc35c52ab2e1.js st6-22.vk.com/dist/web/ Frame 526E	0 0
GET		community.js st6-22.vk.com/dist/api/widgets/ Frame 526E	0 0
GET H2	200	base.94021168f233b4ce2096.css st6-22.vk.com/css/al/ Frame 526E	0 0	75ms 54ms	Stylesheet text/css	95.142.206.2
General Check archive.org Show headers Download Go to Full URL https://st6-22.vk.com/css/al/base.94021168f233b4ce2096.css Requested by Host: vk.com URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187b6894e96 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.142.206.2 -, , ASN (), Reverse DNS Software kittenx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://vk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 03:51:04 GMT content-encoding br x-frontend front6-22 strict-transport-security max-age=15768000 last-modified Wed, 19 Apr 2023 10:04:00 GMT server kittenx etag "643fbc90-4bb1" content-type text/css access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes content-length 19377 expires Sat, 29 Apr 2023 03:51:04 GMT
GET		IQaHo8-FvX3FSyl_n5BRzoXOpKByRBgsgkPEQcKP4cO0ioinjtE7mB5Q4ApDp2JtMCioDXDD.jpg sun6-21.userapi.com/s/v1/if1/ Frame 526E	0 0
GET		camera_50.png vk.com/images/ Frame 526E	0 0
GET		4egFuiUwiCY.jpg sun6-23.userapi.com/w7swvcgbxPzYx4kSpSuvI7RgY9VOgDcd3DwbsQ/ Frame 526E	0 0
GET		efk4WPDwpX5PppzCgIcWuSoj3ib4JQw1YOnaAOeCYEO-jDip11QxCRkSGzDFPz_wRL-YCmjH.jpg sun6-22.userapi.com/s/v1/if1/ Frame 526E	0 0
GET		GYCpvifptNZQLRlB4mfM5ju2aY2hAM6SSx4LddzJYWlHaMn61aXwPuYwqgSbT1reAdq0H0At0HFgXaRDGK08ghPo.jpg sun6-22.userapi.com/s/v1/ig2/ Frame 526E	0 0
GET		CYjDfipaLN-aOFYlt2X3vHqHg-8-D5cWMvDr4g7F0FSup6SVlQQszspX9YNAyuDD6j0_jlFulUOsBJnRI21Pzy2_.jpg sun6-20.userapi.com/s/v1/ig2/ Frame 526E	0 0
OPTIONS		auction_multi am-0.moevideo.biz/ssp/ Frame	0 0
POST		auction_multi am-0.moevideo.biz/ssp/ Frame E213	0 0
GET		analytics.js www.google-analytics.com/ Frame E213	0 0
GET		ads-async.js ad.mail.ru/static/ Frame E213	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

vk.com

URL

https://vk.com/js/lang61_0.js?28039911

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/js/api/xdm.js?9

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/js/api/widgets/al_subscribe.js?1

Domain

sun6-21.userapi.com

URL

https://sun6-21.userapi.com/s/v1/if1/IQaHo8-FvX3FSyl_n5BRzoXOpKByRBgsgkPEQcKP4cO0ioinjtE7mB5Q4ApDp2JtMCioDXDD.jpg?size=50x50&quality=96&crop=460,496,1057,1057&ava=1

Domain

vk.com

URL

https://vk.com/js/loader_nav20841529519_61.js

Domain

vk.com

URL

https://vk.com/js/al/lite.js?107

Domain

vk.com

URL

https://vk.com/js/lang61_0.js?28039911

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/js/api/xdm.js?9

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/polyfills.708b756b1b87c44334d8.js?f76f8095bb3e937b95b5

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/react.98bc663d415258ce240e.js?371daa3c15115043d211

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/palette.762c4886666b8cd2e28b.js?

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/vkui.e4d670f36de4368e7b1a.js?d410ad297c5ec476192b

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/vkcom-kit.9c9b2665b410327a3841.js?

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/state-management.7a9355439064b079c032.js?cc07b1a64736261fabb9

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/audioplayer.4bb05d1765f7772963f5.js?321

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/common.bd0995d4509c6a4764f9.js?321ef79bc74dbfc5eacaf27

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/web/ui_common.6b878d4cd292627287af.js?a311e4d28c7ce1f70e84fb08a1525bac

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/web/audioplayer.76ca6927ee09d8edecc2.js?d4e34a61997be923e5d45c2e8e598473

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/web/likes.9b4a12d0bc35c52ab2e1.js?c774f9832cdaef98772510e0854e63ad

Domain

st6-22.vk.com

URL

https://st6-22.vk.com/dist/api/widgets/community.js?1

Domain

sun6-21.userapi.com

URL

https://sun6-21.userapi.com/s/v1/if1/IQaHo8-FvX3FSyl_n5BRzoXOpKByRBgsgkPEQcKP4cO0ioinjtE7mB5Q4ApDp2JtMCioDXDD.jpg?size=50x50&quality=96&crop=460,496,1057,1057&ava=1

Domain

vk.com

URL

https://vk.com/images/camera_50.png

Domain

sun6-23.userapi.com

URL

https://sun6-23.userapi.com/w7swvcgbxPzYx4kSpSuvI7RgY9VOgDcd3DwbsQ/4egFuiUwiCY.jpg

Domain

sun6-22.userapi.com

URL

https://sun6-22.userapi.com/s/v1/if1/efk4WPDwpX5PppzCgIcWuSoj3ib4JQw1YOnaAOeCYEO-jDip11QxCRkSGzDFPz_wRL-YCmjH.jpg?size=50x50&quality=96&crop=206,0,597,597&ava=1

Domain

sun6-22.userapi.com

URL

https://sun6-22.userapi.com/s/v1/ig2/GYCpvifptNZQLRlB4mfM5ju2aY2hAM6SSx4LddzJYWlHaMn61aXwPuYwqgSbT1reAdq0H0At0HFgXaRDGK08ghPo.jpg?size=50x50&quality=95&crop=371,0,1331,1331&ava=1

Domain

sun6-20.userapi.com

URL

https://sun6-20.userapi.com/s/v1/ig2/CYjDfipaLN-aOFYlt2X3vHqHg-8-D5cWMvDr4g7F0FSup6SVlQQszspX9YNAyuDD6j0_jlFulUOsBJnRI21Pzy2_.jpg?size=50x50&quality=95&crop=6,0,1244,1244&ava=1

Domain

am-0.moevideo.biz

URL

https://am-0.moevideo.biz/ssp/auction_multi

Domain

am-0.moevideo.biz

URL

https://am-0.moevideo.biz/ssp/auction_multi

Domain

www.google-analytics.com

URL

https://www.google-analytics.com/analytics.js

Domain

ad.mail.ru

URL

https://ad.mail.ru/static/ads-async.js