delonadomu.info Open in urlscan Pro
192.185.25.141 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://delonadomu.info/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On May 20 via api (May 20th 2023, 2:06:57 am UTC) from DE — Scanned from DE

Summary HTTP 80 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 80 HTTP transactions. The main IP is 192.185.25.141, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is delonadomu.info.

This is the only time delonadomu.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	192.185.25.141 192.185.25.141	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	86.59.32.98 86.59.32.98	8437 (UTA-AS) (UTA-AS)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
80	14

17 192.185.25.141 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-25-141.unifiedlayer.com

delonadomu.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 86.59.32.98 (Austria)

ASN8437 (UTA-AS, AT)
PTR: www.marketagent.com

www.marketagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	335 KB
17	delonadomu.info delonadomu.info	83 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	131 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	67 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	106 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9037	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	17 KB
2	marketagent.com www.marketagent.com	16 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	607 B
80	11

	Domain	Requested by
17	delonadomu.info	delonadomu.info
15	pagead2.googlesyndication.com	delonadomu.info pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	www.gstatic.com	googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	delonadomu.info
2	www.marketagent.com	delonadomu.info
1	partner.googleadservices.com	pagead2.googlesyndication.com
80	14

This site contains links to these domains. Also see Links.

Domain
www.zasluzek.org
www.marketagent.com
surveys.valicon.net
idejnik.si
www.v-channel.com.sg
www.mojazaposlitev.si
wordpress.org
www.baza-noclegowa.pl

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://delonadomu.info/
Frame ID: C4C66FB3FE2D759D9A35D8C98245B989
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html
Frame ID: EC3518B3FD3C7D0F38772ECFBA2F31C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8946429337246112&output=html&h=600&slotname=4695763170&adk=3385007068&adf=1318772017&pi=t.ma~as.4695763170&w=160&lmt=1684548413&url=http%3A%2F%2Fdelonadomu.info%2F&wgl=1&dt=1684548413113&bpp=21&bdt=493&idt=189&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&abxe=1&correlator=1761866798687&frm=20&pv=2&ga_vid=1155360654.1684548413&ga_sid=1684548413&ga_hid=268261014&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1084&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788441%2C44792089&oid=2&pvsid=2950700369647104&tmod=479863647&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AqYp5lxo7N&p=http%3A//delonadomu.info&dtd=203
Frame ID: 35C0C462C0B5E2724D9A854DC6D5D965
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8946429337246112&output=html&h=60&slotname=3486180223&adk=947338483&adf=3878035890&pi=t.ma~as.3486180223&w=468&lmt=1684548413&format=468x60&url=http%3A%2F%2Fdelonadomu.info%2F&wgl=1&dt=1684548413143&bpp=2&bdt=522&idt=178&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_slotnames=4695763170&correlator=1761866798687&frm=20&pv=1&ga_vid=1155360654.1684548413&ga_sid=1684548413&ga_hid=268261014&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=810&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788441%2C44792089&oid=2&pvsid=2950700369647104&tmod=479863647&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&alvm=m202305170101&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CDZWHvYs1R&p=http%3A//delonadomu.info&dtd=181
Frame ID: 6FBB28EC1C490C164E6890792D84BCCE
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DEF59115267C7A0EA3B175333AB943CE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: B7E84DD3CDA9555E4FE987899526D5A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8946429337246112&output=html&adk=1812271804&adf=3025194257&lmt=1684548414&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fdelonadomu.info%2F&ea=0&pra=7&wgl=1&dt=1684548414267&bpp=1&bdt=1646&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D495876e493469a76-221ebd3ddddd003f%3AT%3D1684548413%3ART%3D1684548413%3AS%3DALNI_MYdyueATFbYjN3Ey0i1H8-HPBQPOg&gpic=UID%3D00000c188eefd45c%3AT%3D1684548413%3ART%3D1684548413%3AS%3DALNI_MbxsegwWZWOd9j7C5gHQCJ35BCN4A&prev_fmts=468x60&prev_slotnames=4695763170&nras=1&correlator=1761866798687&frm=20&pv=1&ga_vid=1155360654.1684548413&ga_sid=1684548413&ga_hid=268261014&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788441%2C44792089&oid=2&psts=ABHeCviXJA_yKfwRqsEKC_ztsBIjKoyLJ4rGsNB4rJo03_UAaeIie5HR35uJXL83InyRe8uNbEPqQdF79xzXcKRzQX9jvIM%2CABHeCvhtyKr74ilj_VfaGQEKEXDGgSDsru3fOXv19Viu-6XrreGb2JS9ejKiJTd47sMJjKZ-8XPawhrXOoiSIPzJREgq7g&pvsid=2950700369647104&tmod=479863647&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=m202305170101&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=14
Frame ID: 887D26E4992372D7DE0632CAF02565A5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6EE8CD4C42AFE5FE61DC226A7CD7427
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D375BB578F22064873CC87E0807385D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Delo na domu

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

All in One SEO Pack (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- All in One SEO Pack ([\d.]+)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

71 %
HTTPS

85 %
IPv6

11
Domains

14
Subdomains

14
IPs

3
Countries

760 kB
Transfer

1831 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zasluzek.org/
Title: Delo na domu

Search URL Search Domain Scan URL

URL: http://www.marketagent.com/f.asp?RefUID=499989

Search URL Search Domain Scan URL

URL: http://surveys.valicon.net/CAWI/jazvem_recruite?Data=referrer%7cF424872B41180494F7117CB0AAE53962

Search URL Search Domain Scan URL

URL: http://idejnik.si/
Title: http://idejnik.si

Search URL Search Domain Scan URL

URL: http://www.v-channel.com.sg/
Title: v-channel.com.sg

Search URL Search Domain Scan URL

URL: http://www.mojazaposlitev.si/index.php?r=jobAdsRSSFeed

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: http://www.baza-noclegowa.pl/
Title: Baza Noclegowa

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 23

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1512737064&utmhn=delonadomu.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Delo%20na%20domu&utmhid=268261014&utmr=-&utmp=%2F&utmht=1684548413237&utmac=UA-33198656-1&utmcc=__utma%3D32636715.1155360654.1684548413.1684548413.1684548413.1%3B%2B__utmz%3D32636715.1684548413.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1099427588&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1512737064&utmhn=delonadomu.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Delo%20na%20domu&utmhid=268261014&utmr=-&utmp=%2F&utmht=1684548413237&utmac=UA-33198656-1&utmcc=__utma%3D32636715.1155360654.1684548413.1684548413.1684548413.1%3B%2B__utmz%3D32636715.1684548413.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1099427588&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

80 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
delonadomu.info/ 41 KB
15 KB 4386ms
3991ms Document
text/html 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: http://delonadomu.info/
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: ef4dc32b81d33b99cef1b5fe3ac35739175eb436495a7c3ae1aa8941fe541138

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 14785
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 May 2023 02:06:48 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=75
Pragma: no-cache
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding
X-Pingback: http://delonadomu.info/xmlrpc.php

GET
H/1.1 200
OK style.css
delonadomu.info/wp-content/themes/baza-noclegowa/ 17 KB
6 KB 236ms
127ms Stylesheet
text/css 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: a5de986428df8f53c7796b6835591e355d3bf2fd566c8bc2c424495871bec0fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Jul 2012 15:35:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 5905

GET
H/1.1 200
OK jquery.js Show response
delonadomu.info/wp-includes/js/jquery/ 92 KB
40 KB 241ms
126ms Script
application/javascript 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: http://delonadomu.info/wp-includes/js/jquery/jquery.js?ver=1.7.1
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: dd19215106d1bee1b9d13937997f17e1938a743f1a8cf7d7f793ab9534ddcc47

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Jul 2012 15:43:38 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75

GET
H/1.1 200
OK uk-cookie-consent-js.js Show response
delonadomu.info/wp-content/plugins/uk-cookie-consent/js/ 1 KB
790 B 244ms
129ms Script
application/javascript 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: http://delonadomu.info/wp-content/plugins/uk-cookie-consent/js/uk-cookie-consent-js.js?ver=3.3.2
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: a19fd164fed439d7ed8b0796b40e045137a9ffd5ec35c6d240cc59298996df2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2013 16:16:10 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 463

GET
H/1.1 200
OK diggdigg-style.css
delonadomu.info/wp-content/plugins/digg-digg/css/ 6 KB
2 KB 241ms
127ms Stylesheet
text/css 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: http://delonadomu.info/wp-content/plugins/digg-digg/css/diggdigg-style.css?ver=5.2.9
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: 1a93e87e0138a0caa6a1b7c91821df3d9f78361810675c6d1367572adfd44c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:52 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Jul 2012 08:04:04 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 1754

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
50 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: delonadomu.info
URL: http://delonadomu.info/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e20f3db15854c0c125474dab00c51946d87ea3271addb66bae888e3c543fe10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50138
X-XSS-Protection: 0
Server: cafe
ETag: 12466180242020950406
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sat, 20 May 2023 02:06:52 GMT

GET
H/1.1 200
OK 120x60_Marketagent_grau_SLO.gif
www.marketagent.com/MA_WebResources/pic/banner/ 7 KB
7 KB 284ms
30ms Image
image/gif 86.59.32.98
UTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.marketagent.com/MA_WebResources/pic/banner/120x60_Marketagent_grau_SLO.gif
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/
Protocol: HTTP/1.1
Server: 86.59.32.98 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS: www.marketagent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 23ca56edb0fd69ce6a75d0579b86f06024b6dbf8e16e3e6c7747213383a6cd27

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:52 GMT
Last-Modified: Mon, 06 Jul 2020 15:51:50 GMT
Server: Microsoft-IIS/10.0
ETag: "6726cf5cad53d61:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 6784

GET
H/1.1 200
OK 468x60_Marketagent_weiss_SLO.gif
www.marketagent.com/MA_WebResources/pic/banner/ 9 KB
9 KB 184ms
35ms Image
image/gif 86.59.32.98
UTA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.marketagent.com/MA_WebResources/pic/banner/468x60_Marketagent_weiss_SLO.gif
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/
Protocol: HTTP/1.1
Server: 86.59.32.98 , Austria, ASN8437 (UTA-AS, AT),
Reverse DNS: www.marketagent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b195e05e57e98587cad401f794b7f34eff6adae693e151d8b77477e38015e0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Mon, 06 Jul 2020 15:51:50 GMT
Server: Microsoft-IIS/10.0
ETag: "72c3dd5cad53d61:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 9014

GET
H/1.1 200
OK jazvem-300x115.jpg
delonadomu.info/wp-content/uploads/2012/06/ 9 KB
9 KB 124ms
124ms Image
image/jpeg 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-content/uploads/2012/06/jazvem-300x115.jpg
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: 3a750810423f363420bbbfe4ec6c6e8b6b811ea06986a5a1a0e8a362878ba708

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 26 Jul 2012 21:18:41 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 8849

GET
H/1.1 200
OK search.gif
delonadomu.info/wp-content/themes/baza-noclegowa/images/ 564 B
805 B 121ms
121ms Image
image/gif 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/images/search.gif
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: ffedea038b6d080fd2b6e47197a93bcd1e31dbc0f0a8bea9437f3b9a48bf4c64

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 05 Jul 2012 15:38:36 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 564

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 91 KB
34 KB 40ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: delonadomu.info
URL: http://delonadomu.info/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

809b50a49f8b18d7876955773c4c873485606438bc25ae2332a3848213788859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13064668889366974168
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 34424
X-XSS-Protection: 0
Expires: Sat, 20 May 2023 02:06:52 GMT

GET
H/1.1 200
OK rss.png
delonadomu.info/wp-includes/images/ 3 KB
3 KB 120ms
120ms Image
image/png 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-includes/images/rss.png
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: 2e669e222ee8b18c19d0c98412e69736bbdb148ccdff1736afde13222de9adf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 05 Jul 2012 15:41:20 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 3341

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 355 KB
120 KB 102ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8946429337246112&plah=delonadomu.info

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eee9ab6eaca56d0ef48b73dba7233d4517b58b13019268e861a8fcf5fbfd2975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122657
x-xss-protection: 0
server: cafe
etag: 16194178603262682471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 May 2023 02:06:53 GMT

GET
H/1.1 200
OK frame.png
delonadomu.info/wp-content/themes/baza-noclegowa/images/ 95 B
335 B 123ms
122ms Image
image/png 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/images/frame.png
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: d8593f62d09249fcf99df3f09b346a6b0c4be70b1e5016c7119a8af07d6ab4cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 05 Jul 2012 15:38:30 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 95

GET
H/1.1 200
OK frame_t.png
delonadomu.info/wp-content/themes/baza-noclegowa/images/ 199 B
466 B 122ms
121ms Image
image/png 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/images/frame_t.png
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: 65d412d7e692044ee385ca6ba2978b3524633927b861eefb30b1635c161289db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 05 Jul 2012 15:38:31 GMT
Server: Apache
Upgrade: h2,h2c
Content-Type: image/png
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 199

GET
H/1.1 200
OK nav-top.png
delonadomu.info/wp-content/themes/baza-noclegowa/images/ 319 B
560 B 354ms
122ms Image
image/png 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/images/nav-top.png
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: c3a4d3f20f7c17587cc07671dcfe40282c7799b203ffedc47e152976ff9bf78e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 05 Jul 2012 15:38:34 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 319

GET
H/1.1 200
OK nav-bottom.png
delonadomu.info/wp-content/themes/baza-noclegowa/images/ 573 B
814 B 224ms
123ms Image
image/png 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/images/nav-bottom.png
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: 13bf55533718587d44c98eef780e7a1216bd9454832f16bd4e9720dfa5a86735

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 05 Jul 2012 15:38:33 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 573

GET
H/1.1 200
OK nav_li_bg.png
delonadomu.info/wp-content/themes/baza-noclegowa/images/ 516 B
783 B 223ms
119ms Image
image/png 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/images/nav_li_bg.png
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: 16034138113aa84427b55cfedf00c1fb3d26d5535cdf53271baa9c4946d5ec2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 05 Jul 2012 15:38:36 GMT
Server: Apache
Upgrade: h2,h2c
Content-Type: image/png
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 516

GET
H/1.1 200
OK mm-separator.png
delonadomu.info/wp-content/themes/baza-noclegowa/images/ 123 B
364 B 224ms
120ms Image
image/png 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/images/mm-separator.png
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: 4e45589f2890cabcbb68bc27870c53b8d1b09121631673588c17ef33280fd217

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 05 Jul 2012 15:38:33 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 123

GET
H/1.1 200
OK frame_b.png
delonadomu.info/wp-content/themes/baza-noclegowa/images/ 199 B
440 B 225ms
123ms Image
image/png 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/images/frame_b.png
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: c490703a33007fc223a93687a4138a1fb4f1febe9357a17a2de3a1e326fd5ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 05 Jul 2012 15:38:30 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 199

GET
H/1.1 200
OK icons.png
delonadomu.info/wp-content/themes/baza-noclegowa/images/ 2 KB
2 KB 234ms
119ms Image
image/png 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/images/icons.png
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: b49ed3f62515c8a32009a75b305c380e734618bbc2016abb8b7e350c3626830a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 05 Jul 2012 15:38:31 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 1724

GET
H/1.1 200
OK b_d7dadc.gif
delonadomu.info/wp-content/themes/baza-noclegowa/images/ 129 B
370 B 232ms
118ms Image
image/gif 192.185.25.141
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/images/b_d7dadc.gif
Requested by: Host: delonadomu.info
URL: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
Protocol: HTTP/1.1
Server: 192.185.25.141 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-25-141.unifiedlayer.com
Software: Apache /
Resource Hash: 7d62a46800fb4881aa8662956a44d5ceaf2744545eab564a66ea37ccaccb7868

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/wp-content/themes/baza-noclegowa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:06:53 GMT
Last-Modified: Thu, 05 Jul 2012 15:38:27 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 129

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/ Frame EC35 10 KB
5 KB 47ms
12ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://delonadomu.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:07:58 GMT
etag: 15057649708203361565
expires: Fri, 02 Jun 2023 07:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

47ms
13ms

Script
text/javascript

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: delonadomu.info
URL: http://delonadomu.info/

Protocol

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 May 2023 00:51:52 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4501
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 20 May 2023 02:51:52 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1512737064&utmhn=delonadomu.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Delo%...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1512737064&utmhn=delonadomu.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Delo...

35 B
197 B

21ms
19ms

Image
image/gif

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1512737064&utmhn=delonadomu.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Delo%20na%20domu&utmhid=268261014&utmr=-&utmp=%2F&utmht=1684548413237&utmac=UA-33198656-1&utmcc=__utma%3D32636715.1155360654.1684548413.1684548413.1684548413.1%3B%2B__utmz%3D32636715.1684548413.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1099427588&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: delonadomu.info
URL: http://delonadomu.info/

Protocol

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 02:06:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1512737064&utmhn=delonadomu.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Delo%20na%20domu&utmhid=268261014&utmr=-&utmp=%2F&utmht=1684548413237&utmac=UA-33198656-1&utmcc=__utma%3D32636715.1155360654.1684548413.1684548413.1684548413.1%3B%2B__utmz%3D32636715.1684548413.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1099427588&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
607 B 59ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=delonadomu.info&callback=_gfp_s_&client=ca-pub-8946429337246112

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8946429337246112&plah=delonadomu.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6841a59c43b941e321d1c90b65203188775e6d2a64fa2772ac57fac1943b397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 68ms
32ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=delonadomu.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 61ms
24ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=delonadomu.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 35C0 103 KB
36 KB 698ms
698ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8946429337246112&output=html&h=600&slotname=4695763170&adk=3385007068&adf=1318772017&pi=t.ma~as.4695763170&w=160&lmt=1684548413&url=http%3A%2F%2Fdelonadomu.info%2F&wgl=1&dt=1684548413113&bpp=21&bdt=493&idt=189&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&abxe=1&correlator=1761866798687&frm=20&pv=2&ga_vid=1155360654.1684548413&ga_sid=1684548413&ga_hid=268261014&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1084&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788441%2C44792089&oid=2&pvsid=2950700369647104&tmod=479863647&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AqYp5lxo7N&p=http%3A//delonadomu.info&dtd=203

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b03bd8b5911b894e43db492b9ceb7da7a390d4df7fd3fcad3e608c6fe9e07a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://delonadomu.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36325
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 02:06:54 GMT
expires: Sat, 20 May 2023 02:06:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6FBB 90 KB
27 KB 600ms
599ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8946429337246112&output=html&h=60&slotname=3486180223&adk=947338483&adf=3878035890&pi=t.ma~as.3486180223&w=468&lmt=1684548413&format=468x60&url=http%3A%2F%2Fdelonadomu.info%2F&wgl=1&dt=1684548413143&bpp=2&bdt=522&idt=178&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_slotnames=4695763170&correlator=1761866798687&frm=20&pv=1&ga_vid=1155360654.1684548413&ga_sid=1684548413&ga_hid=268261014&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=810&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788441%2C44792089&oid=2&pvsid=2950700369647104&tmod=479863647&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&alvm=m202305170101&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CDZWHvYs1R&p=http%3A//delonadomu.info&dtd=181

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ed320502a6601df3649c555c0c84f642e514869926a16a103fe4db9d369128a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://delonadomu.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26988
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 02:06:53 GMT
expires: Sat, 20 May 2023 02:06:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 25c1ebd307027cb6cde802b753523349.js Show response
www.gstatic.com/mysidia/ Frame 6FBB 8 KB
4 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/25c1ebd307027cb6cde802b753523349.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8946429337246112&output=html&h=60&slotname=3486180223&adk=947338483&adf=3878035890&pi=t.ma~as.3486180223&w=468&lmt=1684548413&format=468x60&url=http%3A%2F%2Fdelonadomu.info%2F&wgl=1&dt=1684548413143&bpp=2&bdt=522&idt=178&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_slotnames=4695763170&correlator=1761866798687&frm=20&pv=1&ga_vid=1155360654.1684548413&ga_sid=1684548413&ga_hid=268261014&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=810&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788441%2C44792089&oid=2&pvsid=2950700369647104&tmod=479863647&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&alvm=m202305170101&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CDZWHvYs1R&p=http%3A//delonadomu.info&dtd=181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08c6df6675aa9335318105edf2dae0e633d9b9b5e023d2f7d312dee6850b1013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3684
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 20:54:28 GMT

GET
H2 200 2cb5797678a2238b00a87eb3f015c6c1.js Show response
www.gstatic.com/mysidia/ Frame 6FBB 18 KB
8 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d45697bb893eda89b558f45671f79d90d700fbfdbc48bef7d2416bb706b645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 21:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7715
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 21:26:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6FBB 9 KB
1 KB 58ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 02:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 01:42:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 02:06:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 6FBB 2 KB
846 B 16ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jun 2023 10:36:34 GMT

GET
H2 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame 6FBB 6 KB
2 KB 53ms
17ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 15:42:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 6FBB 22 KB
9 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jun 2023 10:36:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 6FBB 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jun 2023 17:30:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 6FBB 19 KB
8 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jun 2023 10:36:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FBB 170 KB
53 KB 171ms
171ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 May 2023 02:06:54 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 6FBB 32 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 20:46:22 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5616178971693136653/ Frame 6FBB 1 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5616178971693136653/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04c4837f936b52f2fa692ebbe2de46b512009400c325f9f8ce100793e2db5711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 14 May 2023 22:02:04 GMT
x-content-type-options: nosniff
age: 446690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1326
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 23:42:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 May 2024 22:02:04 GMT

GET
DATA 200
OK truncated
/ Frame 6FBB 135 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d203fd59975be8ab20699080e6fcf9bb5109cbccf6b40dab2a888921f86635d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6FBB 0
0 66ms
61ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9y_xPStoZL2eFdKi-ga8gKSwBZ7K5Ldruu2nu6gQ2tkeEAEgjKD7CGCV4pCCoAegAe2qxN4CyAEBqAMBqgTNAU_QpLe3scXyjOLNwzriFyi32Q_UDEgw7qpcFWae_Dh9uzwsyWL5QpzzA7HE5-l_ean42QXh-UWRRRcxGbU8lZr6LC_UTlyVcmWw_YxA8OioCNBdMgzdbzyca1Ukbh9hPSuQls_VPzU7YbZeag75GfNUQhzmNZz209fNOPSOWiVNvZ0A331S3JnV7uWtP3WhTOlpnuyg5mU1Rm9bnuaTlzVosVpSr0fxPd-cspiX8FkOFXGEk-EpO_XV3tJBxInnpxrXqis46WymJgImxIbABP3L3ruDBJIFBAgEGAGSBQQIBRgEgAf71LuhAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJvyJdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItODk0NjQyOTMzNzI0NjExMhgA&sigh=Z2l_35E73t8&uach_m=[UACH]&cid=CAQSGwBygQiDc0rAYr5B6nbtVxoFwBpB4ArEbYJAtBgB&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8946429337246112&output=html&h=60&slotname=3486180223&adk=947338483&adf=3878035890&pi=t.ma~as.3486180223&w=468&lmt=1684548413&format=468x60&url=http%3A%2F%2Fdelonadomu.info%2F&wgl=1&dt=1684548413143&bpp=2&bdt=522&idt=178&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_slotnames=4695763170&correlator=1761866798687&frm=20&pv=1&ga_vid=1155360654.1684548413&ga_sid=1684548413&ga_hid=268261014&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=810&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788441%2C44792089&oid=2&pvsid=2950700369647104&tmod=479863647&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&alvm=m202305170101&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CDZWHvYs1R&p=http%3A//delonadomu.info&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 May 2023 02:06:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 20 May 2023 02:06:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DEF5 143 B
166 B 16ms
13ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8946429337246112&output=html&h=60&slotname=3486180223&adk=947338483&adf=3878035890&pi=t.ma~as.3486180223&w=468&lmt=1684548413&format=468x60&url=http%3A%2F%2Fdelonadomu.info%2F&wgl=1&dt=1684548413143&bpp=2&bdt=522&idt=178&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_slotnames=4695763170&correlator=1761866798687&frm=20&pv=1&ga_vid=1155360654.1684548413&ga_sid=1684548413&ga_hid=268261014&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=810&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788441%2C44792089&oid=2&pvsid=2950700369647104&tmod=479863647&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&alvm=m202305170101&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CDZWHvYs1R&p=http%3A//delonadomu.info&dtd=181
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 01:10:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6FBB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b004e90d0b28699fec0d5bdd16599e167c5a383744e643d602bca5c55ea3a692

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 25c1ebd307027cb6cde802b753523349.js Show response
www.gstatic.com/mysidia/ Frame 35C0 8 KB
4 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/25c1ebd307027cb6cde802b753523349.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8946429337246112&output=html&h=600&slotname=4695763170&adk=3385007068&adf=1318772017&pi=t.ma~as.4695763170&w=160&lmt=1684548413&url=http%3A%2F%2Fdelonadomu.info%2F&wgl=1&dt=1684548413113&bpp=21&bdt=493&idt=189&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&abxe=1&correlator=1761866798687&frm=20&pv=2&ga_vid=1155360654.1684548413&ga_sid=1684548413&ga_hid=268261014&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1084&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788441%2C44792089&oid=2&pvsid=2950700369647104&tmod=479863647&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AqYp5lxo7N&p=http%3A//delonadomu.info&dtd=203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08c6df6675aa9335318105edf2dae0e633d9b9b5e023d2f7d312dee6850b1013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3684
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 20:54:28 GMT

GET
H3 200 2cb5797678a2238b00a87eb3f015c6c1.js Show response
www.gstatic.com/mysidia/ Frame 35C0 18 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d45697bb893eda89b558f45671f79d90d700fbfdbc48bef7d2416bb706b645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 21:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7715
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 21:26:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 35C0 6 KB
802 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 02:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 01:29:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 02:06:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 35C0 2 KB
765 B 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jun 2023 10:36:34 GMT

GET
H3 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame 35C0 6 KB
2 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 15:42:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 35C0 22 KB
9 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jun 2023 10:36:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 35C0 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 17:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jun 2023 17:30:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 35C0 19 KB
8 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jun 2023 10:36:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35C0 170 KB
53 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 May 2023 02:06:54 GMT

GET
H3 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 35C0 32 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 15 May 2023 21:45:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 20:46:22 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DEF5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
29ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 02:06:54 GMT
expires: Sat, 20 May 2023 02:06:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 02:06:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/853738749890316745/ Frame 35C0 39 KB
39 KB 91ms
91ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/853738749890316745/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69e68f22f8764831b2841baeed6bbdcc834db971aab29398958a1bbb8b5b9dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:54 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39878
x-xss-protection: 0
last-modified: Tue, 16 May 2023 15:00:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 02:06:54 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5885775330953948312/ Frame 35C0 1 KB
1 KB 14ms
13ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5885775330953948312/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d47cf3052335ce416f7747191a5302f02860cca44c08d92134c74d56b6763dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:29:34 GMT
x-content-type-options: nosniff
age: 304640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1151
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 15:31:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 May 2024 13:29:34 GMT

GET
DATA 200
OK truncated
/ Frame 35C0 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 35C0 0
0 61ms
61ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuoaWPStoZNLnFMjz-ga5io3ABqa_2dBw_pC_2o4R2tkeEAEgjKD7CGCV4pCCoAegAcHijPoDyAEJqQJX6J1-dCKyPqgDAcgDywSqBMkBT9CUb5CUxL6Z2ihSueGXPuF0O192_UDhxEYTx41UygXNBYOMusGIuBYWdU4ehk_qPDBgkVHMhemLUIcqGsrt7DwGIFlmiyLFxB7EG1BP6eJMV85FOD3wlqNZDjx1cAowOXEtlL6stcY4dHJIat7ms2PFnABerlYqwZQzUh-pyBM-CMcA6BlimooY4GN7Dq7fIXuTiQ5OavaPr9tge7tIO8BnnHeXzI4hxW8S06YXU742Z_Fnt5IjPWfLLgHZFuKjWJgar75ujuRswAT428L3owSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHp53zBagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMSYCNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTg5NDY0MjkzMzcyNDYxMTIYAA&sigh=B6cONFFiozg&uach_m=[UACH]&cid=CAQSGwBygQiDOpp_hsdYw9ftmcl7WYWFVjPyOu6d2xgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8946429337246112&output=html&h=600&slotname=4695763170&adk=3385007068&adf=1318772017&pi=t.ma~as.4695763170&w=160&lmt=1684548413&url=http%3A%2F%2Fdelonadomu.info%2F&wgl=1&dt=1684548413113&bpp=21&bdt=493&idt=189&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&abxe=1&correlator=1761866798687&frm=20&pv=2&ga_vid=1155360654.1684548413&ga_sid=1684548413&ga_hid=268261014&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1084&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788441%2C44792089&oid=2&pvsid=2950700369647104&tmod=479863647&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AqYp5lxo7N&p=http%3A//delonadomu.info&dtd=203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 May 2023 02:06:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 20 May 2023 02:06:54 GMT

GET
DATA 200
OK truncated
/ Frame 35C0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e148b5196fe1c147c2012ce9b833887516c8e98d95d3253d3a6133e2549ae97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FBB 0
121 B 48ms
47ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 02:06:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35C0 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 02:06:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 6FBB 29 KB
29 KB 70ms
33ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:24:40 GMT
x-content-type-options: nosniff
age: 592934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 05:24:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 35C0 15 KB
16 KB 41ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 86437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 May 2024 02:06:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 35C0 15 KB
16 KB 54ms
29ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 550959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:04:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 35C0 15 KB
15 KB 43ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 556921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 15:24:53 GMT

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame B7E8 37 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 May 2024 10:36:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 34ms
32ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=delonadomu.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 24ms
23ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=delonadomu.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=catapult-cookie-bar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 02:06:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 887D 0
16 B 24ms
24ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8946429337246112&output=html&adk=1812271804&adf=3025194257&lmt=1684548414&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fdelonadomu.info%2F&ea=0&pra=7&wgl=1&dt=1684548414267&bpp=1&bdt=1646&idt=1&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D495876e493469a76-221ebd3ddddd003f%3AT%3D1684548413%3ART%3D1684548413%3AS%3DALNI_MYdyueATFbYjN3Ey0i1H8-HPBQPOg&gpic=UID%3D00000c188eefd45c%3AT%3D1684548413%3ART%3D1684548413%3AS%3DALNI_MbxsegwWZWOd9j7C5gHQCJ35BCN4A&prev_fmts=468x60&prev_slotnames=4695763170&nras=1&correlator=1761866798687&frm=20&pv=1&ga_vid=1155360654.1684548413&ga_sid=1684548413&ga_hid=268261014&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788441%2C44792089&oid=2&psts=ABHeCviXJA_yKfwRqsEKC_ztsBIjKoyLJ4rGsNB4rJo03_UAaeIie5HR35uJXL83InyRe8uNbEPqQdF79xzXcKRzQX9jvIM%2CABHeCvhtyKr74ilj_VfaGQEKEXDGgSDsru3fOXv19Viu-6XrreGb2JS9ejKiJTd47sMJjKZ-8XPawhrXOoiSIPzJREgq7g&pvsid=2950700369647104&tmod=479863647&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=m202305170101&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://delonadomu.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 02:06:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 58ms
30ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0051d793d262b5d376a3d1b48cd40f8b6917adef09c1e6cfa0b5bc859a153fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11395
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FBB 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2Jhbm5lci1sb2dvCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMgoNEBAhAAAAAACm2kAwBAoNEBEhAAAAAEAX8kAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAZ2a-ikAwBAoNEBQhAAAAALD28kAwBAoNEBUhAAAAAAAAKkAwBAoNEBYhAAAAAAAAEEAwBAoNEBghAAAAzcxQjUAwBAoNEDIhAAAAAKCZyT8wBAoNEDMhAAAAAKCZyT8wBAoNEDQhAAAAAKCZyT8wBAoNEDUhAAAAAKCZyT8wBAoNEDYhAAAAAKCZyT8wBAoNEDchAAAAAKCZyT8wBAoNEDghAAAAAAAA8D8wBAoNEDkhAAAAmpnBgkAwBAoNEDohAAAANDP7gkAwBAoNEDshAAAAAACwikAwBAoNEDwhAAAAAACwikAwBAoNED0hAAAAZ2a-ikAwBAoNED4hAAAANDNPjUAwBAoNED8hAAAANDNPjUAwBAoNEEAhAAAAZ2ZqjUAwBBIaQ1Ayd28tN25ndjhDRlZLUjNnb2RQQUFKVmciDXRleHQvbWFjYXdfdjMoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 02:06:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35C0 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQVRocm9uZQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDIKDRAQIQAAAAAg4uFAMAQKDRARIQAAAABAF_JAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAJqZOYtAMAQKDRAUIQAAAADwkPxAMAQKDRAVIQAAAAAAACpAMAQKDRAWIQAAAAAAABBAMAQKDRAYIQAAAAAAnItAMAQKDRAyIQAAAAA4M9M_MAQKDRAzIQAAAAA4M9M_MAQKDRA0IQAAAAA4M9M_MAQKDRA1IQAAAAA4M9M_MAQKDRA2IQAAAAA4M9M_MAQKDRA3IQAAAAA4M9M_MAQKDRA4IQAAAABoZvY_MAQKDRA5IQAAAAAA2IVAMAQKDRA6IQAAAAAABIZAMAQKDRA7IQAAADQzM4tAMAQKDRA8IQAAADQzM4tAMAQKDRA9IQAAAGdmOotAMAQKDRA-IQAAAAAATItAMAQKDRA_IQAAAM3MTItAMAQKDRBAIQAAAGdmsotAMAQSGkNKTDZvdTduZ3Y4Q0ZjaTUzZ29kT1VVRGFBIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2cb5797678a2238b00a87eb3f015c6c1.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 02:06:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 May 2023 02:06:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B6EE 13 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://delonadomu.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 17:32:38 GMT
expires: Sat, 18 May 2024 17:32:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0D37 783 B
967 B 25ms
24ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0f2b219b4cec8c4e6271596bc6369b6b31efbe3442f05512ed9a181c584eed6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cb97NcKjdVevZgXEamuLLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://delonadomu.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-cb97NcKjdVevZgXEamuLLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 02:06:54 GMT
expires: Sat, 20 May 2023 02:06:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame B6EE 37 KB
14 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 May 2024 10:36:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0D37 0
0 81ms
81ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=2950700369647104&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B6EE 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Gy5p4A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 02:06:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=2950700369647104&bg=!hIelh9PNAAZ8_aWmXP07ADkAdvg8Ws5cro_noffeDTZERp1Y6VaafswnElrQ1srW3TsVMV5n21WtKAvEq5sL9JvZ75IIBQZEzu4CAAAAQVIAAAADaAEHCgDVt6N9i3IoJj1C1mppI6626MJX2iRcZR6_mQtvgHOXsMTmHapGCg_SRKrLy6u-d63uFj5GLoLjht5EAQNI0_ftUuLJe3yw9E9AsJqsxU2Pbwt0NY_veKTAH7TeFtLfP05VlGZ_eDY7Fmu_hywPkHrbHLwjHPpaywtteEQ0jSN-dysT5XQ7O6SnveGXJcfBPowhNh9IyxK_W_usHIIYey2z5QUbFqWe23uH6D-zYbRsRWZUaaxU5kduttGR9t4OQwvZUwJGWrT3pxIaJtBiIkx4bYEQ0mq7mQKqwPuGhAffSxVGA-StkgKUDTunQNnUu7jGMw8uoSMlE4gJqerXOUijoBxsfwAsbwm6wzkv8gJC8XdgWbTZmVqv5gmtX1Le9UlTd2Ezwb_y3VImU1lGILZobEKWA1PFaqna_1T0oAkQYifv13jLoW2DZ-SInNckWKlWMJni9AiUsGhQKI3qjH6bzjqXDSZ61Ft7KY5tkaeWIS6zehC40fXk2Sj4rW3tTBol85llFo-eHUJrf6p69TyjLXZD490fFpqAfruW1PqtunZuDUjaBW6p9-QY2AkxyR8HLhWfbt-spnZQlZ7cOzJnvpBzjZTOr8_a29TeMAZAUJWJfbBLvCiH2igWXUPsqsc74yL-dY-vTYoxs951u7ko-z8LCCnKGwAt26FKIkG1JLelwcLQYZv_JAFJW0ytAssABGyqA7_7At1AZox4Z3xXWMpZbdHkmnM8TXx8kvkSL-MpOdWmBsZ5FVqEwWfTLMlUOkKiqknWMXBBFHHbRAiPnhU6pqUxkiTSMZty53GF7PDMg9rhNBsG6fHqgspicHxuvULuNKMxNb9WeR6HQYu_9MG76FBBKscmPqNDISz8jGlhX8vSH7r0wkGaMQFduuHyi7M3eQedfIdKjrWOQKmTiZJdbbsbMQepBPBGU2Eoj1THF-N7PB1Fjel5BRqygq5V_TiFAU8T9TQfI3k5ixInaxVCtfgjwjcY2OOvaDMzClREgCJDy82UKbp6DiF_AIa0NsQ4ACcsUneWoq80BVR4xswppMrLVnE4jUvNQt_nrlEVezgK60uSmLLE6SO4-VbnSouCGwOqgwJCUduoVETtztAX-4BIjMDeO5qUvFlG9BtX08OZam3gjTZA2G4DKXy8zXAoNRMgscl3Ue0g9W2uHKEr00gQrfN0XPSMwXK4W6p6QQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://delonadomu.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 35C0 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuIb8UX0KYINiHBg1PaVSTrTVIf4jGg-8-DvA00nQVunMYlNyyVpL5Jy5WDmca3u69l5CuntYHHJ1TuA12FJpMH3pL2sWymyiD_z1vWpLOpVBUvb07SmKsERZTLiTiiAQMaeRrgw&sai=AMfl-YRV2yrLX5T2HFSMfJ-qJUut0ETH2Qw4UiuGu_axQo-kuVMB2mGpk4Lf_c38h9E2fKXe6Kn9yyDKfOU0&sig=Cg0ArKJSzCQuJ9h2Okb2EAE&cid=CAQSGwBygQiDOpp_hsdYw9ftmcl7WYWFVjPyOu6d2xgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3385007068&rs=2&la=0&cr=0&vs=4&r=v&rst=1684548413317&rpt=884&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 02:06:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6FBB 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEEhmnZyxDu1Uev2kNZ1bbPDg8f7CQUeKwWgUKmZTsTJuhXWWFFokr0oJRqkDiwBt0oM-xrz5_euISG00Jm2OEVBT_qngaB3JChSHhoyD6MdmQVcf9hlE23mq5x9G4PRtn3eXkFA&sai=AMfl-YRKVfj07AcSvOoBUSUElWIr9PuNDmaJnD8gJIXk2tfDU6vhVmTkruZCDuk4Bjj2sYVW6VV9N-wbuHfR&sig=Cg0ArKJSzFkPsuKJSnwHEAE&cid=CAQSGwBygQiDc0rAYr5B6nbtVxoFwBpB4ArEbYJAtBgB&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=947338483&rs=2&la=0&cr=0&vs=4&r=v&rst=1684548413325&rpt=938&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 02:06:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
delonadomu.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: jhtvh5srldp1cclbchm0st5r06
.delonadomu.info/	1970-01-20 21:31:48	Name: __utma Value: 32636715.1155360654.1684548413.1684548413.1684548413.1
.delonadomu.info/	1969-12-31 23:59:59	Name: __utmc Value: 32636715
.delonadomu.info/	1970-01-20 16:18:36	Name: __utmz Value: 32636715.1684548413.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.delonadomu.info/	1970-01-20 11:55:49	Name: __utmt Value: 1
.delonadomu.info/	1970-01-20 11:55:50	Name: __utmb Value: 32636715.1.10.1684548413
.delonadomu.info/	1970-01-20 21:17:24	Name: __gads Value: ID=495876e493469a76-221ebd3ddddd003f:T=1684548413:RT=1684548413:S=ALNI_MYdyueATFbYjN3Ey0i1H8-HPBQPOg
.delonadomu.info/	1970-01-20 21:17:24	Name: __gpi Value: UID=00000c188eefd45c:T=1684548413:RT=1684548413:S=ALNI_MbxsegwWZWOd9j7C5gHQCJ35BCN4A
.doubleclick.net/	1970-01-20 21:17:24	Name: IDE Value: AHWqTUnajgYtG3OvSZ9v-zG_ypWFwflMLuM0ufTv0_ga40RIvHTH7n1gzgTbboFrJJ4
.doubleclick.net/	1970-01-20 11:55:52	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://delonadomu.info/(Line 405) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://delonadomu.info/(Line 405) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
delonadomu.info
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.marketagent.com
192.185.25.141
2a00:1450:4001:806::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
86.59.32.98
0051d793d262b5d376a3d1b48cd40f8b6917adef09c1e6cfa0b5bc859a153fa5
04c4837f936b52f2fa692ebbe2de46b512009400c325f9f8ce100793e2db5711
08c6df6675aa9335318105edf2dae0e633d9b9b5e023d2f7d312dee6850b1013
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13bf55533718587d44c98eef780e7a1216bd9454832f16bd4e9720dfa5a86735
16034138113aa84427b55cfedf00c1fb3d26d5535cdf53271baa9c4946d5ec2b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a93e87e0138a0caa6a1b7c91821df3d9f78361810675c6d1367572adfd44c9b
1d47cf3052335ce416f7747191a5302f02860cca44c08d92134c74d56b6763dd
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
23ca56edb0fd69ce6a75d0579b86f06024b6dbf8e16e3e6c7747213383a6cd27
2e669e222ee8b18c19d0c98412e69736bbdb148ccdff1736afde13222de9adf6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a750810423f363420bbbfe4ec6c6e8b6b811ea06986a5a1a0e8a362878ba708
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
4e148b5196fe1c147c2012ce9b833887516c8e98d95d3253d3a6133e2549ae97
4e45589f2890cabcbb68bc27870c53b8d1b09121631673588c17ef33280fd217
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b03bd8b5911b894e43db492b9ceb7da7a390d4df7fd3fcad3e608c6fe9e07a0
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65d412d7e692044ee385ca6ba2978b3524633927b861eefb30b1635c161289db
69e68f22f8764831b2841baeed6bbdcc834db971aab29398958a1bbb8b5b9dd9
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
7d62a46800fb4881aa8662956a44d5ceaf2744545eab564a66ea37ccaccb7868
7e20f3db15854c0c125474dab00c51946d87ea3271addb66bae888e3c543fe10
809b50a49f8b18d7876955773c4c873485606438bc25ae2332a3848213788859
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89d45697bb893eda89b558f45671f79d90d700fbfdbc48bef7d2416bb706b645
8ed320502a6601df3649c555c0c84f642e514869926a16a103fe4db9d369128a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a19fd164fed439d7ed8b0796b40e045137a9ffd5ec35c6d240cc59298996df2b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5de986428df8f53c7796b6835591e355d3bf2fd566c8bc2c424495871bec0fa
a6841a59c43b941e321d1c90b65203188775e6d2a64fa2772ac57fac1943b397
b004e90d0b28699fec0d5bdd16599e167c5a383744e643d602bca5c55ea3a692
b0f2b219b4cec8c4e6271596bc6369b6b31efbe3442f05512ed9a181c584eed6
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b195e05e57e98587cad401f794b7f34eff6adae693e151d8b77477e38015e0f3
b49ed3f62515c8a32009a75b305c380e734618bbc2016abb8b7e350c3626830a
c3a4d3f20f7c17587cc07671dcfe40282c7799b203ffedc47e152976ff9bf78e
c490703a33007fc223a93687a4138a1fb4f1febe9357a17a2de3a1e326fd5ed3
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
d203fd59975be8ab20699080e6fcf9bb5109cbccf6b40dab2a888921f86635d3
d8593f62d09249fcf99df3f09b346a6b0c4be70b1e5016c7119a8af07d6ab4cf
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
dd19215106d1bee1b9d13937997f17e1938a743f1a8cf7d7f793ab9534ddcc47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eee9ab6eaca56d0ef48b73dba7233d4517b58b13019268e861a8fcf5fbfd2975
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4dc32b81d33b99cef1b5fe3ac35739175eb436495a7c3ae1aa8941fe541138
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ffedea038b6d080fd2b6e47197a93bcd1e31dbc0f0a8bea9437f3b9a48bf4c64

delonadomu.info Open in urlscan Pro 192.185.25.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

71 %HTTPS

85 %IPv6

11 Domains

14 Subdomains

14 IPs

3 Countries

760 kBTransfer

1831 kBSize

10 Cookies

8 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

delonadomu.info Open in urlscan Pro
192.185.25.141 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

71 %
HTTPS

85 %
IPv6

11
Domains

14
Subdomains

14
IPs

3
Countries

760 kB
Transfer

1831 kB
Size

10
Cookies

80 HTTP transactions
4 data transactions