mv.allopovo.online Open in urlscan Pro
194.5.156.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mv.allopovo.online/
Submission Tags: krdtest
Submission: On August 29 via api (August 29th 2021, 12:14:23 pm UTC) from JP

Summary HTTP 104 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 104 HTTP transactions. The main IP is 194.5.156.14, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is mv.allopovo.online.
TLS certificate: Issued by R3 on August 28th 2021. Valid for: 3 months.

This is the only time mv.allopovo.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	194.5.156.14 194.5.156.14	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
104	16

31 194.5.156.14 (Germany)

ASN47583 (AS-HOSTINGER, CY)

mv.allopovo.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	593 KB
31	allopovo.online mv.allopovo.online	232 KB
14	doubleclick.net googleads.g.doubleclick.net	101 KB
5	google.com 3 redirects adservice.google.com www.google.com	778 B
4	gstatic.com www.gstatic.com fonts.gstatic.com	72 KB
4	googletagservices.com www.googletagservices.com	138 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	facebook.net connect.facebook.net	70 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	262 B
1	facebook.com www.facebook.com	147 B
1	cloudflare.com cdnjs.cloudflare.com	1 KB
104	12

	Domain	Requested by
31	mv.allopovo.online	mv.allopovo.online
29	tpc.googlesyndication.com	googleads.g.doubleclick.net mv.allopovo.online tpc.googlesyndication.com pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net mv.allopovo.online
12	pagead2.googlesyndication.com	mv.allopovo.online pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	www.google.com	3 redirects tpc.googlesyndication.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	connect.facebook.net	mv.allopovo.online connect.facebook.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	mv.allopovo.online
1	cdnjs.cloudflare.com	mv.allopovo.online
104	15

This site contains no links.

Subject Issuer	Validity	Valid
mv.allopovo.online R3	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://mv.allopovo.online/
Frame ID: 0802A73CA94CC087CBC16009427D84EC
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html
Frame ID: 108DE818EFDC20D74DC1F30FA03D3079
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&adk=1812271804&adf=3025194257&lmt=1630239245&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmv.allopovo.online%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244805&bpp=3&bdt=354&idt=206&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4989980665192&frm=20&pv=2&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=221
Frame ID: 5EB7283793EA9B58B9AB4D16859A9363
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=1621063342&adk=829537126&adf=611124519&pi=t.ma~as.1621063342&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244808&bpp=2&bdt=357&idt=222&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yCCdcGMb55&p=https%3A//mv.allopovo.online&dtd=252
Frame ID: 61ED21606AF4962FF236EE5BF9BBE6F4
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=600&slotname=6298674954&adk=3545168702&adf=3199190187&pi=t.ma~as.6298674954&w=300&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244810&bpp=1&bdt=359&idt=256&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1280&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jOewHr5GBO&p=https%3A//mv.allopovo.online&dtd=260
Frame ID: 212D1EBF190DA5D1BFFF43891A831250
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=7665673770&adk=2352551775&adf=3852109244&pi=t.ma~as.7665673770&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244811&bpp=1&bdt=360&idt=266&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x600&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=IdI3pwoJBS&p=https%3A//mv.allopovo.online&dtd=269
Frame ID: F69D10135976B6F7C817E5BF6D021767
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CD951A703424D6D4AECDB9C1118C6410
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html
Frame ID: 639A358271E9D99F821904B163ECD480
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CetwhDXorYYvsBbLEzAau25KYA-qj2_hir6mInekO17jgz6klEAEg9NGmSmCVAqABq6_k4gPIAQmpAi0uk0NQyrM-qAMByANIqgTdAU_QGybhsN2wxaCwhoLMeg24UIUD6M3MU3Innaw68gWjCTSb4EeD_ADAF8Jw7wADYTTz_RcInb95_th3f_FaojRctaZ8-NrUp3u3fRYaYdwkUNa08Tq-43dn8u2fh7ZxU3UvZa_WNE8DZz4rKh7H36TOp7kEtqmVGTqexiydmvxqZIkdt9HXX0TCO6COkTgMs1W4MnJKeLKiQggiqce7GxhBlrsMMwokZPArHAwxUHqDDXiAnQIvkhDa-NP_LWvBzZPDPxWmnOeVcmjnerzqIQrlaYoTQmhAxuRadwYUwATAqLeN3gOSBQQIBBgBkgUECAUYBKAGLoAHvdCbHagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQvP4u0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTQ5NDIwNDIxNTQwMTk3NjYYAA&sigh=EWTXROlqEAM&template_id=419
Frame ID: C16B3673FD49C33504F310D4467CEE1C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F264C16369E39C0510514AE5269AF6D6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 32F7AE5EE02D7CFA626483E1FD367ED7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Frame ID: 4E1EA2263AA1B8EA208F6E3B95727853
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Frame ID: F4826B2119B3B124BA37DC4F121CB9CB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 115BE44633B97B5F0AD2236392537D22
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8AC6F0F128030AE82E2197D65CC27707
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MV.ALLOPOVO – Un site utilisant WordPress

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

104
Requests

100 %
HTTPS

88 %
IPv6

12
Domains

15
Subdomains

16
IPs

2
Countries

1209 kB
Transfer

3342 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

104 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mv.allopovo.online/ 23 KB
7 KB 9779ms
9513ms Document
text/html 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.2.34

Resource Hash

7cd8e75f98aba0302ce001e6fd8120b8838b6ec07302359bb528d3e1d43057de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: mv.allopovo.online
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
link: <https://mv.allopovo.online/index.php/wp-json/>; rel="https://api.w.org/"
cache-control: public, max-age=604800
expires: Sun, 05 Sep 2021 12:14:04 GMT
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Aug 2021 12:14:04 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H3-29 200 wti_like_post.css
mv.allopovo.online/wp-content/plugins/wti-like-post/css/ 4 KB
696 B 249ms
156ms Stylesheet
text/css 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/plugins/wti-like-post/css/wti_like_post.css

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8e82c72b3946ff8cb98860eb7876de8028e929dda69365982e3f47f692755423

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/plugins/wti-like-post/css/wti_like_post.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:13:35 GMT
server: LiteSpeed
etag: "e39-612a1a5f-2d398cdf6c23d7df;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 645
expires: Tue, 28 Sep 2021 12:14:04 GMT

GET
H3-29 200 style.min.css
mv.allopovo.online/wp-includes/css/dist/block-library/ 79 KB
10 KB 242ms
149ms Stylesheet
text/css 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:01:20 GMT
server: LiteSpeed
etag: "13abe-612a1780-f4f7bef8bf14ef56;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 9960
expires: Tue, 28 Sep 2021 12:14:04 GMT

GET
H3-29 200 style.css
mv.allopovo.online/wp-content/themes/videopro/ 281 KB
43 KB 138ms
47ms Stylesheet
text/css 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/style.css

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

65f5a827ae37b5d46a4cb388fc920ba3e4ec3fe964ff9fe4f537cb6c33f74709

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:10 GMT
server: LiteSpeed
etag: "4656f-612a1992-22a01812f42463f;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 43661
expires: Tue, 28 Sep 2021 12:14:04 GMT

GET
H3-29 200 font-awesome.min.css
mv.allopovo.online/wp-content/themes/videopro/css/font-awesome/css/ 35 KB
7 KB 233ms
142ms Stylesheet
text/css 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/css/font-awesome/css/font-awesome.min.css

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/css/font-awesome/css/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:13 GMT
server: LiteSpeed
etag: "8a1f-612a1995-b29d285c1234ab2d;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7451
expires: Tue, 28 Sep 2021 12:14:04 GMT

GET
H3-29 200 slick.css
mv.allopovo.online/wp-content/themes/videopro/css/ 1 KB
459 B 246ms
155ms Stylesheet
text/css 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/css/slick.css

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5de565d97952e932b9b30eee2ac725abd876f166d73225d751e3047b53328721

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/css/slick.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:12 GMT
server: LiteSpeed
etag: "4e1-612a1994-566da400b29aa32c;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 385
expires: Tue, 28 Sep 2021 12:14:04 GMT

GET
H3-29 200 jquery.mCustomScrollbar.min.css
mv.allopovo.online/wp-content/themes/videopro/css/ 42 KB
4 KB 233ms
142ms Stylesheet
text/css 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/css/jquery.mCustomScrollbar.min.css

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/css/jquery.mCustomScrollbar.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:12 GMT
server: LiteSpeed
etag: "a757-612a1994-695cbeab53810d8;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 3806
expires: Tue, 28 Sep 2021 12:14:04 GMT

GET
H3-29 200 style.css
mv.allopovo.online/wp-content/themes/videopro-child/ 96 B
168 B 248ms
156ms Stylesheet
text/css 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro-child/style.css

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f39e646e17646cbaedbccbb9c430d9f7316bb1fd93fa6d7aac65ca9fb8781e42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro-child/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
last-modified: Sat, 28 Aug 2021 11:11:21 GMT
server: LiteSpeed
etag: "60-612a19d9-668ae177794771a0;;;"
content-type: text/css
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 96
expires: Tue, 28 Sep 2021 12:14:04 GMT

GET
H3-29 200 membership.css
mv.allopovo.online/wp-content/themes/videopro/css/ 16 KB
3 KB 236ms
145ms Stylesheet
text/css 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/css/membership.css

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

24328edc0be43d4c9461c6e6ccdd36809af81f6e3bd9779a3c2075168b20982e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/css/membership.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:12 GMT
server: LiteSpeed
etag: "3eab-612a1994-ab727a00a100b969;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2684
expires: Tue, 28 Sep 2021 12:14:04 GMT

GET
H3-29 200 dark.css
mv.allopovo.online/wp-content/themes/videopro/css/ 10 KB
2 KB 238ms
147ms Stylesheet
text/css 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/css/dark.css

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a8e85bf9d3f10ee9c07506627377c95fabac984a699e8758a881378c547a712d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/css/dark.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:12 GMT
server: LiteSpeed
etag: "26c5-612a1994-74d0421660e1fc90;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 1819
expires: Tue, 28 Sep 2021 12:14:04 GMT

GET
H3-29 200 main.css
mv.allopovo.online/wp-content/plugins/cactus-video/css/ 18 KB
4 KB 238ms
148ms Stylesheet
text/css 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/plugins/cactus-video/css/main.css

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

986139e1d1cde8e6ca4fba6c2abb6af30752c15de5caf2854ad64e8a3148c902

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/plugins/cactus-video/css/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:13:30 GMT
server: LiteSpeed
etag: "4941-612a1a5a-c4807f2acdf99283;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 3959
expires: Tue, 28 Sep 2021 12:14:04 GMT

GET
H3-29 200 lightbox.css
mv.allopovo.online/wp-content/plugins/cactus-video/js/lightbox/ 6 KB
1 KB 238ms
148ms Stylesheet
text/css 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/plugins/cactus-video/js/lightbox/lightbox.css

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d0e242279f21fc22e888c2909524145eddd6fc1e11ddc3ead684727471bd7526

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/plugins/cactus-video/js/lightbox/lightbox.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:13:25 GMT
server: LiteSpeed
etag: "160d-612a1a55-8ae0ce0abf592ecb;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 1167
expires: Tue, 28 Sep 2021 12:14:04 GMT

GET
H3-29 200 jquery.min.js Show response
mv.allopovo.online/wp-includes/js/jquery/ 87 KB
30 KB 274ms
183ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-includes/js/jquery/jquery.min.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-includes/js/jquery/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:01:20 GMT
server: LiteSpeed
etag: "15db1-612a1780-af7003e2a5ec1f8a;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 30273
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 jquery-migrate.min.js Show response
mv.allopovo.online/wp-includes/js/jquery/ 11 KB
4 KB 247ms
157ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:01:20 GMT
server: LiteSpeed
etag: "2bd8-612a1780-42abd360afe826f7;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 3995
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 wti_like_post.js Show response
mv.allopovo.online/wp-content/plugins/wti-like-post/js/ 1004 B
441 B 247ms
157ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/plugins/wti-like-post/js/wti_like_post.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8e4ce5c5f4f1cea13b8b65908425ccfef461fc5ce30dd10ac9d6de5f4193fb2e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/plugins/wti-like-post/js/wti_like_post.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:13:35 GMT
server: LiteSpeed
etag: "3ec-612a1a5f-944b4a9c0acba2ca;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 307
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 ajax.js Show response
mv.allopovo.online/wp-content/themes/videopro/js/ 4 KB
1 KB 246ms
157ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/js/ajax.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

59df35bb1d82ccb0b6668a72a3f7952ded7774f3af6847be84d2e0e7b4630003

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/js/ajax.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:09 GMT
server: LiteSpeed
etag: "f12-612a1991-be50cf0f6253757d;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 1072
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5533380c3dc66e1876d546ba0cdb3f3c71fc37340111cf2a8fe8150637684fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://mv.allopovo.online
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: CpuC6QeLvnnhXEyRx4DxVA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: K+3ACUUrZvvL8wmOGR94JDa2i7l7cJ0KeaqQp2xhJkLuUtPUuWKxuMwTC7pT8RWff/7/AjiDIObZQkaaTf8zQA==
x-fb-trip-id: 917726464
x-fb-content-md5: f624187c5c319a8fdf4285c92fee6e3a
x-frame-options: DENY
date: Sun, 29 Aug 2021 12:14:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "4d26d9498ffe0b745d926fd18635e28b"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 29 Aug 2021 12:15:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4942042154019766

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41c36545904182a753a5d6d64356fb7dea4eb2cc5f6c62dd6cc3b4da8809a6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49997
x-xss-protection: 0
server: cafe
etag: 15562034904911884318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 Aug 2021 12:14:04 GMT

GET
H3-29 200 plus-2.png
mv.allopovo.online/wp-content/uploads/2021/08/ 4 KB
4 KB 52ms
49ms Image
image/png 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mv.allopovo.online/wp-content/uploads/2021/08/plus-2.png

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bb8d7e8e230ae388d73b3855ee5e3bda0f433772f35c2575d798fc3db116ec1d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/uploads/2021/08/plus-2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
last-modified: Sat, 28 Aug 2021 13:35:31 GMT
server: LiteSpeed
etag: "fab-612a3ba3-8f3b106ec425729;;;"
content-type: image/png
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4011
expires: Mon, 29 Aug 2022 12:14:04 GMT

GET
H3-29 200 mashmenu.js Show response
mv.allopovo.online/wp-content/themes/videopro/inc/megamenu/js/ 1 KB
520 B 39ms
38ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/inc/megamenu/js/mashmenu.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

115527e6d84035b5f2021c0215a87a7e46dfdb51ab9ab159fc3b94cd3dcb342b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/inc/megamenu/js/mashmenu.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:09 GMT
server: LiteSpeed
etag: "581-612a1991-f4a56565a832d69b;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 469
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 smoothscroll.js Show response
mv.allopovo.online/wp-content/themes/videopro/js/ 25 KB
7 KB 35ms
35ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/js/smoothscroll.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

713ac72ba52daddc624b3d941080a423db914fd9a9eaf867fd6acd3bc5894f1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/js/smoothscroll.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:09 GMT
server: LiteSpeed
etag: "636a-612a1991-61cb0b2fdf451c51;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6653
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 bootstrap-lib.js Show response
mv.allopovo.online/wp-content/themes/videopro/js/ 17 KB
4 KB 36ms
34ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/js/bootstrap-lib.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4d23064b2271c366da6f8af0f65aef336031719ff055b86d07878981d2af5389

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/js/bootstrap-lib.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:09 GMT
server: LiteSpeed
etag: "42c9-612a1991-7f5d2a9acc2f13f6;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4336
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 slick.min.js Show response
mv.allopovo.online/wp-content/themes/videopro/js/ 42 KB
10 KB 37ms
34ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/js/slick.min.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

13a544aa577df51cc73aed19ec64eecadf07ba4b1495a6b2c8f164e22aa98c34

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/js/slick.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:09 GMT
server: LiteSpeed
etag: "a8f4-612a1991-86f9bd5043b550be;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 10525
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 jquery.mCustomScrollbar.concat.min.js Show response
mv.allopovo.online/wp-content/themes/videopro/js/ 41 KB
12 KB 41ms
38ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/js/jquery.mCustomScrollbar.concat.min.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

796ac1e4b32d5ea399245815319f3eee0caf4eea03261017292c92e0bb0056c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/js/jquery.mCustomScrollbar.concat.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:09 GMT
server: LiteSpeed
etag: "a2e6-612a1991-e113e135a6cc4aeb;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 12302
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 js.cookie.js Show response
mv.allopovo.online/wp-content/themes/videopro/js/ 3 KB
1 KB 44ms
41ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/js/js.cookie.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5b2f5c5847ed1a84c598ed5eabfde8e9be6c79336bba2ede46db908ff1941b0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/js/js.cookie.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:09 GMT
server: LiteSpeed
etag: "dc6-612a1991-955d07b589592a33;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 1268
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 isotope.js Show response
mv.allopovo.online/wp-content/themes/videopro/js/ 34 KB
9 KB 45ms
42ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/js/isotope.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7164985b21fde0171bbc6068285fcd32e7f33f0a25eb62b289a97100be17e1c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/js/isotope.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:09 GMT
server: LiteSpeed
etag: "8787-612a1991-faac306c134afa51;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 9418
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 template.js Show response
mv.allopovo.online/wp-content/themes/videopro/js/ 48 KB
10 KB 46ms
43ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/js/template.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6b200660c3dcf74559b311241507d4633ef4c9bbf8e0b4e0cf59a057987af2f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/js/template.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:10:09 GMT
server: LiteSpeed
etag: "c0d8-612a1991-f3d4ad829c042111;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 10287
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 custom.js Show response
mv.allopovo.online/wp-content/plugins/cactus-video/js/ 42 KB
8 KB 50ms
48ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/plugins/cactus-video/js/custom.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

84ba7f2ed77d609349a168f506cc3c10d2f6bf5c82047982abd416bad556dc97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/plugins/cactus-video/js/custom.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:13:25 GMT
server: LiteSpeed
etag: "a82a-612a1a55-2b28345d92634ec6;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7842
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 lightbox.js Show response
mv.allopovo.online/wp-content/plugins/cactus-video/js/lightbox/ 9 KB
2 KB 50ms
48ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/plugins/cactus-video/js/lightbox/lightbox.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6a641ca01766aacb244c7bbc2c94d08640da08f940395e9a2a32f281f9885ffe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/plugins/cactus-video/js/lightbox/lightbox.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:13:25 GMT
server: LiteSpeed
etag: "2202-612a1a55-aafeb2b36f214b2f;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2263
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 lazysizes.min.js Show response
mv.allopovo.online/wp-content/plugins/cactus-video/js/ 6 KB
3 KB 52ms
50ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/plugins/cactus-video/js/lazysizes.min.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

547e0dca6d4e9aa4776648b2342d1af096e1ba82452014669dc1213203a359cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/plugins/cactus-video/js/lazysizes.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:13:25 GMT
server: LiteSpeed
etag: "1915-612a1a55-1ac9556531399a12;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2900
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 wp-embed.min.js Show response
mv.allopovo.online/wp-includes/js/ 1 KB
714 B 52ms
50ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-includes/js/wp-embed.min.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-includes/js/wp-embed.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:01:20 GMT
server: LiteSpeed
etag: "592-612a1780-6bcb4097e50b07d7;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 663
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 wp-emoji-release.min.js Show response
mv.allopovo.online/wp-includes/js/ 18 KB
4 KB 52ms
49ms Script
application/x-javascript 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
last-modified: Sat, 28 Aug 2021 11:01:20 GMT
server: LiteSpeed
etag: "4705-612a1780-24e10db666e12a07;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4539
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4942042154019766

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41c36545904182a753a5d6d64356fb7dea4eb2cc5f6c62dd6cc3b4da8809a6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mv.allopovo.online
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49997
x-xss-protection: 0
server: cafe
etag: 15562034904911884318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 Aug 2021 12:14:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4942042154019766

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41c36545904182a753a5d6d64356fb7dea4eb2cc5f6c62dd6cc3b4da8809a6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49997
x-xss-protection: 0
server: cafe
etag: 15562034904911884318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 Aug 2021 12:14:04 GMT

GET
H3-29 200 fa-solid-900.woff2
mv.allopovo.online/wp-content/themes/videopro/css/font-awesome/webfonts/ 38 KB
38 KB 35ms
34ms Font
font/woff2 194.5.156.14
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.allopovo.online/wp-content/themes/videopro/css/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/wp-content/themes/videopro/css/font-awesome/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

194.5.156.14 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /wp-content/themes/videopro/css/font-awesome/webfonts/fa-solid-900.woff2
pragma: no-cache
origin: https://mv.allopovo.online
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: mv.allopovo.online
referer: https://mv.allopovo.online/wp-content/themes/videopro/css/font-awesome/css/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://mv.allopovo.online
Referer: https://mv.allopovo.online/wp-content/themes/videopro/css/font-awesome/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
last-modified: Sat, 28 Aug 2021 11:10:12 GMT
server: LiteSpeed
etag: "9780-612a1994-9e61eaf6022051d3;;;"
content-type: font/woff2
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 38784
expires: Sun, 05 Sep 2021 12:14:04 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_GB/ 235 KB
68 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=52e8ca3145d42a3d0a4976344a9a0909

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

70d789e56a97b204fe9db34b4965f50b237a51fb4663a0233697d3d211a09a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://mv.allopovo.online
Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xud3Lz4tMSR8N7wGRMsHzA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69781
x-fb-rlafr: 0
x-fb-debug: xFCEtW8rd3Vgv1ZBDWg2hzgYHTXmoDnAt/CbscuwzVR9UoYmtIDfGd/quLCB9umeAvWzTte/UsI2kAT2eM/5kw==
x-fb-content-md5: 2479e4d0e4d4b0cbf82bf36106d181ce
x-frame-options: DENY
date: Sun, 29 Aug 2021 12:14:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "0a036e02bfde6f7c7f7349cbf2adbcbb"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 29 Aug 2022 11:20:19 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 252 KB
93 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4942042154019766&plah=mv.allopovo.online

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4942042154019766

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7089f6cbc081f79ba297f48c9c720869f325f9eedbe422279da1a4bee732bc4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95600
x-xss-protection: 0
server: cafe
etag: 9779198409284284208
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 29 Aug 2021 12:14:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/ Frame 108D 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4942042154019766

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210824/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mv.allopovo.online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://mv.allopovo.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 29 Aug 2021 11:25:15 GMT
expires: Sun, 12 Sep 2021 11:25:15 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 2929
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
1 KB 18ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 323300
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1046
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5aDy4wKPz%2FSoTgBMf6OvbIX%2FPpUntCrxbTLeBfJgMI0banACMvdjuZ%2FBVVnm3KlsxgIwqYPBpex05YP9dTHoqFSOXE0piXiI629rEHzWcDdaRp6V6ajJeiSSiqLMeKf9IUKuyB%2FlFzkmHG4e6kdnx1N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6865b2703dc64a9e-FRA
expires: Fri, 19 Aug 2022 12:14:04 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=498927376861973&ev=fb_page_view&dl=https%3A%2F%2Fmv.allopovo.online%2F&rl=&if=false&ts=1630239245004&sw=1600&sh=1200&at=

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 29 Aug 2021 12:14:05 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
262 B 55ms
54ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mv.allopovo.online&callback=_gfp_s_&client=ca-pub-4942042154019766

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4942042154019766&plah=mv.allopovo.online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e690b52892c2eb4ccf51a4b97f3ede90aac7d51a83642dc4240b98fd38af5858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 31ms
30ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mv.allopovo.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Aug 2021 12:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 31ms
31ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mv.allopovo.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Aug 2021 12:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EB7 9 KB
4 KB 653ms
627ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&adk=1812271804&adf=3025194257&lmt=1630239245&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmv.allopovo.online%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244805&bpp=3&bdt=354&idt=206&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4989980665192&frm=20&pv=2&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=221

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60ef8ae3d47e799b2e2c6cee25efdf005b74a342b8d2bce6bcfbe2b392425d9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4942042154019766&output=html&adk=1812271804&adf=3025194257&lmt=1630239245&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmv.allopovo.online%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244805&bpp=3&bdt=354&idt=206&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4989980665192&frm=20&pv=2&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=221
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mv.allopovo.online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://mv.allopovo.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 29 Aug 2021 12:14:05 GMT
server: cafe
content-length: 4031
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Aug-2021 12:29:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 12:14:05 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063795307439"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Sun, 29 Aug 2021 12:14:05 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61ED 80 KB
26 KB 661ms
661ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=1621063342&adk=829537126&adf=611124519&pi=t.ma~as.1621063342&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244808&bpp=2&bdt=357&idt=222&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yCCdcGMb55&p=https%3A//mv.allopovo.online&dtd=252

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12e1e5b2f9a45f2a6815894b4c9693627443dfed06fdeb1186b241849a7fa0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=1621063342&adk=829537126&adf=611124519&pi=t.ma~as.1621063342&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244808&bpp=2&bdt=357&idt=222&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yCCdcGMb55&p=https%3A//mv.allopovo.online&dtd=252
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mv.allopovo.online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://mv.allopovo.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 29 Aug 2021 12:14:05 GMT
server: cafe
content-length: 27104
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Aug-2021 12:29:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 12:14:05 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 212D 67 KB
25 KB 677ms
675ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=600&slotname=6298674954&adk=3545168702&adf=3199190187&pi=t.ma~as.6298674954&w=300&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244810&bpp=1&bdt=359&idt=256&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1280&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jOewHr5GBO&p=https%3A//mv.allopovo.online&dtd=260

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

948d640e00cf93b1c1a0b38104c6024583ebdcd14059384810145c6dea6f7db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4942042154019766&output=html&h=600&slotname=6298674954&adk=3545168702&adf=3199190187&pi=t.ma~as.6298674954&w=300&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244810&bpp=1&bdt=359&idt=256&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1280&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jOewHr5GBO&p=https%3A//mv.allopovo.online&dtd=260
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mv.allopovo.online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://mv.allopovo.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 29 Aug 2021 12:14:05 GMT
server: cafe
content-length: 25577
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Aug-2021 12:29:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 12:14:05 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F69D 132 KB
41 KB 664ms
664ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=7665673770&adk=2352551775&adf=3852109244&pi=t.ma~as.7665673770&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244811&bpp=1&bdt=360&idt=266&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x600&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=IdI3pwoJBS&p=https%3A//mv.allopovo.online&dtd=269

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0058874e567692293aa7721d3115baaf4dd9f6bd67aea893930a3b937a59f7f5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMum6bia1vICFTIi0wodrq0EMw&gqi=DXorYbaoBdWFzAap36aACQ&layout=/sadbundle/%24csp%253Der3%24/6806042117930411100/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=7665673770&adk=2352551775&adf=3852109244&pi=t.ma~as.7665673770&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244811&bpp=1&bdt=360&idt=266&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x600&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=IdI3pwoJBS&p=https%3A//mv.allopovo.online&dtd=269
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mv.allopovo.online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://mv.allopovo.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMum6bia1vICFTIi0wodrq0EMw&gqi=DXorYbaoBdWFzAap36aACQ&layout=/sadbundle/%24csp%253Der3%24/6806042117930411100/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 29 Aug 2021 12:14:05 GMT
server: cafe
content-length: 41621
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Aug-2021 12:29:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 12:14:05 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame 61ED 3 KB
674 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=1621063342&adk=829537126&adf=611124519&pi=t.ma~as.1621063342&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244808&bpp=2&bdt=357&idt=222&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yCCdcGMb55&p=https%3A//mv.allopovo.online&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 29 Aug 2021 12:03:39 GMT
server: ESF
date: Sun, 29 Aug 2021 12:14:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Aug 2021 12:14:05 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 61ED 1 KB
937 B 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 11:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 11:49:35 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/ Frame 61ED 18 KB
8 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 12:06:42 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 61ED 2 KB
1 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 12:13:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61ED 122 KB
37 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sun, 29 Aug 2021 12:14:05 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 61ED 14 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6213
x-xss-protection: 0
server: cafe
etag: 5878208181763659450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 12:10:42 GMT

GET
H2 200 bf370751b3c301aa27eddd739f5e1f7e.js Show response
www.gstatic.com/mysidia/ Frame 61ED 26 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bf370751b3c301aa27eddd739f5e1f7e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10800
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 06:33:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 16:33:03 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 61ED 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNymDDXorYZPcBO6A2fcP9eKBsAqY2NL8XfGH38KGCZCon8aRDhABIPTRpkpglQKgAerWwLoDyAEBqAMByAPDBKoE0QFP0GF0gnQqY7ST1a4qQCUrvOPL4F3pKYrhDZPaJzWiv0kqcRLuqqMn340Zr071w0U3qIjZXds5eupr5Szn8t-LpVV9XgMd0dF0GxpZamb8UUdXhvCj0qCoQqy508RPTZdQskB6dPTr2swuxqFmSu_9ZeIarFOsKn2VE3wSCIcRZMiMeZTn6SBOPKvh59RUT0O7bJCz5B_eXQ3WHVQXnuwFnvbqCa99oCYrL28G20EAQXEC1S9pzvtbDcDl3WhVcF503XuCek0D6Mo_95t4aj9mAMAE_NHikLEBkgUECAQYAZIFBAgFGASgBlGAB_6ov0WoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEMKnDtIICQiA4YAQEAEYH4AKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi00OTQyMDQyMTU0MDE5NzY2GAA&sigh=JE8KFIHm3Ec

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=1621063342&adk=829537126&adf=611124519&pi=t.ma~as.1621063342&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244808&bpp=2&bdt=357&idt=222&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yCCdcGMb55&p=https%3A//mv.allopovo.online&dtd=252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 29 Aug 2021 12:14:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Aug 2021 12:14:05 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD95 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=1621063342&adk=829537126&adf=611124519&pi=t.ma~as.1621063342&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244808&bpp=2&bdt=357&idt=222&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yCCdcGMb55&p=https%3A//mv.allopovo.online&dtd=252
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=1621063342&adk=829537126&adf=611124519&pi=t.ma~as.1621063342&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244808&bpp=2&bdt=357&idt=222&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yCCdcGMb55&p=https%3A//mv.allopovo.online&dtd=252

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 29 Aug 2021 11:52:34 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 61ED 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a26011c51caa87c563cb76f5ff11b0fdee5a0768ea36f1ed43e83dbc98d21d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 61ED 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 23:18:34 GMT
x-content-type-options: nosniff
age: 305731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:01:04 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 23:18:34 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 61ED 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 00:01:03 GMT
x-content-type-options: nosniff
age: 389582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 00:00:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 00:01:03 GMT

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F69D 67 B
91 B 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=7665673770&adk=2352551775&adf=3852109244&pi=t.ma~as.7665673770&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244811&bpp=1&bdt=360&idt=266&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x600&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=IdI3pwoJBS&p=https%3A//mv.allopovo.online&dtd=269

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 18:28:17 GMT
x-content-type-options: nosniff
server: cafe
age: 63948
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sun, 29 Aug 2021 18:28:17 GMT

GET
H3-29 200 6515625901317302641
tpc.googlesyndication.com/simgad/ Frame 212D 141 KB
141 KB 7ms
7ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6515625901317302641

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=600&slotname=6298674954&adk=3545168702&adf=3199190187&pi=t.ma~as.6298674954&w=300&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244810&bpp=1&bdt=359&idt=256&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1280&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jOewHr5GBO&p=https%3A//mv.allopovo.online&dtd=260

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88b70158572bb4cf3926bc230f56c1408cdb37f76f7b4d4d28666387ececb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 17:11:21 GMT
x-content-type-options: nosniff
age: 327764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144780
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 10:07:12 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 17:11:21 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/ Frame 212D 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 12:09:48 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 212D 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 12:13:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 212D 122 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sun, 29 Aug 2021 12:14:05 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 212D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6213
x-xss-protection: 0
server: cafe
etag: 5878208181763659450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 12:10:42 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame 212D 26 KB
11 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95141ef1e328eaeb6f8ca6055420f6ced872676bd87f0f414ec2f8fc33e89e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 01:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10782
x-xss-protection: 0
server: cafe
etag: 5294709741162730823
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 01:22:05 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 212D 0
0 49ms
48ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrdlPDXorYYnXBc7IzAbHoYco59rl4WTn5Neqmg7ys5nwkQ4QASD00aZKYJUCoAHxg_2VA8gBA6gDAcgDyQSqBNQBT9CdoNKoFFU6QSuEbKVWwR7uUachkW1zgktbaZ4G6nEhHkOkw9_p74CI6x9v5ERew5ONriTkxBrXMveggNhJEtU5NkvzSCu-92_fp0ddGBI3xqccb7MAOIIHQKB48QuaDRVdUAR4jq1ZVElEA4tIAMIxz4vyKGyhBpXMi6gMU9DO1LsCTOC-K2TD6C7vY5h1Sfqn3g0nZi_lbTGJCaQCY0NbK70gVCCU-vPV1Z3_VV6Ch20indPFRYzdpbhi8y9Sjl7xlkUWlgsAplf3z88MfmaiKwLABPL6h8bEA5IFBAgEGAGSBQQIBRgEoAYDgAeY3slrqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBDC3wjSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNDk0MjA0MjE1NDAxOTc2NhgA&sigh=sBn0WMXArNU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=600&slotname=6298674954&adk=3545168702&adf=3199190187&pi=t.ma~as.6298674954&w=300&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244810&bpp=1&bdt=359&idt=256&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1280&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jOewHr5GBO&p=https%3A//mv.allopovo.online&dtd=260
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 29 Aug 2021 12:14:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/ Frame 639A 33 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

166a60e8786f2d99a9d38a9c07412683b6163760a3dead8c7a7c55c8814657c3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6806042117930411100/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 24 Aug 2021 19:11:01 GMT
expires: Wed, 24 Aug 2022 19:11:01 GMT
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 4795
age: 406984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C16B 0
0 48ms
46ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CetwhDXorYYvsBbLEzAau25KYA-qj2_hir6mInekO17jgz6klEAEg9NGmSmCVAqABq6_k4gPIAQmpAi0uk0NQyrM-qAMByANIqgTdAU_QGybhsN2wxaCwhoLMeg24UIUD6M3MU3Innaw68gWjCTSb4EeD_ADAF8Jw7wADYTTz_RcInb95_th3f_FaojRctaZ8-NrUp3u3fRYaYdwkUNa08Tq-43dn8u2fh7ZxU3UvZa_WNE8DZz4rKh7H36TOp7kEtqmVGTqexiydmvxqZIkdt9HXX0TCO6COkTgMs1W4MnJKeLKiQggiqce7GxhBlrsMMwokZPArHAwxUHqDDXiAnQIvkhDa-NP_LWvBzZPDPxWmnOeVcmjnerzqIQrlaYoTQmhAxuRadwYUwATAqLeN3gOSBQQIBBgBkgUECAUYBKAGLoAHvdCbHagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQvP4u0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTQ5NDIwNDIxNTQwMTk3NjYYAA&sigh=EWTXROlqEAM&template_id=419

Requested by

Host: mv.allopovo.online
URL: https://mv.allopovo.online/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=7665673770&adk=2352551775&adf=3852109244&pi=t.ma~as.7665673770&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244811&bpp=1&bdt=360&idt=266&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x600&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=IdI3pwoJBS&p=https%3A//mv.allopovo.online&dtd=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 29 Aug 2021 12:14:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/ Frame C16B 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 12:09:48 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame C16B 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 12:13:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C16B 122 KB
37 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sun, 29 Aug 2021 12:14:05 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/ Frame C16B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210824/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6213
x-xss-protection: 0
server: cafe
etag: 5878208181763659450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 12:10:42 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F264 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=600&slotname=6298674954&adk=3545168702&adf=3199190187&pi=t.ma~as.6298674954&w=300&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244810&bpp=1&bdt=359&idt=256&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1280&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jOewHr5GBO&p=https%3A//mv.allopovo.online&dtd=260
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvy5kHCWVONiFvO5RYg11ZAjz7-VqEVtM3plsDdmGof1tjx-KIJYzmQyrgjEg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=600&slotname=6298674954&adk=3545168702&adf=3199190187&pi=t.ma~as.6298674954&w=300&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244810&bpp=1&bdt=359&idt=256&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1280&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jOewHr5GBO&p=https%3A//mv.allopovo.online&dtd=260

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 29 Aug 2021 11:52:34 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 212D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c3fd561916c9b4b34b04eaa8a21907324b43d1da8dd6c2269dd2aa0adf75041

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 32F7 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=7665673770&adk=2352551775&adf=3852109244&pi=t.ma~as.7665673770&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244811&bpp=1&bdt=360&idt=266&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x600&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=IdI3pwoJBS&p=https%3A//mv.allopovo.online&dtd=269
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvy5kHCWVONiFvO5RYg11ZAjz7-VqEVtM3plsDdmGof1tjx-KIJYzmQyrgjEg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4942042154019766&output=html&h=280&slotname=7665673770&adk=2352551775&adf=3852109244&pi=t.ma~as.7665673770&w=728&fwrn=4&fwrnh=100&lmt=1630239245&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fmv.allopovo.online%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630239244811&bpp=1&bdt=360&idt=266&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C300x600&nras=1&correlator=4989980665192&frm=20&pv=1&ga_vid=1373328460.1630239245&ga_sid=1630239245&ga_hid=1492297939&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4491317067385111&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=IdI3pwoJBS&p=https%3A//mv.allopovo.online&dtd=269

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 29 Aug 2021 11:52:34 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD95
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

38ms
38ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvy5kHCWVONiFvO5RYg11ZAjz7-VqEVtM3plsDdmGof1tjx-KIJYzmQyrgjEg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 12:14:05 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 29-Aug-2021 13:14:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 12:14:05 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 12:14:05 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C16B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea271562afda55eb3c3eb9a507795238210e6f50f1dc5a1eb6bc75ac017ce205

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E1E 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 10:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 10:01:10 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 639A 9 KB
3 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 29 Aug 2021 16:43:14 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 639A 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 29 Aug 2021 20:35:29 GMT

GET
H3-29 200 6296670d411ff1119131034c7f850c07.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/ Frame 639A 85 KB
21 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/6296670d411ff1119131034c7f850c07.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5918d739af4a910c6f57b274a46f0ff1049a65dcf06311d5842f7a2b8d447866

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 80566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21181
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
server: sffe
date: Sat, 28 Aug 2021 13:51:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 13:51:19 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F264
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvy5kHCWVONiFvO5RYg11ZAjz7-VqEVtM3plsDdmGof1tjx-KIJYzmQyrgjEg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 12:14:06 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 29-Aug-2021 13:14:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 12:14:06 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 12:14:06 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame F482 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 10:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 10:01:10 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 32F7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvy5kHCWVONiFvO5RYg11ZAjz7-VqEVtM3plsDdmGof1tjx-KIJYzmQyrgjEg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 12:14:06 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 29-Aug-2021 13:14:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 29 Aug 2021 12:14:06 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Aug 2021 12:14:06 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame 639A 3 KB
571 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:700|Nunito:NaN

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/6296670d411ff1119131034c7f850c07.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97c3578a7392585a6ee5df3cf6be8630d4768c9274ae4ee64a79414ee2f43dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 29 Aug 2021 11:30:46 GMT
server: ESF
date: Sun, 29 Aug 2021 12:14:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Aug 2021 12:14:06 GMT

GET
H3-29 200 7bae0a82827ec1204a0d38e73898848f.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/ Frame 639A 19 KB
19 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/7bae0a82827ec1204a0d38e73898848f.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aaaef7f97f04ac57b954317589cfc3445adda73b1dd8df63f681c3d1657b513

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 98834
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19107
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
server: sffe
date: Sat, 28 Aug 2021 08:46:52 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 08:46:52 GMT

GET
H3-29 200 9c7c6475c621224e43de9f41fb0f2760.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/ Frame 639A 4 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/9c7c6475c621224e43de9f41fb0f2760.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15aa2308955c95cb5cfdb667f198dae0010297da3ebf615053b12c6bc7c32f8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 78794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1775
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
server: sffe
date: Sat, 28 Aug 2021 14:20:52 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 14:20:52 GMT

GET
H3-29 200 XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 639A 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:700|Nunito:NaN

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:35:57 GMT
x-content-type-options: nosniff
age: 430689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19088
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 12:35:57 GMT

GET
H3-29 200 a47d38e678dccde7713288952b327e60.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/ Frame 639A 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/a47d38e678dccde7713288952b327e60.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8fee2bbd4497527e08bcb65cb74e36bfdeb631d7ca73ba3811fee35eb018a35

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 213623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1152
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
server: sffe
date: Fri, 27 Aug 2021 00:53:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 00:53:43 GMT

GET
H3-29 200 b3467029e83a27df038b54e0c4290b1d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/ Frame 639A 1 KB
1 KB 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/b3467029e83a27df038b54e0c4290b1d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd808c6163ca675be1eb40cabaeec97bcc906a2c8389cdbd0a0170b26a073b63

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 178765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
server: sffe
date: Fri, 27 Aug 2021 10:34:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 10:34:41 GMT

GET
H3-29 200 190e609ecbe57f1d2c5e884e6337bce1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/ Frame 639A 1 KB
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/190e609ecbe57f1d2c5e884e6337bce1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09b9f970dc234ef5b1485701cee4e7fed61a09a5e80233d9b0615656de77a3a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 295888
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1104
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
server: sffe
date: Thu, 26 Aug 2021 02:02:38 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 02:02:38 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 27ms
26ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210824&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0614b1164692ace044fe9c1334d4cb50c94f2924e45d2ae2cf910273831649c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Aug 2021 12:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8419
x-xss-protection: 0

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 639A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 10:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 10:01:10 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 12:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 29 Aug 2021 12:14:06 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 115B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mv.allopovo.online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://mv.allopovo.online/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sun, 29 Aug 2021 09:27:12 GMT
expires: Mon, 29 Aug 2022 09:27:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8AC6 783 B
531 B 17ms
17ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d23f818197a8d48bf9d288f8711a7f01d5ee5ff63dc6d501b565e4d2e763cfea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oxeI+K5hQxU5+SlVmUpImQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mv.allopovo.online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://mv.allopovo.online/

Response headers

expires: Sun, 29 Aug 2021 12:14:06 GMT
date: Sun, 29 Aug 2021 12:14:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-oxeI+K5hQxU5+SlVmUpImQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 115B 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 10:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Aug 2022 10:01:10 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 20ms
20ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210824&jk=4491317067385111&bg=!yMuly4_NAAZOkH6FTpA7ACkAdvg8Wu_duoKFftLIfmBb6JUTiOkgqutJar6UA2oPCCxJ6noApLVMQgIAAABMUgAAAAxoAQeZAnY6nPDufySYp1M6D0DTHXApjFQ1uw4at4oi35yL2Uu1UcAq1KrucxrF5XUO5elMYJxAgoj1qExViX4eL1WB_Xe7H6-w2JO8HYHWpFD6MZQluep9BXgJAWBEGIH0yn_kClgGkryvnSVY6CW3MQ0F0H94Hue3wpK3npMz1d4aCOh5OVDXQIQpNA8kLmQyIjrCCGE0qWjNOTMYzZ9FwDKhvwbmZkHEkwucIaXk8KZpTFlbCQvEoyl0DGFyFU_ORDTx9ZZ4_M0pH_p4E70fTeu2BccAEJYY2jU8Gin0cJJ-H0w7vZYDn6H56ZffDdFIcGqgaT5VDgSs_robpKdIfOszSVRhTNLI_cjiL6adoLkda5PQ47tr-IjgOk8lQkn_zPLjZYdE2L9krXS3urIrJRKppy8mZFCv9vPtXw1OYyl4jpa6woJX2DyQD63iiX8vtRQmPP2vf0b4MKhA2WY4znWcMZsJN2KcJW7Q4cKTvIkHNinIuDJGYF8wh9xOoJxRrXZAoSFdDRh48ChdiKncefXaLrIh4_gbon-DwnAleKJBw-N_nigr4NzuFylUgmfLCqYzLB2M6ToNUKHlBh64-bjjL-41Wa6JRM9kvA6pYYCMnZmGYwklVRO49NhFlaBhi7sE4ZOKCm04lPH0LwUgpuHePa0eVZzKZCDQ_stSrb7gVJZOq1CRjKIkkGoPekN-7pcAkEpeTPRzg3RYLpEj1RDWAEU8LVw-t1LnhgoWQIWKKFBTmJLTN4GK0Zg-TPj0G_bAXgpJ5l6dDJ4dS1bDWgfXXsMZhg0UBfa_QYY-1D0iCfuKWh0ZjAkILF2ENBX4jLhLlhTAIaCuQU4
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mv.allopovo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 212D 42 B
64 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrqZz1FasokG5szGm8h8Pi37Ow6U9k4LxOQKwzBaeilbWM_-BFSlL3vNIM4JC8Yk2yU9ZGAZKNOu6Yz14_0Ll5TqpdgF_72ffaDftM1kaSBZI5bnKL7-LfMEDQ9g&sai=AMfl-YR3sOTFWDDQMi4YxTm4bikjOApIfZL2fATOBV-23KIp50oX7d-0ajVj97P-F1JbFkCPhizYXex_k3CE&sig=Cg0ArKJSzH9loqHDL2FFEAE&id=lidar2&mcvt=1000&p=761,1280,1361,1580&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210827&bin=7&avms=nio&bs=0,0&mc=0.73&if=1&app=0&itpl=4&adk=3545168702&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630239245071&rpt=836&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Aug 2021 12:14:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 61ED 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQH95mG2MBG0PpLnLSJN0azIGSXcy5fvNjh0duquDnY4fGDpVo8cvErShR-WsV1h9D1yfDS74Cr74-saK0hFQ2PrpzxPy7YT9H7f0bmDj-hEIHVRI7yzMd7p9ivg&sai=AMfl-YQ81o7tHtMn3S-KArD4xPxUJtFbqWZL5_Dq5-Sh2VpvQ1pkDQjR1xDCOFBHGZqZNcwduUUxnKoVcgCa&sig=Cg0ArKJSzOgTfdtedKZOEAE&id=lidar2&mcvt=1000&p=30,436,310,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210827&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=829537126&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630239245061&rpt=866&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Aug 2021 12:14:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9c7c6475c621224e43de9f41fb0f2760.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/ Frame 639A 4 KB
3 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/9c7c6475c621224e43de9f41fb0f2760.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/6296670d411ff1119131034c7f850c07.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15aa2308955c95cb5cfdb667f198dae0010297da3ebf615053b12c6bc7c32f8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 430334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1775
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
server: sffe
date: Tue, 24 Aug 2021 12:41:58 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 12:41:58 GMT

GET
H2 200 a47d38e678dccde7713288952b327e60.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/ Frame 639A 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/a47d38e678dccde7713288952b327e60.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8fee2bbd4497527e08bcb65cb74e36bfdeb631d7ca73ba3811fee35eb018a35

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 240322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1152
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
server: sffe
date: Thu, 26 Aug 2021 17:28:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 17:28:50 GMT

GET
H2 200 b3467029e83a27df038b54e0c4290b1d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/ Frame 639A 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/b3467029e83a27df038b54e0c4290b1d.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd808c6163ca675be1eb40cabaeec97bcc906a2c8389cdbd0a0170b26a073b63

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 305347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
server: sffe
date: Wed, 25 Aug 2021 23:25:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 23:25:05 GMT

GET
H2 200 190e609ecbe57f1d2c5e884e6337bce1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/ Frame 639A 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/190e609ecbe57f1d2c5e884e6337bce1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09b9f970dc234ef5b1485701cee4e7fed61a09a5e80233d9b0615656de77a3a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 240322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1104
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
server: sffe
date: Thu, 26 Aug 2021 17:28:50 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 17:28:50 GMT

GET
H2 200 6755018bb65281906a3d63099e835b20.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/ Frame 639A 14 KB
14 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6806042117930411100/media/6755018bb65281906a3d63099e835b20.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fabe1965ebd2b8c5bbe268c8ef823f00a6074557ab571c9a6f22dd735a692fc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 374336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14304
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 14:28:46 GMT
server: sffe
date: Wed, 25 Aug 2021 04:15:16 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 04:15:16 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:50:42	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 06:12:15	Name: IDE Value: AHWqTUkvy5kHCWVONiFvO5RYg11ZAjz7-VqEVtM3plsDdmGof1tjx-KIJYzmQyrgjEg
.allopovo.online/	1970-01-20 06:12:15	Name: __gads Value: ID=681528db4b7462d2-22740b4b01ca004f:T=1630239245:RT=1630239245:S=ALNI_MYA8QabRXuCQRYiaMP2gvY2cB0g1g

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://mv.allopovo.online/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mv.allopovo.online
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.66
194.5.156.14
2606:4700::6810:125e
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
0058874e567692293aa7721d3115baaf4dd9f6bd67aea893930a3b937a59f7f5
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0614b1164692ace044fe9c1334d4cb50c94f2924e45d2ae2cf910273831649c6
09b9f970dc234ef5b1485701cee4e7fed61a09a5e80233d9b0615656de77a3a1
0aaaef7f97f04ac57b954317589cfc3445adda73b1dd8df63f681c3d1657b513
1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115527e6d84035b5f2021c0215a87a7e46dfdb51ab9ab159fc3b94cd3dcb342b
12e1e5b2f9a45f2a6815894b4c9693627443dfed06fdeb1186b241849a7fa0d0
13a544aa577df51cc73aed19ec64eecadf07ba4b1495a6b2c8f164e22aa98c34
166a60e8786f2d99a9d38a9c07412683b6163760a3dead8c7a7c55c8814657c3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
24328edc0be43d4c9461c6e6ccdd36809af81f6e3bd9779a3c2075168b20982e
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
3fabe1965ebd2b8c5bbe268c8ef823f00a6074557ab571c9a6f22dd735a692fc
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181
41c36545904182a753a5d6d64356fb7dea4eb2cc5f6c62dd6cc3b4da8809a6e8
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
4d23064b2271c366da6f8af0f65aef336031719ff055b86d07878981d2af5389
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
547e0dca6d4e9aa4776648b2342d1af096e1ba82452014669dc1213203a359cb
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5533380c3dc66e1876d546ba0cdb3f3c71fc37340111cf2a8fe8150637684fc5
5918d739af4a910c6f57b274a46f0ff1049a65dcf06311d5842f7a2b8d447866
59df35bb1d82ccb0b6668a72a3f7952ded7774f3af6847be84d2e0e7b4630003
5b2f5c5847ed1a84c598ed5eabfde8e9be6c79336bba2ede46db908ff1941b0d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5de565d97952e932b9b30eee2ac725abd876f166d73225d751e3047b53328721
60ef8ae3d47e799b2e2c6cee25efdf005b74a342b8d2bce6bcfbe2b392425d9d
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56
65f5a827ae37b5d46a4cb388fc920ba3e4ec3fe964ff9fe4f537cb6c33f74709
6a641ca01766aacb244c7bbc2c94d08640da08f940395e9a2a32f281f9885ffe
6b200660c3dcf74559b311241507d4633ef4c9bbf8e0b4e0cf59a057987af2f9
7089f6cbc081f79ba297f48c9c720869f325f9eedbe422279da1a4bee732bc4b
70d789e56a97b204fe9db34b4965f50b237a51fb4663a0233697d3d211a09a32
713ac72ba52daddc624b3d941080a423db914fd9a9eaf867fd6acd3bc5894f1b
7164985b21fde0171bbc6068285fcd32e7f33f0a25eb62b289a97100be17e1c7
796ac1e4b32d5ea399245815319f3eee0caf4eea03261017292c92e0bb0056c6
7c3fd561916c9b4b34b04eaa8a21907324b43d1da8dd6c2269dd2aa0adf75041
7cd8e75f98aba0302ce001e6fd8120b8838b6ec07302359bb528d3e1d43057de
84ba7f2ed77d609349a168f506cc3c10d2f6bf5c82047982abd416bad556dc97
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
8a26011c51caa87c563cb76f5ff11b0fdee5a0768ea36f1ed43e83dbc98d21d7
8e4ce5c5f4f1cea13b8b65908425ccfef461fc5ce30dd10ac9d6de5f4193fb2e
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8e82c72b3946ff8cb98860eb7876de8028e929dda69365982e3f47f692755423
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
948d640e00cf93b1c1a0b38104c6024583ebdcd14059384810145c6dea6f7db7
95141ef1e328eaeb6f8ca6055420f6ced872676bd87f0f414ec2f8fc33e89e90
97c3578a7392585a6ee5df3cf6be8630d4768c9274ae4ee64a79414ee2f43dc1
986139e1d1cde8e6ca4fba6c2abb6af30752c15de5caf2854ad64e8a3148c902
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8e85bf9d3f10ee9c07506627377c95fabac984a699e8758a881378c547a712d
b15aa2308955c95cb5cfdb667f198dae0010297da3ebf615053b12c6bc7c32f8
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bb8d7e8e230ae388d73b3855ee5e3bda0f433772f35c2575d798fc3db116ec1d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
d0e242279f21fc22e888c2909524145eddd6fc1e11ddc3ead684727471bd7526
d23f818197a8d48bf9d288f8711a7f01d5ee5ff63dc6d501b565e4d2e763cfea
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9
dd808c6163ca675be1eb40cabaeec97bcc906a2c8389cdbd0a0170b26a073b63
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e690b52892c2eb4ccf51a4b97f3ede90aac7d51a83642dc4240b98fd38af5858
e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251
e88b70158572bb4cf3926bc230f56c1408cdb37f76f7b4d4d28666387ececb91
e8fee2bbd4497527e08bcb65cb74e36bfdeb631d7ca73ba3811fee35eb018a35
ea271562afda55eb3c3eb9a507795238210e6f50f1dc5a1eb6bc75ac017ce205
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39e646e17646cbaedbccbb9c430d9f7316bb1fd93fa6d7aac65ca9fb8781e42

mv.allopovo.online Open in urlscan Pro 194.5.156.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

100 %HTTPS

88 %IPv6

12 Domains

15 Subdomains

16 IPs

2 Countries

1209 kBTransfer

3342 kBSize

3 Cookies

0 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mv.allopovo.online Open in urlscan Pro
194.5.156.14 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

100 %
HTTPS

88 %
IPv6

12
Domains

15
Subdomains

16
IPs

2
Countries

1209 kB
Transfer

3342 kB
Size

3
Cookies

104 HTTP transactions
3 data transactions