kriu.lt Open in urlscan Pro
5.196.45.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://kriu.lt/
Submission: On December 09 via api (December 9th 2023, 4:20:12 pm UTC) from US — Scanned from FR

Summary HTTP 165 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 165 HTTP transactions. The main IP is 5.196.45.209, located in France and belongs to OVH, FR. The main domain is kriu.lt.

This is the only time kriu.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	5.196.45.209 5.196.45.209	16276 (OVH) (OVH)
2	79.98.28.17 79.98.28.17	212531 (INTERNETO...) (INTERNETO-VIZIJA)
31	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2016	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
58	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
165	18

11 5.196.45.209 (France)

ASN16276 (OVH, FR)
PTR: www.goodnight.to

kriu.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.kriu.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.98.28.17 (Lithuania)

ASN212531 (INTERNETO-VIZIJA, LT)
PTR: svarainis.serveriai.lt

katu.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.123 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	1 MB
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	578 KB
24	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	173 KB
11	kriu.lt kriu.lt images.kriu.lt	129 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	4 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	66 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	7 KB
2	katu.lt katu.lt	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	12 KB
165	14

	Domain	Requested by
58	s0.2mdn.net	kriu.lt s0.2mdn.net
27	pagead2.googlesyndication.com	kriu.lt pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
24	tpc.googlesyndication.com	pagead2.googlesyndication.com kriu.lt googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
12	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com kriu.lt googleads.g.doubleclick.net
10	images.kriu.lt	kriu.lt images.kriu.lt
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net kriu.lt s0.2mdn.net
4	ad.doubleclick.net	kriu.lt
4	www.gstatic.com	kriu.lt googleads.g.doubleclick.net
4	www.googletagservices.com	kriu.lt googleads.g.doubleclick.net
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.google-analytics.com	kriu.lt
2	katu.lt	kriu.lt
1	fonts.gstatic.com	fonts.googleapis.com
1	i.ytimg.com	kriu.lt
1	kriu.lt
165	19

This site contains links to these domains. Also see Links.

Domain
zodynas.kriu.lt
blog.kriu.lt
www.facebook.com
katu.lt
www.youtube.com
http
gifs.lt
mur.lt
curesforhangover.net
funnycomedianquotes.com
loginiaizaidimai.lt
bermanta.lt
feeds.feedburner.com

Subject Issuer	Validity	Valid
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 24 frames:

Primary Page: http://kriu.lt/
Frame ID: BF5FFA496B62EF48E197A213E0B24378
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: FDE3D8E8F81AF82BFF003612E238E44E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8101865632427028&output=html&h=60&slotname=9506602176&adk=4012898333&adf=3318652124&pi=t.ma~as.9506602176&w=468&lmt=1702138808&url=http%3A%2F%2Fkriu.lt%2F&ea=0&wgl=1&dt=1702138807704&bpp=211&bdt=238&idt=402&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=550457807537&frm=20&pv=2&ga_vid=1994619091.1702138808&ga_sid=1702138808&ga_hid=345973203&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=806&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079438%2C31079759%2C31079923%2C44809005%2C95320885&oid=2&pvsid=3877095460477304&tmod=1366221880&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=409
Frame ID: 0D1BB857A893A5E3E0C5705E5593B495
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8101865632427028&output=html&adk=1812271804&adf=3025194257&lmt=1702138808&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=http%3A%2F%2Fkriu.lt%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&dt=1702138807928&bpp=2&bdt=463&idt=190&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9506602176&nras=1&correlator=550457807537&frm=20&pv=1&ga_vid=1994619091.1702138808&ga_sid=1702138808&ga_hid=345973203&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079438%2C31079759%2C31079923%2C44809005%2C95320885&oid=2&pvsid=3877095460477304&tmod=1366221880&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197
Frame ID: FD7D30B66EA6FC1EC0B8B23121DFD698
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 6E673A351840D989BA2421258BD7FA56
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 6257F63643D5566FC3D8564638740C47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 44A386733C28ED69A49332B81715B0E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: DE3444C70870EABB96F86D7004A3B4B9
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8FA573AFD2078132776ABE9567DC9808
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 77D375D6417F28C383139120D8E1C299
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhj2zo6AAjAB&v=APEucNUy_1pC2gz15L6pwncXQPju2WwGmEMHlrnT3Egt-a3SKgIz6yLkz5CVXNIpMvbDcQKt0Bv641odVXI_oCj2pFnkR3J-u-UrAgxU738pOIjLwEKZ12WLI_SpYzhzHplZQqtI2hsvaMeTmQmhJELgm3GMmL0HrW4T10aY-LWdvkwH6jcqGxE
Frame ID: 3A209AC93746D3EB2191BEACD3104277
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: C2EAB0179402E9E39D592A453F573D83
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhj2zo6AAjAB&v=APEucNUwE0rm9ge_rmD2-Kv8N2twDdZCYwbt3TNaSl8n-PlsJWdD1ySdnqqBEmc_ubw9PwwToqV41xv45e90c8yti308rh6gdZNb1FGpDqllfU9ThyUPvpr-9rU0sNoGP5WZffly4MewV50rx_GxXz8T1Ij9Gj0RA-ij1ap59wQ5zFaZ1X3BZCk
Frame ID: 9785D6FADA97A25C09B5C2FEC73EB307
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: AC983EE7072F73C90824222C298D9483
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 28515443CC49056424CA206AEC7B826F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EA853A927FAB3489E05F7D36153C8DB3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 93AF10C54ECF70075BCC33C0796351E0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 812309ACDD251622DAA408A59AB61390
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: AC5152B777BF57DE46B664BD2DA052E8
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
Frame ID: AE8E8B8FA36CC1A5EEBCEE94650E10C4
Requests: 31 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
Frame ID: D68E52072090241ACAA2C96601F7A462
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 993A366C0E235CC4216CCA8674DBD2B6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 446E09CC395307C4461D5C4232B66E6C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 42D46C698C3B06A0D82C793406A77597
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

kriu.lt

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

165
Requests

85 %
HTTPS

59 %
IPv6

14
Domains

19
Subdomains

18
IPs

4
Countries

2675 kB
Transfer

6639 kB
Size

14
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: http://zodynas.kriu.lt/
Title: Žodynas

Search URL Search Domain Scan URL

URL: http://blog.kriu.lt/
Title: Dienoraštis

Search URL Search Domain Scan URL

URL: http://blog.kriu.lt/2008/08/kaip-teisingai-reaguoti-i-piktus-komentarus-1/
Title: Saugom nervų ląsteles. Kaip teisingai reaguoti į piktus komentarus? (I dalis)

Search URL Search Domain Scan URL

URL: http://blog.kriu.lt/2008/08/kaip-teisingai-reaguoti-i-piktus-komentarus-1/#komentarai
Title: (56)

Search URL Search Domain Scan URL

URL: http://blog.kriu.lt/2008/08/lets-do-the-fork-in-a-garbage-disposal/
Title: Lets do the fork in a garbage disposal!

Search URL Search Domain Scan URL

URL: http://blog.kriu.lt/2008/08/lets-do-the-fork-in-a-garbage-disposal/#komentarai
Title: (23)

Search URL Search Domain Scan URL

URL: http://blog.kriu.lt/2008/07/naglis-sulija-zino-apie-ta-puslapi/
Title: Nagliui Šulijai patiko TAME puslapyje kuriami anekdotai apie jį

Search URL Search Domain Scan URL

URL: http://blog.kriu.lt/2008/07/naglis-sulija-zino-apie-ta-puslapi/#komentarai
Title: (18)

Search URL Search Domain Scan URL

URL: http://blog.kriu.lt/2008/07/optimizmas/
Title: Optimizmas

Search URL Search Domain Scan URL

URL: http://blog.kriu.lt/2008/07/optimizmas/#komentarai
Title: (19)

Search URL Search Domain Scan URL

URL: http://blog.kriu.lt/2008/04/ugnis-siknoje/
Title: Verkiu, nes olimpinė ugnis dega. Šiknoje.

Search URL Search Domain Scan URL

URL: http://blog.kriu.lt/2008/04/ugnis-siknoje/#komentarai
Title: (30)

Search URL Search Domain Scan URL

URL: http://zodynas.kriu.lt/nauji/
Title: naujus jaunimo žodyno vertimus

Search URL Search Domain Scan URL

URL: http://zodynas.kriu.lt/top/
Title: geriausius

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/Kriult/72210426684
Title: kriu.lt puslapio fanų

Search URL Search Domain Scan URL

URL: http://katu.lt/video/16

Search URL Search Domain Scan URL

URL: http://www.youtube.com/results?search_query=%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD+%D0%92%D1%8B%D1%85%D0%BE%D0%B4%D0%B0+%D0%BD%D0%B5%D1%82
Title: YouTube

Search URL Search Domain Scan URL

URL: http://http//www.last.fm/music/%D0%A1%D0%BF%D0%BB%D0%B8%D0%BD/_/%D0%92%D1%8B%D1%85%D0%BE%D0%B4%D0%B0+%D0%BD%D0%B5%D1%82
Title: last.fm

Search URL Search Domain Scan URL

URL: http://www.youtube.com/results?search_query=G%26G+Sindikatas+Sindikato+Smogikai
Title: YouTube

Search URL Search Domain Scan URL

URL: http://http//www.last.fm/music/G%2526G%2BSindikatas/_/Sindikato+Smogikai
Title: last.fm

Search URL Search Domain Scan URL

URL: http://www.youtube.com/results?search_query=Requiem+Pati+Gra%C5%BEiausia+Mergina
Title: YouTube

Search URL Search Domain Scan URL

URL: http://http//www.last.fm/music/Requiem/_/Pati+Gra%C5%BEiausia+Mergina
Title: last.fm

Search URL Search Domain Scan URL

URL: http://www.youtube.com/results?search_query=Jefferson+Airplane+Somebody+To+Love
Title: YouTube

Search URL Search Domain Scan URL

URL: http://http//www.last.fm/music/Jefferson+Airplane/_/Somebody+To+Love
Title: last.fm

Search URL Search Domain Scan URL

URL: http://www.youtube.com/results?search_query=%D0%91%D0%B8-2+%D0%9F%D0%BE%D0%BB%D0%BA%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%D1%83+%D0%BD%D0%B8%D0%BA%D1%82%D0%BE+%D0%BD%D0%B5+%D0%BF%D0%B8%D1%88%D0%B5%D1%82
Title: YouTube

Search URL Search Domain Scan URL

URL: http://http//www.last.fm/music/%D0%91%D0%B8-2/_/%D0%9F%D0%BE%D0%BB%D0%BA%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%D1%83+%D0%BD%D0%B8%D0%BA%D1%82%D0%BE+%D0%BD%D0%B5+%D0%BF%D0%B8%D1%88%D0%B5%D1%82
Title: last.fm

Search URL Search Domain Scan URL

URL: http://gifs.lt/
Title: Judantys paveiksliukai

Search URL Search Domain Scan URL

URL: http://mur.lt/
Title: Mur.lt

Search URL Search Domain Scan URL

URL: http://curesforhangover.net/
Title: Hangover cures

Search URL Search Domain Scan URL

URL: http://funnycomedianquotes.com/
Title: Funny quotes

Search URL Search Domain Scan URL

URL: http://loginiaizaidimai.lt/
Title: Loginiai žaidimai

Search URL Search Domain Scan URL

URL: http://bermanta.lt/
Title: Trinkelių klojimas

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/kriult
Title: RSS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://www.google-analytics.com/urchin.js HTTP 307
https://www.google-analytics.com/urchin.js

Request Chain 16

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1994619091&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=kriu.lt&utmhn=kriu.lt&utmhid=345973203&utmr=-&utmp=/&utmac=UA-519355-2&utmcc=__utma%3D76271311.1994619091.1702138808.1702138808.1702138808.1%3B%2B__utmz%3D76271311.1702138808.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1994619091&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=kriu.lt&utmhn=kriu.lt&utmhid=345973203&utmr=-&utmp=/&utmac=UA-519355-2&utmcc=__utma%3D76271311.1994619091.1702138808.1702138808.1702138808.1%3B%2B__utmz%3D76271311.1702138808.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMKA259nOoNufqrQiq3XHI&google_cver=1

Request Chain 71

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXSTuaZNB1OPcFNrZqrWVAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN5zE7-jqq2bLUG8xNOwOM0&google_cver=1

Request Chain 73

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk3NzAxNTc3NDgxOTE3NzM3Mw%3D%3D

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXSTuaZNB1OPcFNrZqrWVAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN5zE7-jqq2bLUG8xNOwOM0&google_cver=1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkxNjEwNzA4NTU2MDA3MzE3Mg%3D%3D

Request Chain 84

https://googleads.g.doubleclick.net/pagead/adview?ai=CBozduJN0ZbavCoao78EPm9W84AaP3YGAdJnF3O-VEcq87ueoOBABIOiOiQJg--GFg5wKoAGwoNCiAsgBCakCYi2If_cOsj6oAwHIA8sEqgT8AU_QRqzYHb1XoVV7n8W-fxJGlkdWznb8jYkwykRmKA4hJVtnCPN8K9WVOPl8KF0EzXamFnfai83fwd2eeXTnwplW11mIp0g5V8PJLuz7vLBRqi8OM25Dfw1vkS-JeEecuZVuVVVYoEtnw0u0M0oQbwbWrQYLSeFs0LdO66-qO2do_Jja3vFWrohOTe7iHcYU9RlNGIMfePhDWhGLHH9Cz6bDCWHYpyT53bP4M9iwCVj0LeSYjVXLax0I8Nv0IDKPEkCM1MRVTVo42p7V6_CZfb8UNUBaEd1XuThPNaFo528KVNdaPBEq7h5rVxG207m4FL3bR66G6pehafBlfsAEh8DQ1qYEiAXhrYLESJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe436_dAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEMHDDNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYn8mTmOGCgwOaCTFodHRwczovL3d3dy5rZXVrZW5sYW5kLmJlL2NvbnRlbnQtcGFnZXMvcHJvbW90aWVzgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLYEw2IFAnQFQGYFgGAFwGyFxwKGggAEhRwdWItODEwMTg2NTYzMjQyNzAyOBgA&sigh=WAdYjhwg42M&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNFiAV1bcJTNYQ_i9_wY1DL3kqvFXK97Ite3D6bejD9HkMoWypnkic5aJ6BlLQ8WWHJ7jDhoxY80lMRkC9pGbVO5qQ9dV0eNV89hsYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224175657628234360160%22,%22debug_reporting%22:true,%22destination%22:%22https://keukenland.be%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22609488944%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224576126799321546849%22}&andc=true

165 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
kriu.lt/ 14 KB
15 KB 273ms
36ms Document
text/html 5.196.45.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://kriu.lt/
Protocol: HTTP/1.1
Server: 5.196.45.209 , France, ASN16276 (OVH, FR),
Reverse DNS: www.goodnight.to
Software: nginx / PHP/5.3.3-7+squeeze19
Resource Hash: 14100fdfce8e64b37944f91af7bc6a47c00f33ed2f475675921c44329e27fc2b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Sat, 09 Dec 2023 16:20:07 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.3.3-7+squeeze19

GET
H/1.1 200
OK kriu.css
images.kriu.lt/naujas/ 19 KB
19 KB 124ms
14ms Stylesheet
text/css 5.196.45.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://images.kriu.lt/naujas/kriu.css
Requested by: Host: kriu.lt
URL: http://kriu.lt/
Protocol: HTTP/1.1
Server: 5.196.45.209 , France, ASN16276 (OVH, FR),
Reverse DNS: www.goodnight.to
Software: nginx /
Resource Hash: c5b09f493f1f9ddd318eb18644184180ad9ccc594ad0c5f06e32f3871fe8d655

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Last-Modified: Sun, 10 May 2009 17:47:00 GMT
Server: nginx
ETag: "e2d38-4c85-4699272dbed00"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19589

GET
H/1.1 200
OK jquery-1.2.6.pack.js Show response
images.kriu.lt/naujas/js/ 30 KB
31 KB 126ms
17ms Script
application/javascript 5.196.45.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://images.kriu.lt/naujas/js/jquery-1.2.6.pack.js
Requested by: Host: kriu.lt
URL: http://kriu.lt/
Protocol: HTTP/1.1
Server: 5.196.45.209 , France, ASN16276 (OVH, FR),
Reverse DNS: www.goodnight.to
Software: nginx /
Resource Hash: 4b4e5615009a01b9dc1c7372569c28b8ba705e2d1544692821fbe32d66a3f9e6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Last-Modified: Tue, 11 Nov 2008 21:27:00 GMT
Server: nginx
ETag: "19b12-7939-45b708a347100"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31033

GET
H/1.1 200
OK kriu.js Show response
images.kriu.lt/naujas/js/ 4 KB
4 KB 124ms
15ms Script
application/javascript 5.196.45.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://images.kriu.lt/naujas/js/kriu.js
Requested by: Host: kriu.lt
URL: http://kriu.lt/
Protocol: HTTP/1.1
Server: 5.196.45.209 , France, ASN16276 (OVH, FR),
Reverse DNS: www.goodnight.to
Software: nginx /
Resource Hash: f7f700a8ab1b15589de939a98056fbdddb644498a4b8847b0c0a741e951f7807

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Last-Modified: Sun, 10 May 2009 17:47:00 GMT
Server: nginx
ETag: "19b11-e2e-4699272dbed00"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3630

GET
H/1.1 200
OK piktasijus.jpg
images.kriu.lt/naujas/parsiukai/ 34 KB
34 KB 125ms
16ms Image
image/jpeg 5.196.45.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.kriu.lt/naujas/parsiukai/piktasijus.jpg
Requested by: Host: kriu.lt
URL: http://kriu.lt/
Protocol: HTTP/1.1
Server: 5.196.45.209 , France, ASN16276 (OVH, FR),
Reverse DNS: www.goodnight.to
Software: nginx /
Resource Hash: 0ac03dea788b51ecc43ed2ef74b928f7f78f908dcf9090665c56876cc0a4d9ae

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Last-Modified: Tue, 11 Nov 2008 21:27:00 GMT
Server: nginx
ETag: "19af8-875e-45b708a347100"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34654

GET
H/1.1 200
OK ad.js Show response
katu.lt/static/ 866 B
899 B 191ms
60ms Script
text/javascript 79.98.28.17
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: http://katu.lt/static/ad.js
Requested by: Host: kriu.lt
URL: http://kriu.lt/
Protocol: HTTP/1.1
Server: 79.98.28.17 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: svarainis.serveriai.lt
Software: Apache /
Resource Hash: dd307f6856fa0bc05f9163aee3f4931bc711e575bc4f17c4096c071406f72664

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Apr 2015 12:40:47 GMT
Server: Apache
ETag: "362-514dc49cbb1c0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 492
Expires: Sat, 16 Dec 2023 16:20:07 GMT

GET
H/1.1 200
OK 5.png
images.kriu.lt/naujas/parsiukai/small/ 721 B
963 B 14ms
14ms Image
image/png 5.196.45.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.kriu.lt/naujas/parsiukai/small/5.png
Requested by: Host: kriu.lt
URL: http://kriu.lt/
Protocol: HTTP/1.1
Server: 5.196.45.209 , France, ASN16276 (OVH, FR),
Reverse DNS: www.goodnight.to
Software: nginx /
Resource Hash: ba0844711968ec5cc97dc654baa417f223c9debac9a83cfcf68d91daf9da470f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Last-Modified: Mon, 13 Apr 2009 21:21:00 GMT
Server: nginx
ETag: "19afc-2d1-467764a77a700"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 721

GET
H/1.1 200
OK zipsaitas.png
images.kriu.lt/naujas/img/ 15 KB
16 KB 14ms
14ms Image
image/png 5.196.45.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.kriu.lt/naujas/img/zipsaitas.png
Requested by: Host: kriu.lt
URL: http://kriu.lt/
Protocol: HTTP/1.1
Server: 5.196.45.209 , France, ASN16276 (OVH, FR),
Reverse DNS: www.goodnight.to
Software: nginx /
Resource Hash: 92253836ddd300ad7cb47d6f1e55a395138e26d8904440b542393a471dcf82a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Last-Modified: Tue, 11 Nov 2008 21:27:00 GMT
Server: nginx
ETag: "19b04-3da5-45b708a347100"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15781

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 25 KB
11 KB 87ms
63ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42c5e6eab8f9337501541f19a1ebb8b81f4ed5288859e04cee5d16ce637b3add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 6103729098722354517
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 10590
X-XSS-Protection: 0
Expires: Sat, 09 Dec 2023 16:20:07 GMT

GET
H2

200

urchin.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/urchin.js
https://www.google-analytics.com/urchin.js

22 KB
7 KB

80ms
25ms

Script
text/javascript

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 59831
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6847
expires: Fri, 22 Dec 2023 23:42:56 GMT

Redirect headers

Location: https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK piglets.gif
images.kriu.lt/naujas/img/ 7 KB
7 KB 14ms
14ms Image
image/gif 5.196.45.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.kriu.lt/naujas/img/piglets.gif
Requested by: Host: images.kriu.lt
URL: http://images.kriu.lt/naujas/kriu.css
Protocol: HTTP/1.1
Server: 5.196.45.209 , France, ASN16276 (OVH, FR),
Reverse DNS: www.goodnight.to
Software: nginx /
Resource Hash: a2ff932b40abc33f4e3a6b08c90e8efdbb2c0df6fcb2b0f194b97c2b42c656c1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://images.kriu.lt/naujas/kriu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Last-Modified: Tue, 11 Nov 2008 21:27:00 GMT
Server: nginx
ETag: "19b0e-1ba4-45b708a347100"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7076

GET
H/1.1 200
OK arr.gif
images.kriu.lt/naujas/img/ 817 B
1 KB 15ms
15ms Image
image/gif 5.196.45.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.kriu.lt/naujas/img/arr.gif
Requested by: Host: images.kriu.lt
URL: http://images.kriu.lt/naujas/kriu.css
Protocol: HTTP/1.1
Server: 5.196.45.209 , France, ASN16276 (OVH, FR),
Reverse DNS: www.goodnight.to
Software: nginx /
Resource Hash: b12a41b0813ee6c8804ff3b9201aa32d43aabfbbe6d5069efa135674a0233dc9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://images.kriu.lt/naujas/kriu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Last-Modified: Tue, 11 Nov 2008 21:27:00 GMT
Server: nginx
ETag: "19b07-331-45b708a347100"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 817

GET
H/1.1 200
OK arr.gif
images.kriu.lt/naujas/img/disabled/ 817 B
1 KB 19ms
14ms Image
image/gif 5.196.45.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.kriu.lt/naujas/img/disabled/arr.gif
Requested by: Host: images.kriu.lt
URL: http://images.kriu.lt/naujas/kriu.css
Protocol: HTTP/1.1
Server: 5.196.45.209 , France, ASN16276 (OVH, FR),
Reverse DNS: www.goodnight.to
Software: nginx /
Resource Hash: 88e815f4abc5ddee1e9c47d13d525bba925f73fc4f03a4cbd23590af34441c7b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://images.kriu.lt/naujas/kriu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Last-Modified: Tue, 11 Nov 2008 21:27:00 GMT
Server: nginx
ETag: "19b09-331-45b708a347100"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 817

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/NbaB1chnim8/ 12 KB
12 KB 91ms
34ms Image
image/jpeg 2a00:1450:4001:82f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/NbaB1chnim8/mqdefault.jpg

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d840e2ea93ba3b5485975586ca36bfabd447cc260e563a8f8729fc2701d7d700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:07 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: sffe
etag: "1414175143"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Dec 2023 18:20:07 GMT

GET
H/1.1 200
OK play64.png
katu.lt/site/view/css/img/ 1 KB
1 KB 59ms
59ms Image
image/png 79.98.28.17
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://katu.lt/site/view/css/img/play64.png
Requested by: Host: kriu.lt
URL: http://kriu.lt/
Protocol: HTTP/1.1
Server: 79.98.28.17 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: svarainis.serveriai.lt
Software: Apache /
Resource Hash: 6484ac43b0cb87e0fa97ec4a681fb83050f69cd61c2dada3cd288b29dfebe3ad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Last-Modified: Wed, 22 Apr 2015 20:14:41 GMT
Server: Apache
ETag: "487-51455d02dee40"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1159
Expires: Sat, 16 Dec 2023 16:20:07 GMT

GET
H/1.1 200
OK yesno.gif
images.kriu.lt/naujas/img/ 1 KB
1 KB 14ms
14ms Image
image/gif 5.196.45.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.kriu.lt/naujas/img/yesno.gif
Requested by: Host: images.kriu.lt
URL: http://images.kriu.lt/naujas/kriu.css
Protocol: HTTP/1.1
Server: 5.196.45.209 , France, ASN16276 (OVH, FR),
Reverse DNS: www.goodnight.to
Software: nginx /
Resource Hash: c73aeff7d1686c2320ff910d314eeccc3ba84f60814fc12ae39b78922905425d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://images.kriu.lt/naujas/kriu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:20:07 GMT
Last-Modified: Mon, 13 Apr 2009 02:37:00 GMT
Server: nginx
ETag: "19b05-413-4676696baeb00"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1043

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 156ms
99ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de26176e203776854733577ca6708fd0129591c9fa777234e532ceb87936017a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51882
x-xss-protection: 0
server: cafe
etag: 4773026383767087109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 09 Dec 2023 16:20:07 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1994619091&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=kriu.lt&utmhn=kriu.lt&utmhid=345973203&utmr=-&...
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1994619091&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=kriu.lt&utmhn=kriu.lt&utmhid=345973203&utmr=-...

35 B
194 B

25ms
24ms

Image
image/gif

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1994619091&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=kriu.lt&utmhn=kriu.lt&utmhid=345973203&utmr=-&utmp=/&utmac=UA-519355-2&utmcc=__utma%3D76271311.1994619091.1702138808.1702138808.1702138808.1%3B%2B__utmz%3D76271311.1702138808.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 22:44:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63316
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1994619091&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=kriu.lt&utmhn=kriu.lt&utmhid=345973203&utmr=-&utmp=/&utmac=UA-519355-2&utmcc=__utma%3D76271311.1994619091.1702138808.1702138808.1702138808.1%3B%2B__utmz%3D76271311.1702138808.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-8101865632427028&plah=kriu.lt

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73e318844a505ff6068d56402afd2e731448301110b48a555b4297b82ee3104a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137722
x-xss-protection: 0
server: cafe
etag: 4968269541348348084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 16:20:07 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame FDE3 9 KB
4 KB 82ms
25ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kriu.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 69685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 20:58:42 GMT
etag: 12700215250743596434
expires: Fri, 22 Dec 2023 20:58:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D1B 709 B
524 B 650ms
649ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8101865632427028&output=html&h=60&slotname=9506602176&adk=4012898333&adf=3318652124&pi=t.ma~as.9506602176&w=468&lmt=1702138808&url=http%3A%2F%2Fkriu.lt%2F&ea=0&wgl=1&dt=1702138807704&bpp=211&bdt=238&idt=402&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=550457807537&frm=20&pv=2&ga_vid=1994619091.1702138808&ga_sid=1702138808&ga_hid=345973203&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=806&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079438%2C31079759%2C31079923%2C44809005%2C95320885&oid=2&pvsid=3877095460477304&tmod=1366221880&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoE%7C&abl=CA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=409

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-8101865632427028&plah=kriu.lt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c52e2ac7d504cb659ca5c40e37e0771ed855e3e2029673706bec65c0f9be2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kriu.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 16:20:08 GMT
expires: Sat, 09 Dec 2023 16:20:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FD7D 646 KB
150 KB 608ms
608ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8101865632427028&output=html&adk=1812271804&adf=3025194257&lmt=1702138808&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=http%3A%2F%2Fkriu.lt%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&dt=1702138807928&bpp=2&bdt=463&idt=190&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9506602176&nras=1&correlator=550457807537&frm=20&pv=1&ga_vid=1994619091.1702138808&ga_sid=1702138808&ga_hid=345973203&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079438%2C31079759%2C31079923%2C44809005%2C95320885&oid=2&pvsid=3877095460477304&tmod=1366221880&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dd953d3576bfa6c77523397fe7b5c3a7b1477f1515a4648cdd579f9b6e8c38e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kriu.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 153343
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 16:20:08 GMT
expires: Sat, 09 Dec 2023 16:20:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 125ms
75ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc70a61d06009ccfe56d4862b4af7ba2244f73e9a46a8bab837feeb028540b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12269
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9d9b8d8e3687557e4762f6610a2cdfa72797e2409ac111c489b75ac510ce344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56002
x-xss-protection: 0
server: cafe
etag: 16018651410487068053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 16:20:08 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 6E67 9 KB
4 KB 25ms
25ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kriu.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 15:23:54 GMT
etag: 12700215250743596434
expires: Sat, 23 Dec 2023 15:23:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 6257 9 KB
4 KB 24ms
24ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kriu.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 15:23:54 GMT
etag: 12700215250743596434
expires: Sat, 23 Dec 2023 15:23:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 44A3 9 KB
4 KB 24ms
24ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kriu.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 15:23:54 GMT
etag: 12700215250743596434
expires: Sat, 23 Dec 2023 15:23:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame DE34 9 KB
4 KB 27ms
26ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kriu.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 15:23:54 GMT
etag: 12700215250743596434
expires: Sat, 23 Dec 2023 15:23:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 123ms
59ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6E67 4 KB
1 KB 90ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 15:42:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8FA5 14 KB
1 KB 78ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 15:33:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 8FA5 2 KB
903 B 75ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:55:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 8FA5 24 KB
9 KB 76ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:54:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77D3 143 B
166 B 24ms
24ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 15:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 8FA5 3 KB
1 KB 71ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 22:01:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 8FA5 20 KB
9 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 20:42:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FA5 202 KB
64 KB 57ms
51ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 8FA5 37 KB
16 KB 81ms
26ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 20:29:37 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 6E67 16 KB
7 KB 45ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6784
x-xss-protection: 0
server: cafe
etag: 2582286893585073394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:58:21 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6E67 205 B
519 B 84ms
32ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:28:20 GMT
x-content-type-options: nosniff
age: 96709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Dec 2024 13:28:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6E67 604 B
695 B 85ms
33ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:41:25 GMT
x-content-type-options: nosniff
age: 103124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Dec 2024 11:41:25 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 6E67 22 KB
9 KB 47ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 12:33:03 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3A20 624 B
246 B 76ms
75ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhj2zo6AAjAB&v=APEucNUy_1pC2gz15L6pwncXQPju2WwGmEMHlrnT3Egt-a3SKgIz6yLkz5CVXNIpMvbDcQKt0Bv641odVXI_oCj2pFnkR3J-u-UrAgxU738pOIjLwEKZ12WLI_SpYzhzHplZQqtI2hsvaMeTmQmhJELgm3GMmL0HrW4T10aY-LWdvkwH6jcqGxE

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 16:20:09 GMT
expires: Sat, 09 Dec 2023 16:20:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C2EA 172 KB
61 KB 102ms
25ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 19:32:51 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame C2EA 7 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:08:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame C2EA 24 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:00:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C2EA 41 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame C2EA 3 KB
1 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 22:01:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame C2EA 20 KB
8 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 20:42:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2EA 202 KB
64 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2EA 42 B
63 B 124ms
124ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2MAmD_zKCmlNV1KUvEy8VLSNpGmGGuoctlG8rNsPr24EbmREjguyJwT8HJNMIZKljmBSXuFlF_ZXUyyKMUD8ZnQd5x2A-ZFTm34bR8yIbeQYC1kk

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9785 624 B
246 B 66ms
66ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhj2zo6AAjAB&v=APEucNUwE0rm9ge_rmD2-Kv8N2twDdZCYwbt3TNaSl8n-PlsJWdD1ySdnqqBEmc_ubw9PwwToqV41xv45e90c8yti308rh6gdZNb1FGpDqllfU9ThyUPvpr-9rU0sNoGP5WZffly4MewV50rx_GxXz8T1Ij9Gj0RA-ij1ap59wQ5zFaZ1X3BZCk

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 16:20:09 GMT
expires: Sat, 09 Dec 2023 16:20:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame AC98 172 KB
60 KB 100ms
53ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 19:32:51 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame AC98 7 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:08:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame AC98 24 KB
9 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:00:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AC98 41 KB
14 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame AC98 3 KB
1 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 22:01:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame AC98 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 20:42:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC98 202 KB
64 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC98 42 B
63 B 126ms
126ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3gmFOAFK5TO2MzEN8Z2qplJXMhJcTWvi5EEj55rkxL3oONfUPW7m8lBx13V3GVfva7y-w1jMIdJcGDrXSb7xbvgxy0fCmRtloo9-PIMm-MqoPQkg

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DE34 14 KB
1 KB 34ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 15:33:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame DE34 2 KB
856 B 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:55:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame DE34 24 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:54:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame DE34 3 KB
1 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 22:01:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame DE34 20 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 20:42:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE34 202 KB
64 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame DE34 37 KB
15 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 20:29:37 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11658984732641245949/ Frame DE34 13 KB
13 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11658984732641245949/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b66a5ed875ee84736d3c749876903333393e96d01827a83b334cc0e5b22ad2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:33:54 GMT
x-content-type-options: nosniff
age: 20775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13436
x-xss-protection: 0
last-modified: Sat, 05 Aug 2023 20:48:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 10:33:54 GMT

GET
DATA 200
OK truncated
/ Frame DE34 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DE34 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77D3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 16:20:09 GMT
expires: Sat, 09 Dec 2023 16:20:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 16:20:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 3A20
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMKA259nOoNufqrQiq3XHI&google_cver=1

43 B
342 B

47ms
47ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMKA259nOoNufqrQiq3XHI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhj2zo6AAjAB&v=APEucNUy_1pC2gz15L6pwncXQPju2WwGmEMHlrnT3Egt-a3SKgIz6yLkz5CVXNIpMvbDcQKt0Bv641odVXI_oCj2pFnkR3J-u-UrAgxU738pOIjLwEKZ12WLI_SpYzhzHplZQqtI2hsvaMeTmQmhJELgm3GMmL0HrW4T10aY-LWdvkwH6jcqGxE
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0vq8PwSnWjJhtz%2FmFB%2FzHcmws4TyJhXZ0mgQFmsgK0%2FCATPkT6p04ypWR7eOhUS25ekYLOAx%2B89fQrkH%2FgVmjZxtbmdDs411%2B%2BOhxohlrgN2HYMZNMu4lFqSKy7q9tp2ObtrU0vM7yHZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832e92e5d86e00b3-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENMKA259nOoNufqrQiq3XHI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3A20
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXSTuaZNB1OPcFNrZqrWVAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1

43 B
734 B

46ms
46ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhj2zo6AAjAB&v=APEucNUy_1pC2gz15L6pwncXQPju2WwGmEMHlrnT3Egt-a3SKgIz6yLkz5CVXNIpMvbDcQKt0Bv641odVXI_oCj2pFnkR3J-u-UrAgxU738pOIjLwEKZ12WLI_SpYzhzHplZQqtI2hsvaMeTmQmhJELgm3GMmL0HrW4T10aY-LWdvkwH6jcqGxE
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cY%2BeQ8NoLmNUea5BkSSfyCb2oCpfzpVZK%2FBD85tl4PU9gHNpJL1qskAooHUPZuctgV5tvUxkdMqXWG2J3B4%2B%2FuIqGJTU9T66heiCRxIgVcdHYUQDj9gnPfdsEVTLRlYh1hL1yvhdfuyb2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832e92e649e82a6e-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3A20
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN5zE7-jqq2bLUG8xNOwOM0&google_cver=1

43 B
838 B

22ms
21ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN5zE7-jqq2bLUG8xNOwOM0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhj2zo6AAjAB&v=APEucNUy_1pC2gz15L6pwncXQPju2WwGmEMHlrnT3Egt-a3SKgIz6yLkz5CVXNIpMvbDcQKt0Bv641odVXI_oCj2pFnkR3J-u-UrAgxU738pOIjLwEKZ12WLI_SpYzhzHplZQqtI2hsvaMeTmQmhJELgm3GMmL0HrW4T10aY-LWdvkwH6jcqGxE

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
an-x-request-uuid: 7502e1fe-687a-413f-a11b-163a759134cd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.59.164.109; 37.59.164.109; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN5zE7-jqq2bLUG8xNOwOM0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A20
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk3NzAxNTc3NDgxOTE3NzM3Mw%3D%3D

170 B
188 B

37ms
37ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk3NzAxNTc3NDgxOTE3NzM3Mw%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
an-x-request-uuid: 038cb397-0899-4832-ba62-008af0b94456
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk3NzAxNTc3NDgxOTE3NzM3Mw%3D%3D
x-proxy-origin: 37.59.164.109; 37.59.164.109; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2851 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kriu.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 7420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 14:16:29 GMT
expires: Sun, 08 Dec 2024 14:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EA85 829 B
998 B 35ms
35ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e254e1a94261543f5384c0cf4c98308e0ca87a5c4fc495681607d71091ff1ea8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mRiznG-vDZziEVQPgfGrCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://kriu.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mRiznG-vDZziEVQPgfGrCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 16:20:09 GMT
expires: Sat, 09 Dec 2023 16:20:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9785
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1

43 B
327 B

54ms
54ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhj2zo6AAjAB&v=APEucNUwE0rm9ge_rmD2-Kv8N2twDdZCYwbt3TNaSl8n-PlsJWdD1ySdnqqBEmc_ubw9PwwToqV41xv45e90c8yti308rh6gdZNb1FGpDqllfU9ThyUPvpr-9rU0sNoGP5WZffly4MewV50rx_GxXz8T1Ij9Gj0RA-ij1ap59wQ5zFaZ1X3BZCk
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sxyOrDRfhs8jw%2F0j4d1uwJyi3HF4V3acR5dbj4fiwing62UkKQQ0fPoGoZ0neqs5mo71AHXYKZ%2Fs0PijZMheApNiKK9NAS%2FR%2BJeAtAgRCN1tOWcLzfvvhY0kP3yCvFwWJrzHO9za%2FDwwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832e92e5d86c00b3-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9785
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXSTuaZNB1OPcFNrZqrWVAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1

43 B
767 B

44ms
44ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhj2zo6AAjAB&v=APEucNUwE0rm9ge_rmD2-Kv8N2twDdZCYwbt3TNaSl8n-PlsJWdD1ySdnqqBEmc_ubw9PwwToqV41xv45e90c8yti308rh6gdZNb1FGpDqllfU9ThyUPvpr-9rU0sNoGP5WZffly4MewV50rx_GxXz8T1Ij9Gj0RA-ij1ap59wQ5zFaZ1X3BZCk
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SdvDmY1MAGb4vr94bCaEeG5xF%2BdPOZNew3J6dY6BdDo0mQAKl9TnsNpJI8JpsVPdeOj5AUBjjle0ARTSM6T180%2BT6ezwB8zHhwy69BSTexNkbWZu08STNfiKEOvGIFPp30ygmYANDlM8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832e92e649e92a6e-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIofsOpcY1flhxBTsDj4wbA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9785
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN5zE7-jqq2bLUG8xNOwOM0&google_cver=1

43 B
839 B

28ms
28ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN5zE7-jqq2bLUG8xNOwOM0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhj2zo6AAjAB&v=APEucNUwE0rm9ge_rmD2-Kv8N2twDdZCYwbt3TNaSl8n-PlsJWdD1ySdnqqBEmc_ubw9PwwToqV41xv45e90c8yti308rh6gdZNb1FGpDqllfU9ThyUPvpr-9rU0sNoGP5WZffly4MewV50rx_GxXz8T1Ij9Gj0RA-ij1ap59wQ5zFaZ1X3BZCk

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
an-x-request-uuid: 0a1594b7-f895-4d7f-977a-585695486ca0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.59.164.109; 37.59.164.109; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN5zE7-jqq2bLUG8xNOwOM0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9785
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkxNjEwNzA4NTU2MDA3MzE3Mg%3D%3D

170 B
243 B

34ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkxNjEwNzA4NTU2MDA3MzE3Mg%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
an-x-request-uuid: 1c3cb2b8-f828-4fc0-81db-7179f35f5f4f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkxNjEwNzA4NTU2MDA3MzE3Mg%3D%3D
x-proxy-origin: 37.59.164.109; 37.59.164.109; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 93AF 38 KB
13 KB 25ms
24ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 45261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 03:45:48 GMT
expires: Sun, 08 Dec 2024 03:45:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8123 38 KB
13 KB 28ms
27ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 45261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 03:45:48 GMT
expires: Sun, 08 Dec 2024 03:45:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DE34 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db72a93bce3743a51491ceaaeb72a4637e4f521e079cd2cdc5d7cdc5efefc9c7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DE34 33 KB
34 KB 80ms
25ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:14:46 GMT
x-content-type-options: nosniff
age: 50723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 02:14:46 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DE34
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBozduJN0ZbavCoao78EPm9W84AaP3YGAdJnF3O-VEcq87ueoOBABIOiOiQJg--GFg5wKoAGwoNCiAsgBCakCYi2If_cOsj6oAwHIA8sEqgT8AU_QRqzYHb1XoVV7n8W-fxJGlkdWznb8jYk...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224175657628234360160%22,%22debug_reporting%22:true,%22destination%22:%22https://keukenland.be%22,%22event_report_window%22:...

0
0

111ms
60ms

Fetch
text/css

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224175657628234360160%22,%22debug_reporting%22:true,%22destination%22:%22https://keukenland.be%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22609488944%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224576126799321546849%22}&andc=true

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4175657628234360160","debug_reporting":true,"destination":"https://keukenland.be","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["609488944"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"4576126799321546849"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 16:20:09 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 16:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4175657628234360160","debug_reporting":true,"destination":"https://keukenland.be","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["609488944"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"4576126799321546849"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame AC51 51 KB
19 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:14:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:14:47 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 49 KB
6 KB 109ms
60ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b4ae328f9b51ba8c2350010ab66c7bd2244d03d3f8e91fa32a1abbe038ad559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 16:20:09 GMT
expires: Sun, 08 Dec 2024 16:20:09 GMT
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame C2EA 0
0 146ms
76ms Fetch
image/gif 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstEdWmZiQs4k_WjaYdsPvP5iVjJ3Wxc7D3x_Li129Ek80xD_Jgd-sEeESKXLNt663hT9ODDWCAE8hw66qtI1SOkYGC-rEk7-hrSSS7EFFN-SEh-TCbO8IhoLI_zxEiVk4Vr7r3AzRS6gIC6UT67C9YmwGZETfpWIqZEOLh2TuM0V5w46gPP-ZjdUKq9ze4Nzv3o1aTkuMgGTjtg3rKb2xoraZ7w9gWJlRa40Cx1BNwEdYWs4WRqsHU1Tw4JmSO4RSGHKuZInxYRMGe4bdaMxUJYoVJ0ju5f0QkYh6A_yAYNSFiyzEEQ2ujQEQJgjjjl8aUtN_Nc-8J6HoZDq7_OJlYuHbJRr2DZjG5f-BnsarFxGZd8FWV60EIpmvNN9LNfzT6Fs6sLN41XjgRCiePF15JzTyIIZwekHj13aIEHz59H_fk9Xy9fFMIoG3V12pWIBG8cA-U3xlZ8HfnOQtB4BMLtKPopHWswiQT97tEc_CoVaGvFHg3G4zVfWICkEbHlB4Fswb21yYClVpow-5in_6P2iTXaMKePXI8PN76g2Pje7kPrWm9hj5MoOG9ofIoVNzl7S26VJLeuyrsyvT0tOpBY_9HRHikwwAMIvPYCaijpwc4QL1XSBXWHqtLNktM-kJjt_DUvmn0UHgTkospiyvFiP4zE3BX_3LxQJg-_hvTqXJyWfl9IxA6ReE2lwCQHkwlS8A_7OxziKnBN1xt4KETdWQd5h_NS1HpYiK_jBRxb9MQxcQTjTf16tflX1tc58bN7v2lfzXKfpO5OeQhbpF8PfOx_5SURxCl7_DDLo3hBh_vPHD7N5PVvOVVfvt3U3cY2MZ0VZ7ZW9lLyOFPpXpapYZkYKMLndX-AJ8AVX6vy2xuDkbtBHhSqp3BOvIVUNK-UBliIezhjWm4fxvvjTu9047vMtFGt4UECeaRtFeDiRQafACCZqV_Mr-N4BWGi9vRmM2g75cG1-bMNwP8MIdp8WzLHz4wrUHKerIm6MZWXSN80LGkfAuDoCRU6U7z9yp5tI5AftwGCJADgydHO25SrPSS_hHKJ3DY6oLuQSiYwCQBm3GFIzy9KUAihBrz8e29nf-G5Ar-LIy2-wW1fqWFSh1T4Sx9PDVLk1xVHni4Z3iDw_YqgMBDicOag9jfzIwLf5xk71VZs2XP8UGxARsNpctDM3zrPsC9K3gh85NKcnpDmNjVG94oLVCVLFFqIXPblElgEVdD-3O5iGLTVV6toONDpk9jaxwMwnagkGaFVRKn9WXiDsbn0G5_6vYw1TFMjyD1lElYWE80AqdZBoaiiC740tj7JrAIUPzecL8anpPmCdDNx_BW25pPw7oLqhP3V7AoJokS1qaVEzaz___oyZ5BkXKP3VJL46MAmre3gmnof6xhUStQlGOnXJ-cKKsPexjSMIqUy9hvwVtyN2w&sai=AMfl-YTG8UwfhKOYs2hLYuWu4vbvHKYKONRYff7-Huu8ta8q3tb2wTsnauWCcXVYc1A9xHkGDXhkMVWWQNNS8wVuea7gHUpVpwFrq1YhBCsbHQcga4pEtlOhdD3rRcJPmULWPVhUWxeDxRgzDqZ16o8OTkL4G9v7QuZo5OtTqAJid-kFR72yQz2BAF0G2pgUUe60l4d5Ngnn1yLrVN5f_x6FE58Hkmndm9TYeMQW7DDF_VgGIRtOTFsIOH3IbhigFazs9KkaQw34uVK_za0YIp56i8B6js4kzkz-ujRNGkSDgTjgZ3VAXdWWEuGRvZ88QUHKqJwSy9ONvttJB8oYveltXXM1SmmQjwnyORhGYuG8ZiIBQAlwKB-A77LwyPs7PjDqmm61Yjiu6z2sjYafxdVF3vAjSpQebtXPOWX4fbWRLSBTIll6pPeloQZGPSsLEfJ2RXDnU1gYweO6H87q2BViZldYLIlQfr-MAOpjsqs81NKey3CJ_JExX6kDaa1St84_mkWDcsHna_9d&sig=Cg0ArKJSzCW7suNHJNv9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=199&cbvp=1&cstd=194&cisv=r20231206.81606&arae=0&ftch=1&adurl=

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 16:20:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 49 KB
6 KB 92ms
59ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b4ae328f9b51ba8c2350010ab66c7bd2244d03d3f8e91fa32a1abbe038ad559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 16:20:09 GMT
expires: Sun, 08 Dec 2024 16:20:09 GMT
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame AC98 0
0 128ms
73ms Fetch
image/gif 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss-cOl5FesOm97KcMLsOC0Y-4kKLFYIBvzOt6yKL863vPK74hlo3YK3TYzSeYZNqth4bYzyGLrXvRyaXf8ez5PKBOsCpblYTBClt5qkrLkw3xuowYAXwIo_JvYUaB80B4r-aA6yaE2s2nU_92oVut1GHKXt5QBv69oxUnwjL6jbYkPNu2D296P2LWUJWdpiPEapyQCRJ0lzEx2Jv_-7KM5qmTvglndSzo9sE-kH1FUP7iefCPI8y_mJ8TWV7YOVIV897XfGW5BPpP3d3MGhQtgAaHyGEmBH72eoUJpsx5WDxjnkkvB_tGLHOf7iBATz10I0RP4zbVlOxHLtxEH5KqJGgz7fDXMVgW7fpq84ocy4ai5tXVPmkmFT0huCIdx9-mdWw_8FMKeAGbz_e_eFSbrz65Itj_GaJLFkHcsIOu7ejndrmZIW3qm0iGjlss_hZR2ZCIPbcpcNEiHRZ2CBiQ971QAQrSUJ3yeVALpCgBLaMGJEgP7gGbkIDNfqDtxM988AQWW-tn_912dK2MVDOvih9Sery3dK3dcWGo3EL9ZOsGIIKfSI02HbNUUbLZCRlo8Z8tKh3xngaNc7HlhzwOvrYv6cKvb4ySSVpBeZgl9ECe5266rOezsrcRmBdyAvzxKg_KMclZ7WMNYhwL-4kwHbSnsiFv44YTSIHnm1EATlNV_f_hhMYihY3_Uw_liKOSKVVb7_yQNQRSsMZWCTtcMa9LFJSTvc4ZlAHxUZNA0epCxPnoIWUcD4zAh0njMIw3SNQHau-7tJr7dHHsEkSELh-RRofzi9bI360JDdx0e-1JmfylavQYbbohmV7jOniX3WdYHEdLB7BQC-qX_SXI0YQuA4U-E8nWrnwKam-19X4Ccfc0d2Y0L9kpYWTQDARo35HP4984cJOhhy9Wy3kIlvzd8Xm5kXRWnJXy8GwyToqWYO5nk_E1rv5e0q52iSuIC3IGDJp9fYJz_UZAOE3aZpDDq6puQnV2ZA1yatwSqFMgLcEOIKZ_zJSbIghycWI6Cn9cAjujsMyTK4N8nL9fh6XDkhX3ugoDxzdP9EEyMItjEhFplH9p_KDdSSySgjRVgDZtXsWNdm5CMKJBuE8dm2cwQoZwIdnYv7laYpSkmWjg3pVUwXr1amtL6XoFswQKFFfTQBE1X6Y1h9gq8rUEocng4pwYYdlm2M2MfVvgxFZFJSrFgzTSFata2xEhawVu9WtQ5uJRdGSMFqQqgEllGnNHlRRYh_RekihjL8wSIFfjAZdgw3Dsw2ofTp_pb6tPasyjx1ghOmfEie9wrXRwrMnccGGUIjDphPvxO_3u3_tP7ANoZjzO4PI-qe2DuuN0yHso7HmbUdXzNikmYKSGt-8QjAVvSiXofTVwLJaCXhJ9BBMCz_7xu8fL2zvturZ8IbFaorHo8Wk1VRh264Lw&sai=AMfl-YQ2yTjJXZvOQ2-p6Ovh0ovKwysU3SGVh2X28OpCQwBNuRve9JxuN2Zg-OOuC4HIkXjP7yM-Is4CmTdZ1Rk4JYcgM8n1BeAdvtgGbzY9QPN8htZmOrmoE4QDWjLcb4mBZhIPtVQL_iERyGtWK-GmFsqCWXIwm7_k8Fuz3QzVm6C144nFNi06dbd4uTXFxkrVZS1VVlYDL0HMpuS48QudcLm7TW5ZJF-TTojSCCe-c1lKFxUm2qxBuqxzVkHcTA-Y5me2S00rr7Emp5ys5smjyCK7HH83sz0E1WSroKHUSnBsiOpKAIOJxxdz9jv4TGtHduqM-HqxM8Vq0yxrOIZS925y8fadT1ZWdTjLvc7cD3H8L5HfcctXYTvFJGUeKt55ZTrUWBXPbGqOXqpgR8LgEeyD4sPQEfUIGVCB7i2rSxCQDU60E-dTHQXBIOG5fS8sua4GM7dHKz-A4q6QjQrMHfp_2nV7U66FfUwWIpLyotOhWvaMP_KZxhaHX6orkFinU0sECjDbEdLU&sig=Cg0ArKJSzEX4bONqKn0rEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=184&cbvp=1&cstd=181&cisv=r20231206.45784&arae=0&ftch=1&adurl=

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 16:20:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EA85 0
0 171ms
170ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=3877095460477304&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 93AF 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:01:59 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8123 39 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:01:59 GMT

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 993A 51 KB
19 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:14:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:14:47 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2851 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:01:59 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 117ms
60ms Preflight
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 16:20:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 55 B
103 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104507
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:18:22 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 731 B
263 B 41ms
39ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387269
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 04:45:40 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 24 B
72 B 38ms
36ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64594
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:23:35 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 303 B
202 B 37ms
35ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93099
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 14:28:30 GMT

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 26 B
74 B 46ms
44ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 13:00:53 GMT

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 157 B
144 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410622
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:16:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D68E 3 KB
752 B 35ms
33ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed06cb7e07f6273a1f366bafc7975082b76f5257b724ecfe805070b086554dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 15:02:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 20 KB
6 KB 56ms
55ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6266
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:46:03 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 3 KB
1 KB 54ms
53ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 23:19:02 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 8 KB
3 KB 55ms
54ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3136
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:18:26 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame D68E 120 KB
41 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 12:23:29 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 13 KB
4 KB 53ms
52ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4427
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 10:31:21 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 5 KB
2 KB 47ms
46ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447275
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2014
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 12:05:34 GMT

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 1 KB
619 B 50ms
49ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 590
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 03:22:43 GMT

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 4 KB
2 KB 59ms
58ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447275
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1725
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 12:05:34 GMT

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 3 KB
1 KB 82ms
81ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 13:47:02 GMT

GET
H3 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 3 KB
1 KB 46ms
45ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397352
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1485
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 01:57:37 GMT

GET
H3 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 5 KB
2 KB 77ms
77ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447275
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2351
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 12:05:34 GMT

GET
H3 200 gwd-text-fitting.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 5 KB
2 KB 81ms
80ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwd-text-fitting.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2038
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:23:44 GMT

GET
H3 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 23 KB
9 KB 80ms
79ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

838b3df01cf1550a1f03cc3cc43f6fc09755e4c8cb31a516c2f5f20831b1b11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75118
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9183
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 19:28:11 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 55 B
103 B 38ms
38ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104507
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:18:22 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 731 B
263 B 39ms
37ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387269
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 04:45:40 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 24 B
72 B 40ms
38ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64594
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:23:35 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 303 B
202 B 41ms
39ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93099
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 14:28:30 GMT

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 26 B
74 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 13:00:53 GMT

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 157 B
144 B 46ms
44ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410622
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:16:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AE8E 3 KB
752 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed06cb7e07f6273a1f366bafc7975082b76f5257b724ecfe805070b086554dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 16:19:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 20 KB
6 KB 73ms
72ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6266
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:46:03 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 3 KB
1 KB 71ms
70ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 23:19:02 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 8 KB
3 KB 72ms
71ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3136
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:18:26 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame AE8E 120 KB
41 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 12:23:29 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 13 KB
4 KB 69ms
68ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4427
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 10:31:21 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 5 KB
2 KB 56ms
55ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447275
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2014
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 12:05:34 GMT

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 1 KB
619 B 58ms
57ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 590
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 03:22:43 GMT

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 4 KB
2 KB 75ms
74ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447275
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1725
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 12:05:34 GMT

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 3 KB
1 KB 82ms
81ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 13:47:02 GMT

GET
H3 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 3 KB
1 KB 54ms
54ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397352
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1485
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 01:57:37 GMT

GET
H3 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 5 KB
2 KB 75ms
75ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447275
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2351
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 12:05:34 GMT

GET
H3 200 gwd-text-fitting.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 5 KB
2 KB 80ms
80ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwd-text-fitting.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2038
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:23:44 GMT

GET
H3 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 23 KB
9 KB 79ms
78ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

838b3df01cf1550a1f03cc3cc43f6fc09755e4c8cb31a516c2f5f20831b1b11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75118
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9183
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 19:28:11 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2851 0
10 B 25ms
24ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dtIZyQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93AF 0
20 B 137ms
137ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTLXmuJN0ZbSvCoao78EPm9W84AYAAAAAOAHgBAI&bg=!tbaltvnNAAY3kmNgF5I7ADQBe5WfOAa4nvKf93TCQFS8vCeJWzipuKwcOM4UqBcvDxOIBuIv2YqlWZ7dxEumFnBUboFIAgAAAHdSAAAAAWgBB5kDMF33SF4JjHJSgY4WJlFNOsCu2vm6OiTBsBL-3AHajXqodmIvEdF-gbRWAafI_QUPbI1n5ff3-uyesJTZ9vdnV6-P8sbM-2kHcZ8O8GfFVBp5pmX4lNbM8CTz-2p5hjTNPrGRb7VfLxFJ35uRN7fGHYaeCYVve7xXyHgmr9HZJmguiGZjG-3OdaymEYpcJZzFu0AvyqAG8ZhivlGwRmDDPUf6pEW7cLxPPI1bbxTZmAC94Svp-1PZSVsWjTye0CtLYV9vX6GBC6SFgaOt2_p76KowB0_tszbaPH2a8MAHaOsM8RuYEldHKjhukvwBRrJHlIsqeEM7j54IyPQi3NUUqb-5fl7mZyBw07ogwUHmZiYE3uv0RoterVM1KBqo8-1BMe_Jz670xfjyovGEZ6pytkKqGFbpfkaHYbmtTuvUaWJh7T0DFPiF0Uv392Ncrcc85tnQQwtdFQsb-ARWkyH0GzM8CsUN_zhh773kESabmtIBJ8Q6wpFKzfnV6uvgSF0kCc9vvOM-6TAbeV8NY9PRfsDGuQRow-BEzl7mqUOF5tTBCVj8HEA9dpG-gf57LyMFznbmfd8NC0Vax4NsN9WgTIcIJc2FQXZ3GVojEOV3_ORsoCq2vamyQZvoTL2BdqEXVwDtye4WqTl2SXFQV3rm3MukipdIThTRKzjlA10GGeZMWimKbKFoiTTxhrO43GRuiq48Cm91PYgD3csYWYUhta2DKrIJPz7rmFtCeWNXppf6nxLJuSWfwAVG3ti9FP-ZqgNK39bF_7Jis1SbukxMPw_WXPq3_Bgz2sYStW8slJ1rKd-UtVFzewG7ga2vk3K1c83X4BkiwKGWIB1hGQCrXJePCFKNySxxKxhmpIjiVIzeHiDNU7qx_4agVcAezohztBqKYFUxNTwzzVg7hkuDHdRW-fwsupP0X3fl0GGsknVY_iCyA4ZystljqmCxQlolZkOHv_HVAKzsCwSaZ7A1don5E26XoY_ARSdUz2MVwecynl-SpcNsYPnP2b_bUlPVePGIGUeEfWOtTNqLk7pIZ266sQWSLzFwnDPo6gUv4EQBb6ksNPrL25XRDJgL-rqi_w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8123 0
20 B 131ms
131ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B6J8FuJN0ZbWvCoao78EPm9W84AYAAAAAOAHgBAI&bg=!AQKlAk3NAAY3kmNgF5I7ADQBe5WfOEGNbO4r2jo1vYvDaYSnMac89yHN-PpNMu7mBLZHsO_ZJbQBrpzhWqNyXoURnEfJAgAAAH5SAAAAAmgBB5kDPQi0x-Rrm4XwEXmvKjON-Df1IeneqX1aJ0_AQ6Z4EVtwn4QnRCLqlDRXX9xii_W2wE0bTmBdZ6bkNArCSLyZ1aFknByZm389-qrc397c2oGIqv6wY9DQwi4FrKhvxN6nqxKjUZHoyUrzbOdZ87-JKd1hcHI0FVj82CDszPacjIDYZVgpAffZvMStRrSI2NHyyAokyN7VLDDS3TEI3YlFUr-hdPqEbkiI39y2SJSBDKbVGv6rxhElIriKA_7Y7YTKvEWzjg9wRqQ0nk09SVhd764nkcRBfEq0mh4-UOwvZWk4BF_KdDlpG4VtWo0gdkxJdDIjuoJAe-UqfQwmOaNLOsSvvVPZuM2etL7DQEOiFpBiqVl-HkdicJoFTcCjG5XIiyZXJO_G_tiVNktAZtOcVVAPasee4gbOhe6ye1K_UpZMpjcVoWifi_Jr4etv20eF_Glq_p_aHGZjAZmfXBxHRa169DsyqgrR5CCkkZVop_TMr1tCLDMSEXq9gyh754qY_8qif7z2FKK2BBpqxpan4Eth8zIkt5BK-1GuUY227JaLpH_YAUBs2XXvjBMjgZLT_5m-4QuGYC5t_-2efIxi3KemaZn4kePJK7wxcfRxjR8VWG5xz47R4nsoxtbQsxwaso-ae8ShgTFYMulb6cfd50fF9iuL3oMeAu-9ErsH4bCePnbWEPaVFr1rKzNTRauBUQHcB8-2ygJ3OUxkCImvdqWgUooX008J9Sz9r7r_znJzvonnmkeT9xWWS8Y36pP7QS9_6IJft5tce6eQGlkAlvmmvGmYZqm2QGvlnurEd2xHpL5TvbdbteIqJnv8Or0zHJ-dXuAQ9vhFut91Zmz3V0K1TZTh9tFkt1mesj0-X6ZxZLeeH1kPB7XWdfeoVeAVViuLrzmhpYf0hRbSPasKWnnbZDjpKvg98TmTvM3dLXafU7742qDY1MGQ96Ez16VwZsDOacLLm1FZDgSY1L8WEYRPxmEFvkq1DLM8Q6Ewk7serH6LAIJqKMHg9Y8aDdC9aKgziKFghy63CrlIrTJNzn-lC7POdH0n7KXVji781SqPCrfX85NsEoF2CD4heREfZN7qQxKuOZGqcLb7Yp8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame AC98 0
0 66ms
65ms Fetch
image/gif 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss-cOl5FesOm97KcMLsOC0Y-4kKLFYIBvzOt6yKL863vPK74hlo3YK3TYzSeYZNqth4bYzyGLrXvRyaXf8ez5PKBOsCpblYTBClt5qkrLkw3xuowYAXwIo_JvYUaB80B4r-aA6yaE2s2nU_92oVut1GHKXt5QBv69oxUnwjL6jbYkPNu2D296P2LWUJWdpiPEapyQCRJ0lzEx2Jv_-7KM5qmTvglndSzo9sE-kH1FUP7iefCPI8y_mJ8TWV7YOVIV897XfGW5BPpP3d3MGhQtgAaHyGEmBH72eoUJpsx5WDxjnkkvB_tGLHOf7iBATz10I0RP4zbVlOxHLtxEH5KqJGgz7fDXMVgW7fpq84ocy4ai5tXVPmkmFT0huCIdx9-mdWw_8FMKeAGbz_e_eFSbrz65Itj_GaJLFkHcsIOu7ejndrmZIW3qm0iGjlss_hZR2ZCIPbcpcNEiHRZ2CBiQ971QAQrSUJ3yeVALpCgBLaMGJEgP7gGbkIDNfqDtxM988AQWW-tn_912dK2MVDOvih9Sery3dK3dcWGo3EL9ZOsGIIKfSI02HbNUUbLZCRlo8Z8tKh3xngaNc7HlhzwOvrYv6cKvb4ySSVpBeZgl9ECe5266rOezsrcRmBdyAvzxKg_KMclZ7WMNYhwL-4kwHbSnsiFv44YTSIHnm1EATlNV_f_hhMYihY3_Uw_liKOSKVVb7_yQNQRSsMZWCTtcMa9LFJSTvc4ZlAHxUZNA0epCxPnoIWUcD4zAh0njMIw3SNQHau-7tJr7dHHsEkSELh-RRofzi9bI360JDdx0e-1JmfylavQYbbohmV7jOniX3WdYHEdLB7BQC-qX_SXI0YQuA4U-E8nWrnwKam-19X4Ccfc0d2Y0L9kpYWTQDARo35HP4984cJOhhy9Wy3kIlvzd8Xm5kXRWnJXy8GwyToqWYO5nk_E1rv5e0q52iSuIC3IGDJp9fYJz_UZAOE3aZpDDq6puQnV2ZA1yatwSqFMgLcEOIKZ_zJSbIghycWI6Cn9cAjujsMyTK4N8nL9fh6XDkhX3ugoDxzdP9EEyMItjEhFplH9p_KDdSSySgjRVgDZtXsWNdm5CMKJBuE8dm2cwQoZwIdnYv7laYpSkmWjg3pVUwXr1amtL6XoFswQKFFfTQBE1X6Y1h9gq8rUEocng4pwYYdlm2M2MfVvgxFZFJSrFgzTSFata2xEhawVu9WtQ5uJRdGSMFqQqgEllGnNHlRRYh_RekihjL8wSIFfjAZdgw3Dsw2ofTp_pb6tPasyjx1ghOmfEie9wrXRwrMnccGGUIjDphPvxO_3u3_tP7ANoZjzO4PI-qe2DuuN0yHso7HmbUdXzNikmYKSGt-8QjAVvSiXofTVwLJaCXhJ9BBMCz_7xu8fL2zvturZ8IbFaorHo8Wk1VRh264Lw&sai=AMfl-YQ2yTjJXZvOQ2-p6Ovh0ovKwysU3SGVh2X28OpCQwBNuRve9JxuN2Zg-OOuC4HIkXjP7yM-Is4CmTdZ1Rk4JYcgM8n1BeAdvtgGbzY9QPN8htZmOrmoE4QDWjLcb4mBZhIPtVQL_iERyGtWK-GmFsqCWXIwm7_k8Fuz3QzVm6C144nFNi06dbd4uTXFxkrVZS1VVlYDL0HMpuS48QudcLm7TW5ZJF-TTojSCCe-c1lKFxUm2qxBuqxzVkHcTA-Y5me2S00rr7Emp5ys5smjyCK7HH83sz0E1WSroKHUSnBsiOpKAIOJxxdz9jv4TGtHduqM-HqxM8Vq0yxrOIZS925y8fadT1ZWdTjLvc7cD3H8L5HfcctXYTvFJGUeKt55ZTrUWBXPbGqOXqpgR8LgEeyD4sPQEfUIGVCB7i2rSxCQDU60E-dTHQXBIOG5fS8sua4GM7dHKz-A4q6QjQrMHfp_2nV7U66FfUwWIpLyotOhWvaMP_KZxhaHX6orkFinU0sECjDbEdLU&sig=Cg0ArKJSzEX4bONqKn0rEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=424&vt=11&dtpt=240&dett=3&cstd=181&cisv=r20231206.45784&arae=0&ftch=1&adurl=

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AC98 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba1a74683ce953e1c2b4ee06595c504fec81eda13296869a3d5f480e02ea9543

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Gotham-Black.otf
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 22 KB
16 KB 25ms
25ms Font
font/otf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/Gotham-Black.otf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:25:39 GMT

GET
H3 200 Gotham-Book.otf
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 21 KB
15 KB 30ms
30ms Font
font/otf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/Gotham-Book.otf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15380
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:19:33 GMT

GET
H3 200 Gotham-Bold.otf
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 21 KB
15 KB 29ms
29ms Font
font/otf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/Gotham-Bold.otf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387268
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15057
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 04:45:41 GMT

GET
H3 200 NotoSans-Regular.otf
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 1 MB
424 KB 26ms
26ms Font
font/otf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/NotoSans-Regular.otf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 20:55:31 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame C2EA 0
0 64ms
63ms Fetch
image/gif 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstEdWmZiQs4k_WjaYdsPvP5iVjJ3Wxc7D3x_Li129Ek80xD_Jgd-sEeESKXLNt663hT9ODDWCAE8hw66qtI1SOkYGC-rEk7-hrSSS7EFFN-SEh-TCbO8IhoLI_zxEiVk4Vr7r3AzRS6gIC6UT67C9YmwGZETfpWIqZEOLh2TuM0V5w46gPP-ZjdUKq9ze4Nzv3o1aTkuMgGTjtg3rKb2xoraZ7w9gWJlRa40Cx1BNwEdYWs4WRqsHU1Tw4JmSO4RSGHKuZInxYRMGe4bdaMxUJYoVJ0ju5f0QkYh6A_yAYNSFiyzEEQ2ujQEQJgjjjl8aUtN_Nc-8J6HoZDq7_OJlYuHbJRr2DZjG5f-BnsarFxGZd8FWV60EIpmvNN9LNfzT6Fs6sLN41XjgRCiePF15JzTyIIZwekHj13aIEHz59H_fk9Xy9fFMIoG3V12pWIBG8cA-U3xlZ8HfnOQtB4BMLtKPopHWswiQT97tEc_CoVaGvFHg3G4zVfWICkEbHlB4Fswb21yYClVpow-5in_6P2iTXaMKePXI8PN76g2Pje7kPrWm9hj5MoOG9ofIoVNzl7S26VJLeuyrsyvT0tOpBY_9HRHikwwAMIvPYCaijpwc4QL1XSBXWHqtLNktM-kJjt_DUvmn0UHgTkospiyvFiP4zE3BX_3LxQJg-_hvTqXJyWfl9IxA6ReE2lwCQHkwlS8A_7OxziKnBN1xt4KETdWQd5h_NS1HpYiK_jBRxb9MQxcQTjTf16tflX1tc58bN7v2lfzXKfpO5OeQhbpF8PfOx_5SURxCl7_DDLo3hBh_vPHD7N5PVvOVVfvt3U3cY2MZ0VZ7ZW9lLyOFPpXpapYZkYKMLndX-AJ8AVX6vy2xuDkbtBHhSqp3BOvIVUNK-UBliIezhjWm4fxvvjTu9047vMtFGt4UECeaRtFeDiRQafACCZqV_Mr-N4BWGi9vRmM2g75cG1-bMNwP8MIdp8WzLHz4wrUHKerIm6MZWXSN80LGkfAuDoCRU6U7z9yp5tI5AftwGCJADgydHO25SrPSS_hHKJ3DY6oLuQSiYwCQBm3GFIzy9KUAihBrz8e29nf-G5Ar-LIy2-wW1fqWFSh1T4Sx9PDVLk1xVHni4Z3iDw_YqgMBDicOag9jfzIwLf5xk71VZs2XP8UGxARsNpctDM3zrPsC9K3gh85NKcnpDmNjVG94oLVCVLFFqIXPblElgEVdD-3O5iGLTVV6toONDpk9jaxwMwnagkGaFVRKn9WXiDsbn0G5_6vYw1TFMjyD1lElYWE80AqdZBoaiiC740tj7JrAIUPzecL8anpPmCdDNx_BW25pPw7oLqhP3V7AoJokS1qaVEzaz___oyZ5BkXKP3VJL46MAmre3gmnof6xhUStQlGOnXJ-cKKsPexjSMIqUy9hvwVtyN2w&sai=AMfl-YTG8UwfhKOYs2hLYuWu4vbvHKYKONRYff7-Huu8ta8q3tb2wTsnauWCcXVYc1A9xHkGDXhkMVWWQNNS8wVuea7gHUpVpwFrq1YhBCsbHQcga4pEtlOhdD3rRcJPmULWPVhUWxeDxRgzDqZ16o8OTkL4G9v7QuZo5OtTqAJid-kFR72yQz2BAF0G2pgUUe60l4d5Ngnn1yLrVN5f_x6FE58Hkmndm9TYeMQW7DDF_VgGIRtOTFsIOH3IbhigFazs9KkaQw34uVK_za0YIp56i8B6js4kzkz-ujRNGkSDgTjgZ3VAXdWWEuGRvZ88QUHKqJwSy9ONvttJB8oYveltXXM1SmmQjwnyORhGYuG8ZiIBQAlwKB-A77LwyPs7PjDqmm61Yjiu6z2sjYafxdVF3vAjSpQebtXPOWX4fbWRLSBTIll6pPeloQZGPSsLEfJ2RXDnU1gYweO6H87q2BViZldYLIlQfr-MAOpjsqs81NKey3CJ_JExX6kDaa1St84_mkWDcsHna_9d&sig=Cg0ArKJSzCW7suNHJNv9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=464&vt=11&dtpt=265&dett=3&cstd=194&cisv=r20231206.81606&arae=0&ftch=1&adurl=

Requested by

Host: kriu.lt
URL: http://kriu.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C2EA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a989aeff3069824bc618981b7d6bc94da2f31a5b2d6881bec5da368c31993a86

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Gotham-Black.otf
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 22 KB
16 KB 29ms
28ms Font
font/otf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/Gotham-Black.otf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:25:39 GMT

GET
H3 200 Gotham-Book.otf
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 21 KB
15 KB 30ms
30ms Font
font/otf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/Gotham-Book.otf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15380
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:19:33 GMT

GET
H3 200 Gotham-Bold.otf
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 21 KB
15 KB 32ms
31ms Font
font/otf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/Gotham-Bold.otf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387268
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15057
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 04:45:41 GMT

GET
H3 200 NotoSans-Regular.otf
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 1 MB
424 KB 33ms
32ms Font
font/otf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/NotoSans-Regular.otf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 434259
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 20:55:31 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D68E 7 KB
6 KB 66ms
66ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da0dade389128988ee18fd6b6472ba39d8d47110b3515af2de0a85dad57da55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5716
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AE8E 8 KB
6 KB 67ms
67ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b960c0a225997e8fd928a0da36d29ad13b6393b5e9390dca74c912b55afce835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5814
x-xss-protection: 0

GET
H3 200 button.png
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 309 B
344 B 83ms
83ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/button.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

877114c35f4d21070e2cd28451a515493963cf7f5e8dc3a4ddb7e23b06f39c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:25:57 GMT
x-content-type-options: nosniff
age: 39252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 05:25:57 GMT

GET
H3 200 newlogos_160x600.png
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 15 KB
15 KB 86ms
85ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/newlogos_160x600.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

641b55af74c429c254e1e294d83d3f9f6fdb3f4d18396635e0bf2720564b8e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:25:13 GMT
x-content-type-options: nosniff
age: 57296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15830
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:25:13 GMT

GET
H3 200 43882346_20231123013423832_DCO_RHG_DreamDeals23_Generic_160x600.jpg
s0.2mdn.net/ads/richmedia/studio/43882346/ Frame AE8E 62 KB
62 KB 88ms
87ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/43882346/43882346_20231123013423832_DCO_RHG_DreamDeals23_Generic_160x600.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f67749bde73329d7f1b3641194b756c78337b9424f722a7db2a1fc7ff1127e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 73686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63862
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 09:34:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 19:52:03 GMT

GET
H3 200 1200x628_RH-Radisson-Hotels_RGB-GREY.png
s0.2mdn.net/sadbundle/9819101009755665971/ Frame AE8E 30 KB
30 KB 89ms
89ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/1200x628_RH-Radisson-Hotels_RGB-GREY.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=fRM4gKHWNW&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:43:08 GMT
x-content-type-options: nosniff
age: 373021
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30313
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 08:43:08 GMT

GET
H3 200 button.png
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 309 B
344 B 84ms
83ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/button.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

877114c35f4d21070e2cd28451a515493963cf7f5e8dc3a4ddb7e23b06f39c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:25:57 GMT
x-content-type-options: nosniff
age: 39252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 05:25:57 GMT

GET
H3 200 newlogos_160x600.png
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 15 KB
15 KB 87ms
86ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/newlogos_160x600.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

641b55af74c429c254e1e294d83d3f9f6fdb3f4d18396635e0bf2720564b8e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:25:13 GMT
x-content-type-options: nosniff
age: 57296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15830
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:25:13 GMT

GET
H3 200 43882346_20231123013423832_DCO_RHG_DreamDeals23_Generic_160x600.jpg
s0.2mdn.net/ads/richmedia/studio/43882346/ Frame D68E 62 KB
62 KB 90ms
90ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/43882346/43882346_20231123013423832_DCO_RHG_DreamDeals23_Generic_160x600.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f67749bde73329d7f1b3641194b756c78337b9424f722a7db2a1fc7ff1127e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 73686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63862
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 09:34:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 19:52:03 GMT

GET
H3 200 1200x628_RH-Radisson-Hotels_RGB-GREY.png
s0.2mdn.net/sadbundle/9819101009755665971/ Frame D68E 30 KB
30 KB 91ms
90ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9819101009755665971/1200x628_RH-Radisson-Hotels_RGB-GREY.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9819101009755665971/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9819101009755665971/index.html?e=69&leftOffset=0&topOffset=0&c=3JIq2NG057&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:43:08 GMT
x-content-type-options: nosniff
age: 373021
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30313
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 12:03:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 08:43:08 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D68E 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AE8E 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 16:20:09 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 446E 39 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:01:59 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 42D4 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:01:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 178ms
178ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=3877095460477304&bg=!kZKlkt3NAAY3kmNgF5I7ADQBe5WfOHg9C2Xg8HdsuJ9UApOw62DidTTe-wQirNVSdCzEckqzdmrZHLdA-J3ykuUrEw9lAgAAAGdSAAAAAmgBB5kC_CEuomX_SagIwQhST91jJBEaLlxzjrwBy4lWrppEENVe4ok9LfyieaH7hYIWUrAILlRJfacQTa3GN0kbWYD_0yltJssFBtyj8Mw58JI2ytkcZQ5_qf237DNZgMMNNrdg1iI6gPjl1xAdpzqvSkodLosQ_f9ORz95g-IiArmXODOGLBV8bce26sSidZgSJ8ScgPKEnvf7X9sYoQrnEvbzsyIwO1M33BEVFqMD56pQLx6Pn42FlEzMGbExeR1xsik0FFRPbxZsHKNX3r_d9Pw5JQxvb4YLoyNBVU2QdSM4VjX7cl2yRKdTbS2-7LGfGYHj4akVU2jw0Dq5rbHyI4WDcI3va2QkkcIlMEqGJKUt7_UrXOq3q578W8gFj2JXurwjmB8O_wvu-d_z6j9eA3TPPiq83vjSU44lvX8UVR3jFA4aysPB-oNb_89r3BGrjBdidLDklBceUsreFmvyow8yXLB1mqfj1o1_J4NklSKchZixc5nevuRqrxoGiLWJLzl3a1v426w-sAEbnDicTYdkY_K1MwwbBLKcP1FmLSEkUScxssn9y0uz4JLY94hpumO9xXrT6jtFEv31lXtVJLPodiyJurXOgJNNnEmXxe170RfbVNTV2S3mMGECU1iXV9Gt9paCyjLE-E7vsVAg0cqY7WOMVlSXmNK1EeHawtzzQ7TIJQ0YEs1cYZGnxTUwcdLHycwJEr-IFqHA_LcIc30zth_HhVlVeewTwqP8cFnvlmAymRbQcTbVZ2eDM87QaP2qIhuYvUmaFaETjfNJQpwbkPdfNRgpQF1lZyXfM37qK0exOhGCLAIK2ixq66aRCeN4RDLkRrCNbx3U0GXIQg_q0d7TqSDeH6bhz9XBup6TmLPjB8a5feolI0I8CCVxAPNpg8-eMqGpjH8KFBiFdsF2-oR0Kx0zHrvDmGrkxJiQTFql0BLhtRQtoXb1CkTY0iiTvnkw1DH4DKgOYpyP6jR9HT5h7dokk5aRyDA0v5iBgfXdF3xOAHkL2a1NNrjD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://kriu.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DE34 42 B
64 B 177ms
177ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNb8Z7td1iyobNqTRwyhVGy4XI5DGxCmzhVWzZ2GCuXOm4oH5A4BakGpA_DXTKFU7YStrhZqFNtAZXxFV6YIXNH8Z8n72epZXb3i_G7czDBGSqt40fQoI-qUnS9Fgr66orHGu4rUX505l9&sai=AMfl-YTvwPpm_ZR2Z6kwN7S86qEv75rIV4p0Kz8Z36lgvx_08w-dwzHlz1DZ0Smage2rC-hU9Q161Yj7kttHD47PsobHyJ6SKfFK2h5WWI7qojzcyFMf7GcI5_qMML_HLXTfha_V5mIqhXz5gnIQIVkUEckJkYvKdb6cP6bz&sig=Cg0ArKJSzCd5N1-fSZB6EAE&cid=CAQSTwDICaaNFiAV1bcJTNYQ_i9_wY1DL3kqvFXK97Ite3D6bejD9HkMoWypnkic5aJ6BlLQ8WWHJ7jDhoxY80lMRkC9pGbVO5qQ9dV0eNV89hsYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=125,808,1000,1158,1158&tos=125,683,192,158,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1702138808977&rpt=249&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AC98 42 B
64 B 178ms
177ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXC_W3jkPrkbDL7XfOdyB5oNlFcC7SbqFq_cYJisE7CPMjgdp6gn56R17rSuefxxLOfZtTAfak8I7W7wlZauDFXqN-EVPbFPDxWgtIRsyb5-WgJNrHgMqepcXEIAmnH037BDvhABB5eNm8&sai=AMfl-YTgb4ULxxjVv0CCgXfciIo9NmdELYnNnPUWpppeu1qYIdY8MRmYfNWhJ2gQLzwA5KHlJVB2z979fI05h6CpyZl7DdGw-gSyU44fCdUonXJze-W-0nxJYP7DmsoTsV4g2zfxHn3cDwRVWK3viXpxjtWmAeXB-u3WgQKM&sig=Cg0ArKJSzPEIlhB7DK8BEAE&cid=CAQSTwDICaaNFiAV1bcJTNYQ_i9_wY1DL3kqvFXK97Ite3D6bejD9HkMoWypnkic5aJ6BlLQ8WWHJ7jDhoxY80lMRkC9pGbVO5qQ9dV0eNV89hsYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1702138809072&rpt=331&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C2EA 42 B
64 B 177ms
177ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRp77KZkzA32gUcWP7z6WdJmgmJ-fGYHsiM9acbamQBedaUNwBAuHu22sgJNMd4qe9SoX0RNmIzPspNTYLQRys03FCFigCTNGo7bmjnNa1nyo7gZHrefKRRnNJM1V6MRKm1vMga5rU1sUz&sai=AMfl-YRaXjs8bWUox2QqW_LJyTmNRzS2Fg6Sr5H-F0AZMUzhe9OyQeFlj_xwBjk4Hw078lEcHArzcO_jzgWoR0y-HRCi0TGLXZpeixZcw-Ne9iuDgsZnsc0kValAWCb3meHpXpnwL4rolWGYKlBQy7GI_yH-52DvmmjF-ell&sig=Cg0ArKJSzGlIUvoEANheEAE&cid=CAQSTwDICaaNFiAV1bcJTNYQ_i9_wY1DL3kqvFXK97Ite3D6bejD9HkMoWypnkic5aJ6BlLQ8WWHJ7jDhoxY80lMRkC9pGbVO5qQ9dV0eNV89hsYAQ&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1702138809041&rpt=363&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 16:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kriu.lt/	1970-01-21 02:24:58	Name: __utma Value: 76271311.1994619091.1702138808.1702138808.1702138808.1
.kriu.lt/	1970-01-20 16:49:00	Name: __utmb Value: 76271311
.kriu.lt/	1969-12-31 23:59:59	Name: __utmc Value: 76271311
.kriu.lt/	1970-01-20 21:11:46	Name: __utmz Value: 76271311.1702138808.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
.kriu.lt/	1970-01-21 02:10:34	Name: __gads Value: ID=27bae0d73067394e:T=1702138808:RT=1702138808:S=ALNI_MY2awHh4p5ofPkZyD2WQhq4u7Sb0w
.kriu.lt/	1970-01-21 02:10:34	Name: __gpi Value: UID=00000d10f46b104f:T=1702138808:RT=1702138808:S=ALNI_MbJnU9Jxgk4cQwPo0fedPnwDdmszA
.doubleclick.net/	1970-01-21 02:10:34	Name: IDE Value: AHWqTUlEI-sjigbv26qOl0KJMwX6rT7mBJgwboB8KDCQw2jVFjz8Qpyt1qdf_-Pw
.casalemedia.com/	1970-01-21 01:34:34	Name: CMID Value: ZXSTuaZNB1OPcFNrZqrWVAAA
.casalemedia.com/	1970-01-20 18:58:34	Name: CMPS Value: 5179
.casalemedia.com/	1970-01-20 18:58:34	Name: CMPRO Value: 5179
.doubleclick.net/	1970-01-20 16:49:02	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 18:58:34	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In:lqlyh!]tbPl1M>e)ZlrFUfJ+tGXxp6FuKf3HL>5B?6JdVb4'JKN'@AyNabVrU[GJf3If)y3KL9D3I?+WOgjW/
.adnxs.com/	1970-01-20 18:58:34	Name: uuid2 Value: 8977015774819177373
.googleadservices.com/	1970-01-20 18:58:34	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
images.kriu.lt
katu.lt
kriu.lt
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.185.226
142.250.185.70
142.250.186.162
172.64.151.101
2a00:1450:4001:809::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2016
2a00:1450:4001:831::2006
37.252.172.123
5.196.45.209
79.98.28.17
0ac03dea788b51ecc43ed2ef74b928f7f78f908dcf9090665c56876cc0a4d9ae
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
14100fdfce8e64b37944f91af7bc6a47c00f33ed2f475675921c44329e27fc2b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1dd953d3576bfa6c77523397fe7b5c3a7b1477f1515a4648cdd579f9b6e8c38e
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42c5e6eab8f9337501541f19a1ebb8b81f4ed5288859e04cee5d16ce637b3add
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4b4e5615009a01b9dc1c7372569c28b8ba705e2d1544692821fbe32d66a3f9e6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c52e2ac7d504cb659ca5c40e37e0771ed855e3e2029673706bec65c0f9be2e1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b4ae328f9b51ba8c2350010ab66c7bd2244d03d3f8e91fa32a1abbe038ad559
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
641b55af74c429c254e1e294d83d3f9f6fdb3f4d18396635e0bf2720564b8e3f
6484ac43b0cb87e0fa97ec4a681fb83050f69cd61c2dada3cd288b29dfebe3ad
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
73e318844a505ff6068d56402afd2e731448301110b48a555b4297b82ee3104a
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838b3df01cf1550a1f03cc3cc43f6fc09755e4c8cb31a516c2f5f20831b1b11e
877114c35f4d21070e2cd28451a515493963cf7f5e8dc3a4ddb7e23b06f39c3a
88e815f4abc5ddee1e9c47d13d525bba925f73fc4f03a4cbd23590af34441c7b
8b66a5ed875ee84736d3c749876903333393e96d01827a83b334cc0e5b22ad2b
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
92253836ddd300ad7cb47d6f1e55a395138e26d8904440b542393a471dcf82a6
99f67749bde73329d7f1b3641194b756c78337b9424f722a7db2a1fc7ff1127e
9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a2ff932b40abc33f4e3a6b08c90e8efdbb2c0df6fcb2b0f194b97c2b42c656c1
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a989aeff3069824bc618981b7d6bc94da2f31a5b2d6881bec5da368c31993a86
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
b12a41b0813ee6c8804ff3b9201aa32d43aabfbbe6d5069efa135674a0233dc9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
b960c0a225997e8fd928a0da36d29ad13b6393b5e9390dca74c912b55afce835
ba0844711968ec5cc97dc654baa417f223c9debac9a83cfcf68d91daf9da470f
ba1a74683ce953e1c2b4ee06595c504fec81eda13296869a3d5f480e02ea9543
bc70a61d06009ccfe56d4862b4af7ba2244f73e9a46a8bab837feeb028540b8b
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5b09f493f1f9ddd318eb18644184180ad9ccc594ad0c5f06e32f3871fe8d655
c73aeff7d1686c2320ff910d314eeccc3ba84f60814fc12ae39b78922905425d
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c9d9b8d8e3687557e4762f6610a2cdfa72797e2409ac111c489b75ac510ce344
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d840e2ea93ba3b5485975586ca36bfabd447cc260e563a8f8729fc2701d7d700
da0dade389128988ee18fd6b6472ba39d8d47110b3515af2de0a85dad57da55c
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
db72a93bce3743a51491ceaaeb72a4637e4f521e079cd2cdc5d7cdc5efefc9c7
dd307f6856fa0bc05f9163aee3f4931bc711e575bc4f17c4096c071406f72664
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
de26176e203776854733577ca6708fd0129591c9fa777234e532ceb87936017a
e254e1a94261543f5384c0cf4c98308e0ca87a5c4fc495681607d71091ff1ea8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed06cb7e07f6273a1f366bafc7975082b76f5257b724ecfe805070b086554dae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71b692f2abd27afd1fc948dff479a3d93307f52cb7af5bb0b114615f5b85c1a
f7f700a8ab1b15589de939a98056fbdddb644498a4b8847b0c0a741e951f7807
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

kriu.lt Open in urlscan Pro 5.196.45.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

165 Requests

85 %HTTPS

59 %IPv6

14 Domains

19 Subdomains

18 IPs

4 Countries

2675 kBTransfer

6639 kBSize

14 Cookies

33 Outgoing links

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kriu.lt Open in urlscan Pro
5.196.45.209 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

85 %
HTTPS

59 %
IPv6

14
Domains

19
Subdomains

18
IPs

4
Countries

2675 kB
Transfer

6639 kB
Size

14
Cookies

165 HTTP transactions
5 data transactions