xn--80atdza.xn--80adxhks Open in urlscan Pro Puny
класс.москва IDN
2606:4700:3030::ac43:cc03 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xn--80atdza.xn--80adxhks/
Effective URL:
https://xn--80atdza.xn--80adxhks/
Submission: On February 10 via manual (February 10th 2022, 6:33:53 pm UTC) from RU — Scanned from DE

Summary HTTP 168 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 25 domains to perform 168 HTTP transactions. The main IP is 2606:4700:3030::ac43:cc03, located in United States and belongs to CLOUDFLARENET, US. The main domain is xn--80atdza.xn--80adxhks.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time xn--80atdza.xn--80adxhks was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:303... 2606:4700:3030::ac43:cc03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	23.111.211.20 23.111.211.20	7979 (SERVERS-COM) (SERVERS-COM)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4 10	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
4	23.111.114.100 23.111.114.100	7979 (SERVERS-COM) (SERVERS-COM)
2	23.111.115.244 23.111.115.244	7979 (SERVERS-COM) (SERVERS-COM)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	94.100.180.54 94.100.180.54	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	217.20.155.208 217.20.155.208	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	93.186.225.208 93.186.225.208	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	23.111.119.12 23.111.119.12	7979 (SERVERS-COM) (SERVERS-COM)
1	23.111.115.236 23.111.115.236	7979 (SERVERS-COM) (SERVERS-COM)
4	176.9.54.148 176.9.54.148	24940 (HETZNER-AS) (HETZNER-AS)
10	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.247.75.254 34.247.75.254	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:3000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	35.161.241.67 35.161.241.67	16509 (AMAZON-02) (AMAZON-02)
1	80.64.106.149 80.64.106.149	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
168	37

7 2606:4700:3030::ac43:cc03 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xn--80atdza.xn--80adxhks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yandex.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.211.20 (Russian Federation)

ASN7979 (SERVERS-COM, US)

ru.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.114.100 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cdn.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.115.244 (Russian Federation)

ASN7979 (SERVERS-COM, US)

logs.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.100.180.54 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: connect.mail.ru

connect.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.155.208 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip208.155.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.119.12 (Russian Federation)

ASN7979 (SERVERS-COM, US)

pl.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.115.236 (Russian Federation)

ASN7979 (SERVERS-COM, US)

rtb-msk-2.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.9.54.148 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.54.9.176.clients.your-server.de

dsp-eu.surfy.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.216 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.75.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-75-254.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:3000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.161.241.67 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-241-67.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.149 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru

clientside-video-bidder.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	428 KB
26	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	183 KB
16	google.com 4 redirects cse.google.com — Cisco Umbrella Rank: 2229 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 59 clients1.google.com — Cisco Umbrella Rank: 379	169 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	143 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	165 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 671 static.adsafeprotected.com — Cisco Umbrella Rank: 502 dt.adsafeprotected.com — Cisco Umbrella Rank: 465	94 KB
10	viadata.store ru.viadata.store — Cisco Umbrella Rank: 210894 cdn.viadata.store — Cisco Umbrella Rank: 88963 logs.viadata.store — Cisco Umbrella Rank: 64308 pl.viadata.store — Cisco Umbrella Rank: 114678 rtb-msk-2.viadata.store — Cisco Umbrella Rank: 57226	834 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 407	324 KB
7	1 redirects function sub() { [native code] }.	54 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	189 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 28275	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	4 KB
4	surfy.tech dsp-eu.surfy.tech — Cisco Umbrella Rank: 231635	15 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2932	117 KB
3	yastatic.net yastatic.net — Cisco Umbrella Rank: 6444	42 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9027	914 B
1	rutarget.ru clientside-video-bidder.rutarget.ru — Cisco Umbrella Rank: 69237	702 B
1	vk.com vk.com — Cisco Umbrella Rank: 5435	479 B
1	facebook.com api.facebook.com — Cisco Umbrella Rank: 1065	613 B
1	ok.ru connect.ok.ru — Cisco Umbrella Rank: 21839	2 KB
1	mail.ru connect.mail.ru — Cisco Umbrella Rank: 55919	679 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	650 B
1	yandex.st yandex.st — Cisco Umbrella Rank: 50418	15 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2202	22 KB
168	25

	Domain	Requested by
24	tpc.googlesyndication.com	googleads.g.doubleclick.net xn--80atdza.xn--80adxhks tpc.googlesyndication.com pagead2.googlesyndication.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net xn--80atdza.xn--80adxhks
20	pagead2.googlesyndication.com	xn--80atdza.xn--80adxhks pagead2.googlesyndication.com googleads.g.doubleclick.net srcdoc tpc.googlesyndication.com www.googletagservices.com
12	s0.2mdn.net	xn--80atdza.xn--80adxhks s0.2mdn.net imasdk.googleapis.com googleads.g.doubleclick.net
10	www.gstatic.com	googleads.g.doubleclick.net
10	www.google.com	4 redirects cse.google.com www.google.com xn--80atdza.xn--80adxhks tpc.googlesyndication.com
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
7	xn--80atdza.xn--80adxhks	1 redirects xn--80atdza.xn--80adxhks
5	www.googletagservices.com	googleads.g.doubleclick.net xn--80atdza.xn--80adxhks
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects xn--80atdza.xn--80adxhks
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	dsp-eu.surfy.tech	xn--80atdza.xn--80adxhks dsp-eu.surfy.tech imasdk.googleapis.com
4	cdn.viadata.store	xn--80atdza.xn--80adxhks cdn.viadata.store
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
3	mc.yandex.ru	1 redirects xn--80atdza.xn--80adxhks yandex.st
3	yastatic.net	xn--80atdza.xn--80adxhks yandex.st
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	xn--80atdza.xn--80adxhks
2	imasdk.googleapis.com	dsp-eu.surfy.tech imasdk.googleapis.com
2	fw.adsafeprotected.com	1 redirects xn--80atdza.xn--80adxhks
2	adservice.google.de	pagead2.googlesyndication.com
2	logs.viadata.store	xn--80atdza.xn--80adxhks
2	ru.viadata.store	xn--80atdza.xn--80adxhks
2	cse.google.com	xn--80atdza.xn--80adxhks www.google.com
1	clientside-video-bidder.rutarget.ru	imasdk.googleapis.com
1	rtb-msk-2.viadata.store	xn--80atdza.xn--80adxhks
1	pl.viadata.store	xn--80atdza.xn--80adxhks
1	vk.com	yastatic.net
1	api.facebook.com	yastatic.net
1	connect.ok.ru	yastatic.net
1	connect.mail.ru	yastatic.net
1	clients1.google.com	xn--80atdza.xn--80adxhks
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	yandex.st	xn--80atdza.xn--80adxhks
1	stackpath.bootstrapcdn.com	xn--80atdza.xn--80adxhks
168	39

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
connect.ok.ru
connect.mail.ru
api.whatsapp.com
share.yandex.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.yastatic.net Yandex CA	`2022-01-22` - `2022-07-23`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.viadata.store Sectigo RSA Domain Validation Secure Server CA	`2021-11-26` - `2022-11-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.mail.ru GeoTrust RSA CA 2018	`2021-11-01` - `2022-12-02`	a year	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2021-02-18` - `2022-03-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
dsp-eu.surfy.tech R3	`2021-12-18` - `2022-03-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.rutarget.ru Thawte RSA CA 2018	`2021-05-17` - `2022-06-17`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://xn--80atdza.xn--80adxhks/
Frame ID: FB65E7E0399E1D10ADDE6923905AC968
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/zrt_lookup.html
Frame ID: F6FEA7580A440FF4C59127008691B818
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/share/ya-share-cnt.html?url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&services=yaru,vkontakte,facebook,twitter,odnoklassniki,moimir
Frame ID: D6A6026839AFC351F20A620E1801CFFD
Requests: 5 HTTP requests in this frame

Frame: https://cdn.viadata.store/js/player/220201.js
Frame ID: 0F38DDF0731D774D9CC446B5C3B0E9B5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1034694590&adf=854766408&pi=t.ma~as.5954569188&w=1200&fwrn=4&fwrnh=100&lmt=1644518026&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026687&bpp=10&bdt=246&idt=162&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&correlator=6400695363302&frm=20&pv=2&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WtunSubVXM&p=https%3A//xn--80atdza.xn--80adxhks&dtd=184
Frame ID: 89749EC6C067FA02BF0A0997D91C2487
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=600&slotname=5954569188&adk=357167731&adf=1621940880&pi=t.ma~as.5954569188&w=185&fwrn=4&fwrnh=100&lmt=1644518026&rafmt=1&psa=0&format=185x600&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026697&bpp=2&bdt=256&idt=276&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5bFOH2vpVC&p=https%3A//xn--80atdza.xn--80adxhks&dtd=287
Frame ID: 30AF68E87670379D4F1E579088E9F6A9
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315
Frame ID: 3BCD5C49F31E76099B73ED6F07847AAC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&adk=1812271804&adf=3025194257&lmt=1644518027&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026750&bpp=8&bdt=308&idt=281&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600%2C887x280&nras=1&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=288
Frame ID: A46D30482BBB1D22F2EEC4E6DDC1D3EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2BF7A18F6097B728EFCDF7EA8A8A45D0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4490FDBB0E5307FC11573CB254AF6D62
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1
Frame ID: B7113C3AE6D7859F151020BAFC746A8F
Requests: 1 HTTP requests in this frame

Frame: https://dsp-eu.surfy.tech/static/vpaid_1.0.js
Frame ID: 7C6760DB4F428020B108B09D5CD47A78
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYseW_vAEwAQ&v=APEucNUUSJVQ4fXb5lx8jA49nmdMkHbH_-Jsh0I1cdrMr3acJpRvUKOgsYUKrnzkqrOO-dbIUCjBviMmSxvW8-cLcwZfeTJ-pEB4N2DAACinyjtf-HXsotP3jTRSZnRSTmu5PEzXJfBIvDfCnIDBk1JcjnfwXGvriTknDSTXE69Nn2K5QRUQIao
Frame ID: 21057ABA483C905518AB07AA8CD9CFB3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5VS1ejjtrEx8cOzvqeLY4Feq0lvLsN7peO4ZYICIKp0AUrJGFE-R3BCM7Y2r2bRDBh8ePQ8sUT5rb3hFQYNReQqCXY_VDg7I9gCaoJCxruTC15yByRTJFM8tPzxAZTFFeXtilEr4UEgoJjxY27PBImToyaA&dbm_d=AKAmf-CIHOfmb2RGA1GcK-cqk2aEeyvCPXsv08TRyRGh1MLCnc8tCTFK7XGDzjvJfjSi6VxKVWnTXSbe9sShFNoC-CTW5aHU-Egf8uIecJk1Z6e0CHOmzmb2ZtBzs6O2dKi2y7wVlhiY6rQ0pTbKZ9wlW65jWpaxcCzxyJtCid2X-dYhBrkNJC0UDN48WBkargg51WJilm98f2QxxhqLyCDP1EO_CKhhHfw3bsZfnwedxBme2YB2pUJCtVavOrWo0NsmMpUMs3ThsFZ3LJQb2_jPhi67JZISLi0SrEsf4c6wHy1-_AQIuH1XRtpF413n9ES-WwAY3ESFVAfVeYwgm2ArdsMHeMN9Z_-OocYATmw1Qvf8Ct5NExRQROFg5yOs_UuP8iAtEXil5CxvbwzJhwuWlZRosYPznvAuI1i9LNUTgO-WyQ3RNui5PIt1brF8eiiiBKsTZKu236KXlSzE2SMsrwCEawx9DmuA1gkIEujepIHuU2DMymP6JLS80RcpsPqANxrs5UnJ4fR8AInxjEg9H_jhfdfoRrMzyDt66BLW1hDwoVhZ9AeGaxclgDr9dl7wBdW4V50Y_e5qDeZgqmGjSGtgr7yHuJafHqgNdFSVjIftV_xioqAo6GRcSEMqRwgN7Fm-jUKpd99EWx-EZXqGe5Gt7Kuab0Nm92zpg-7-NqsSHg7ShYGrSJKlWjVcbmnRUlD1LanNVGjy0tgaisrH3Yoh7LxwBKbLm7gmZlyd8tCxwzr3k5UkGfXYKnPWVV1KMLjlEAgBMowSw39puDrHl7_2c_h_uoS3KO6rbDOtX8UE2MjBwgxZIxiz_F_mjAkgJyT_zgp70dV4lQzhDJaRx-Ptt3qXxVQJFAkC4gEd2DpEjqY48B9446w8P8kcx9NVHLLv62CWVzl1Mc-RtvFqVxDzKz-gN2W2_169jZMpJMscO-n8CCUx12z-RZIchsTT8r359B6uasDQa2__V0dNJ3-cWjOlJqkspp1ySMy6Z9XXGgVyvYw7FI60CJTSEQQPRG5Xgru2kHNvOMiPv-UCkleRLXL1eHPQ71g2pmgCxM-v094BHajcv3L3n5PLg2qQhi-NoT63azt0AxnxEhlLhrMw5wRT6Mtf8-qcHhdS1GwSEvQo7fojm5DPBfljEQvtuqgDiCWCPcZa_bWQkI4koN9q4QCJC5GWHGvsgNiO1FyW2k1TAlqD9DrN8mvuN7kkV4iTYm313EJJJRgRtORez1fNB79tQg1rAtKYoQZXBTsNl_3zOUCMfTN49N9xGTz08Tfim7pM1H93nQaPt-GJ85B97dswwFzsiNBReZ_OFFJc3xUEg3dL44GSJOMiln66rl1DLLVFU1SlACB9OWoNJ1uobocJ_hTBuV1MzX3Ok_nY179NcxWNRLSXqtXa5eCs3EljfN8YTPU0115E5UcrdyYhtLj3PyRu_gBC5Iz_QTqv58F8VDZkJ2APCSHrQCYKI7UpxNJIMgL6q_ru6RT04B09ZcBqyrDO1nWCdWOuetKDKzpu8fvL2FbJPT_oUv1f8zGqT_KfTdCvNuMgsgX-y6bOKrmmIy5rWEpy3vmGWdTCrvb004xN0uZRHcT5vDk026mDr6L53BuuyCE6f-cG7CftzzAsxzjBF5uA9TSy6O4LLtUV6xkAFk72vWcy5y9wTEkf7QB8SpmpEru0YD3ILPKjDMA-ikXzj7at5nybebtwRAKBat0b2qcaPoS4PIkhYxwBkCmKUDzzBc4A0tzrxUKcvtxLLg3shbDOCNMqTcbT0Zlp7DdcWDCTwewQicyXC_etPXRdEv0Des6RCaLt2KxRybezqeSHI763BkfrqXhOUG1wQ6ZNmNo9ccAUDtqhVP4jPPRGx96TtitBh8bTsJhfV_06FeKN7Nsb-Mp470LAi4iadT-IyB4lsYokO_-vjIw8Q9VulTB0lJQgaONSKTdTpEljV0PV9bajsDYSmkWtub8pnfFUJg97_gJl5FQ0jFK8jDyOlja3_pS0zFbdmsnMnnrZdgakSO_D7p-YSO2jbNdtilB4wcUxHOcPKw7iaXULpIhskHKPrTkwAur9cUx5KXDR8dNWS4cz3TErnN2mcE31Vl2SUUjTgh4-f1nVTRPum1Z6NkEtkMxYe7PT-FLv-I_3WAvfsv6uDIULHgzoeSlBzew0CzHHCVvGvwvf0YKz6Rjk6fgmtfWrg8DZKa3ADBzt9gzYvYG2vlm0wfDvq5dNeJibc7Nqr6jaTyopKwp5yYci6y0WbufbcagutDzrzuNgz6vFJMViPuQYFXKRdTFOsxEICcrxbkFfmxP85U-YYaPAGlnBbLv_hZknm0-UaedfIgv7CQt5YQP3r1rTTPrexM0QYhfP5uKYZLD9ipBz0ETWM4yRpkpMFH9nmcXXsls4_xwxj8c57prTaGfWgoo_Si4J_xyfzxdNk6FdRA_dELWHGfxyKHCXiBlxPzSW3QNTT93V0-FcoFteFOo3HJ5OxFFK8Y-g0d_qCaW7jO8VX4djtn_ALgystxg8x0_f7nk9KkZhN9J2rMfPzf5oQQmBWyQqA3E2LN2CmF0i5_SfpFonhnoXvaRBaeVjLZEwEDiCFQw9mB2Y8hKlX7j43XMaIGp2CdAjbMCQBfU-LNN0ChAvweKGqvLCieP5vz3eiTgnRu-f-UyxoJmnyJLn1xhNml_-tozf4WvG6KX0kqVK2VLkixwAOJQdq22dxsGFRPoTqggXy2NLeNco4y7XGn15aihSZGEWPwblutPKhP0Hy9NJsJhM44rYVuDAByCG4O85kiAdolX2GXvMR-PRVeA66lrygpaOLlP-g0eh85OTIm-B60lA_m23GL7jx7UGtETzvH10mcYM_V-Kh90v8iHBliKHJP_QbyMA11qdwDj9Izb5SQ6mJ0n1yKg4PW_rckqQ8a5hHuS0YkDPClXYfXXgF5LTjmFobZsNdkt5_Nr5vPNPThRqgGTlSnYGwc1CQGmf3Kh1ziE8JhGgBA1tG8BKeHC6-hbVsaYoqT2Tn5jZvF_wUKVlvobEUKCWl7AmKwrBPw&cid=CAASBORopNE&rfl=2%2Chttps%253A%252F%252Fxn--80atdza.xn--80adxhks%252F%240
Frame ID: 3C2F3A65F099B0F7B53EE1DDA4A28FB6
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
Frame ID: 1C57312EEF1604EF1F45F6E16A13AE36
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 2F8ADE442E90C9A9756A54B52FEBD16C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D742C38DAA46112A94F70BD427857A22
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html
Frame ID: 151B8CDEE0057718F8D4181C5BB71940
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BA14C282284D4A1CD3D9304615D33C00
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6D489B9ED5188D1BC215686F38BD83F2
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: FE790FCA5C96B1B9F0B9F179031ECF6D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1478BE578B19935923E7590B5D01FDE7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
Frame ID: A392991D37FAD66B221F7182B71C2D3F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 821520F945C8F86978AAA33C1890B8BB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DD6684D7DB9D548D587848963A8FA15A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js
Frame ID: DDBE7EB81A1FA48DAE1CBA53286883D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9598EB0018D485955E0D8E4EC1F01B05
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C230E2C17025DBAC5F16F9AFCB645B8E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Класс - Учебники онлайнпоискпоиск

Page URL History Show full URLs

http://xn--80atdza.xn--80adxhks/ HTTP 301
https://xn--80atdza.xn--80adxhks/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

168
Requests

95 %
HTTPS

53 %
IPv6

25
Domains

39
Subdomains

37
IPs

5
Countries

2803 kB
Transfer

6696 kB
Size

25
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/share.php?url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&title=%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=sp&u=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&title=%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&utm_source=share2
Title: Facebook

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&title=%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://connect.mail.ru/share?url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&title=%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&utm_source=share2
Title: Мой Мир

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&utm_source=share2
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://share.yandex.net/go.xml?service=vkontakte&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&title=%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD
Title: 0

Search URL Search Domain Scan URL

URL: https://share.yandex.net/go.xml?service=facebook&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&title=%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD

Search URL Search Domain Scan URL

URL: https://share.yandex.net/go.xml?service=twitter&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&title=%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD

Search URL Search Domain Scan URL

URL: https://share.yandex.net/go.xml?service=odnoklassniki&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&title=%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD
Title: 6

Search URL Search Domain Scan URL

URL: https://share.yandex.net/go.xml?service=moimir&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&title=%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD
Title: 0

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xn--80atdza.xn--80adxhks/ HTTP 301
https://xn--80atdza.xn--80adxhks/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9545.YTI72_smFxoLBqrMaPCbxmuZSVuvuMd8LwgEYcYv3H5-crHtQHTuPSgFNImhZE-B.BYvuHJVPSG6Mpntz-hIwZsd3Hlg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9545.yG3CPWaUxCgW2AAytGcwdrRFoZggp7WdEl9at8O3acVXMyZgFiI4OeocC3akjI_Do-uuyU6uvf6H20qjsIVOCg%2C%2C.3qoF63Y7AV30nV1OO_VLugppOy8%2C

Request Chain 58

https://mc.yandex.com/watch/50468692?wmode=7&page-url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A852561575862%3Ahid%3A537946381%3Az%3A0%3Ai%3A20220210183347%3Aet%3A1644518027%3Ac%3A1%3Arn%3A618398540%3Arqn%3A1%3Au%3A1644518027668681926%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644518025889%3Ads%3A0%2C24%2C301%2C1%2C222%2C0%2C%2C296%2C22%2C%2C%2C%2C853%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644518027%3At%3A%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/50468692/1?wmode=7&page-url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A852561575862%3Ahid%3A537946381%3Az%3A0%3Ai%3A20220210183347%3Aet%3A1644518027%3Ac%3A1%3Arn%3A618398540%3Arqn%3A1%3Au%3A1644518027668681926%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644518025889%3Ads%3A0%2C24%2C301%2C1%2C222%2C0%2C%2C296%2C22%2C%2C%2C%2C853%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644518027%3At%3A%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECriQwDEhRioFgzPY8O5DEY&google_cver=1

Request Chain 104

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgVai76g8pUJuy3Vc8u-kwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECriQwDEhRioFgzPY8O5DEY&google_cver=1

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBSXPWmt0O_tLuDZ2stPF1Y&google_cver=1

Request Chain 106

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc5NjExMjUxNjk0Nzg3MzA5Ng%3D%3D

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 146

https://fw.adsafeprotected.com/rfw/st/892152/58815466/4.js?ias_dspID=3&ias_campId=25576184&ias_pubId=pub-4697968187948142&ias_chanId=1&ias_placementId=15522180233&bidurl=https://xn--80atdza.xn--80adxhks/&ias_dealId=&adContainerId=brand_safety_i1oFYsSkMrbX7_UP_ZSosAk&cbFunctionName=goog_wrapCb_i1oFYsSkMrbX7_UP_ZSosAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fxn--80atdza.xn--80adxhks&adsafe_type=g&adsafe_url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220208%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220208%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-4697968187948142%26fa%3D1%26ifi%3D6%26uci%3Da!6%26btvi%3D1%26xpc%3DUfkN6ZpDBx%26p%3Dhttps%253A%2F%2Fxn--80atdza.xn--80adxhks&adsafe_type=b&adsafe_jsinfo=,id:75224e95-4cc7-f63d-ef3d-8a311024a535,c:3QpqAi,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-647549dd66-9wc7r,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:4,fm:sX423m2+11%7C12%7C13%7C141%7C142%7C151%7C161%7C17%7C1811%7C1812%7C191*.892152-58815466%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c,idMap:191*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:25,oid:fc684e2f-8a9f-11ec-9176-224234765a2e,v:19.8.284,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 157

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

168 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xn--80atdza.xn--80adxhks/
Redirect Chain

http://xn--80atdza.xn--80adxhks/
https://xn--80atdza.xn--80adxhks/

20 KB
5 KB

326ms
302ms

Document
text/html

2606:4700:3030::ac43:cc03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 9086115520bf5abcb71b5aaf0345f0fccd7df5b6dfd72202f73bfdd869dade69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.3.3
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoQURIYLkZKygnhNM1gi31M4sLQwGNhGQ%2Bu6zee2iYmwkd2%2F7kamH3wXEu4%2BP82mu7KnCpZPPMkoardihM0z9WXYGWnmNHgaSva88Y%2B60bXBgg8JPxfEZl4ulC19VlxvoFQD6p2jeP%2BKZEnbg7pcxjDRCbMJKzI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6db76d7f5f1c927f-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Thu, 10 Feb 2022 18:33:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 10 Feb 2022 19:33:45 GMT
Location: https://xn--80atdza.xn--80adxhks/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osHWwxuADRbrT%2BvJqvmOXt%2BJPF162DwO28H9po0hjOuABxkNMvLjs31kJM7UcXDbq6c3IIv1%2BDWJg8E8jJkIwxeuFjEcmWPKvpMFjZPx7OztTStgB%2BLWMaZUHlBeKoIsIN%2B9hg%2B9erjN%2BQkdwsm0uEPxwBs8R1M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6db76d7e4b565b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gdz.css
xn--80atdza.xn--80adxhks/ 91 KB
15 KB 21ms
20ms Stylesheet
text/css 2606:4700:3030::ac43:cc03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atdza.xn--80adxhks/gdz.css?v=1.5111
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3513dd5778810912aa330656e0b29032f29b5c8a1553772a8483951a38bfd3f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Feb 2022 17:33:34 GMT
server: cloudflare
age: 3496
etag: W/"62054c6e-16b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPbmHPXR0V0p1HPMxMAcPz0RZz%2BlPEKw7YZKSuOpFWxag%2FJI34wc6eYkp8dj%2Fx6uuOZhisiTFZ9yR4%2BkfiuH5%2BdzVlXRPZAUn12%2Bxj08LYUDIaI%2B15w6PgP6l3mqlOP%2Bod1PU0DjSPKhwCUEvHpx8oG7BMdzKZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db76d817dde927f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 62ms
35ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 1420718
cdn-cachedat: 2021-04-13 02:47:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 79d450447cbfffe65554c7e3d9bd051a
cf-ray: 6db76d81ade7901c-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 got.js Show response
xn--80atdza.xn--80adxhks/ 459 B
648 B 18ms
18ms Script
application/javascript 2606:4700:3030::ac43:cc03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atdza.xn--80adxhks/got.js
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bac599442fb930ea8a875bfd7e9167399eeb92af1ed763c158ed11464492a01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Jan 2020 23:38:00 GMT
server: cloudflare
age: 208
etag: W/"5e278b58-1cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XLgNSn%2FnlLC17Ihpf48SzJYOWPCKoE%2F0X%2B4rMQVX07oMSG5zJ%2BZImToBjqutRPO6lChHwguIYjnACmHHlrOrqfzcPmlLYDSnsEIS2%2BrLyZWvAoUMlS%2BmkJobuum8n%2BIWZJeV1Q72p6cx7gD1ZrQgDAXoE6mHbc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db76d817de2927f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 es5-shims.min.js Show response
yastatic.net/es5-shims/0.0.2/ 3 KB
2 KB 120ms
36ms Script
application/x-javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/es5-shims/0.0.2/es5-shims.min.js

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: br
last-modified: Thu, 25 Oct 2018 11:27:00 GMT
server: nginx/1.17.9
etag: W/"32e3b4f3a8f6048da9934fec1ca08cea"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
expires: Sun, 13 Feb 2022 06:31:02 GMT
cache-control: public, max-age=216013
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 88ba0027ff7d94a7

GET
H2 200 share.js Show response
yastatic.net/share2/ 144 KB
39 KB 146ms
64ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 24 May 2021 12:18:35 GMT
server: nginx/1.17.9
etag: W/"bcd00e6750a3b5b8b79248b4c2e87b60"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
timing-allow-origin: *
expires: Sun, 13 Feb 2022 06:29:06 GMT

GET
H2 200 email-decode.min.js Show response
xn--80atdza.xn--80adxhks/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3030::ac43:cc03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--80atdza.xn--80adxhks/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:cc03 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Feb 2022 10:49:21 GMT
server: cloudflare
etag: W/"62024ab1-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ig3rLvXNw%2B4QM%2B1bKhoKzCJRWE52tdVL%2Fgr5mWIYjLUoEaYs5qNJ77NMLljBj%2BFopb54R22jfib0oEsPT2BzYZjrCBuZvBEcu4drBeXI6jXlsNVwmXdNc%2BdlDN6eMFlrFYpfhSSOhMtAiYd5m0tsO7e9Frj100s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db76d818dec927f-FRA
vary: Accept-Encoding
expires: Sat, 12 Feb 2022 18:33:46 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 103ms
49ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-4697968187948142:1586280461

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

a4f85f02f96fe4e29cbed04fcf4e7786e2303ae89b4e6d2f69bcfe3d8c49fe92

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3547
x-xss-protection: 0
server: gws
expires: Thu, 10 Feb 2022 18:33:46 GMT

GET
H2 200 share.js Show response
yandex.st/share/ 53 KB
15 KB 118ms
37ms Script
application/x-javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.st/share/share.js

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

944979b576ee52348d5c63d35f566c11df26f70ed15d2ceba61180662a49b114

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: br
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
server: nginx/1.17.9
etag: W/"db7132f94e4730c128b638f72b46c899"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
expires: Sun, 13 Feb 2022 06:32:35 GMT
cache-control: public, max-age=216013
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: ed997b4ef5270b0b

GET
H2 200 jquery.min.js Show response
xn--80atdza.xn--80adxhks/ 84 KB
31 KB 31ms
30ms Script
application/javascript 2606:4700:3030::ac43:cc03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atdza.xn--80adxhks/jquery.min.js
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Feb 2019 18:06:43 GMT
server: cloudflare
age: 208
etag: W/"5c6ee8b3-14e4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2Cs7BkRHp9yFlYrKITfi%2FUeqVqseorvlF6VkhQeBBb0qzl6Dr9bDU3PkpkAppGdngUvAgrf03CE2F2JBxg0xAvVG%2FxJrSQyKx9OFy4R3vDdgghjTAImD54vuIDdiPMB6WAC465ZJmLFeEik5Z8MY2jozFhkUJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db76d818dfe927f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mylook.js Show response
xn--80atdza.xn--80adxhks/ 2 KB
1 KB 20ms
19ms Script
application/javascript 2606:4700:3030::ac43:cc03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atdza.xn--80adxhks/mylook.js?v=2
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 263bf806ffab05e6afa9767d16d91b3e802e508e87fd6653df07dc3b0239ae7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Sep 2018 14:04:02 GMT
server: cloudflare
age: 1089
etag: W/"5ba8eed2-84c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbPXuNskomVHiH7nhmxTZjsKwQo3EM2NkzTZYHAvRsDUNI7VdUG33Zmjrpc5RBotDCMajKYYe5K%2BNxDUTnA3xfmIjCkKCXFPND7Zwy07hC5mFoyhQATfkt8P39kSM73kmiOqgVjgK3S9dMHj9fJ9%2Fee15nK5Z9I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db76d818e03927f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 load.js Show response
ru.viadata.store/tag/ 6 KB
4 KB 199ms
49ms Script
application/javascript 23.111.211.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.viadata.store/tag/load.js?sid=101751
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: 9ddc933a0da8e4ef10e235c114a6391820c5068c2c0a3ec4b0b81edba7363338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:46 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server: nginx/1.19.5
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 84ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/got.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9146b51423f6bf1c35da34b538b3ab146c47053baa8ce83c7849d3b3b6c4ee94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53999
x-xss-protection: 0
server: cafe
etag: 6929580728446160643
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 18:33:46 GMT

GET
H2 200 cse_element__ru.js Show response
www.google.com/cse/static/element/ff97a008b4153450/ 304 KB
100 KB 124ms
9ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/ff97a008b4153450/cse_element__ru.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-4697968187948142:1586280461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24a8d0334c4e95b7516a53cd7c2ae6b5dd4bcfaa706729f4ea7ce0d75a89c093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:51:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102609
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 15:35:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 09 Feb 2023 22:51:04 GMT

GET
H2 200 default+ru.css
www.google.com/cse/static/element/ff97a008b4153450/ 41 KB
9 KB 123ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/ff97a008b4153450/default+ru.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-4697968187948142:1586280461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 23:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 15:35:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 04 Feb 2023 23:07:31 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 122ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-4697968187948142:1586280461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 10 Feb 2022 18:58:28 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/ 290 KB
104 KB 54ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4697968187948142&plah=xn--80atdza.xn--80adxhks&bust=31064806

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08ba166d2eec842cb8dd67412d5bdb3c7fc397b85f3cbe18228b64b82284a525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106757
x-xss-protection: 0
server: cafe
etag: 2570914436930632720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 18:33:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/ Frame F6FE 10 KB
5 KB 43ms
15ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Wed, 09 Feb 2022 21:54:54 GMT
expires: Wed, 23 Feb 2022 21:54:54 GMT
cache-control: public, max-age=1209600
age: 74332
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 198 KB
68 KB 150ms
70ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: br
last-modified: Wed, 09 Feb 2022 12:47:03 GMT
etag: "62038d97-10e38"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69176
expires: Thu, 10 Feb 2022 19:33:46 GMT

GET
H2 200 hls.js Show response
cdn.viadata.store/static/js/ 235 KB
71 KB 235ms
109ms Script
application/javascript 23.111.114.100
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/static/js/hls.js
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.114.100 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: gzip
last-modified: Fri, 17 Dec 2021 09:07:16 GMT
server: nginx
etag: W/"61bc5344-3ab3e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 code.js Show response
ru.viadata.store/tag/ 30 KB
15 KB 48ms
47ms Script
application/javascript 23.111.211.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.viadata.store/tag/code.js
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: 1f3ee1a86e9ed001f71081031e7c31614f88de569e3cf2839674469d9a29e44e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
cache-control: public
content-type: application/javascript; charset=utf-8
server: nginx/1.19.5
content-encoding: br
vary: Accept-Encoding
expires: Fri, 11 Feb 2022 18:33:46 GMT

GET
H2 200 site
logs.viadata.store/req/ 43 B
297 B 164ms
51ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/req/site?sid=101751&cid=0&uid=ca60ce98-d09b-47a8-8765-ed747bba7fa6&event=playerLoaded&cb=1644518026741

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Feb 2022 18:33:46 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
DATA 200
OK truncated
/ 799 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ya-share-cnt.html Show response
yastatic.net/share/ Frame D6A6 3 KB
2 KB 32ms
32ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share/ya-share-cnt.html?url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&services=yaru,vkontakte,facebook,twitter,odnoklassniki,moimir

Requested by

Host: yandex.st
URL: https://yandex.st/share/share.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7e29b8fa68a48c0fa32321c441c867176c5403716f3c7cf7e542b668c218cac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/

Response headers

server: nginx/1.17.9
date: Thu, 10 Feb 2022 18:33:46 GMT
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=216009
content-encoding: br
etag: W/"b4410f26aa4a1448071c7f97e2a81e4c"
expires: Sun, 13 Feb 2022 06:33:47 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 626b5292b9cfe2a9

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 137 KB
49 KB 185ms
136ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.st
URL: https://yandex.st/share/share.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: br
last-modified: Wed, 09 Feb 2022 12:47:03 GMT
etag: "62038d97-c1c4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 49604
expires: Thu, 10 Feb 2022 19:33:46 GMT

GET
H2 200 220201.js Show response
cdn.viadata.store/js/player/ Frame 0F38 181 KB
75 KB 220ms
176ms Script
application/javascript 23.111.114.100
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/js/player/220201.js
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.114.100 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 529846e2b4a7382ba84cff285b830c33af65f641bfc0aba46a70dd1051137d8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 12:51:33 GMT
server: nginx
etag: W/"61f92cd5-2d259"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 228 B
650 B 107ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xn--80atdza.xn--80adxhks&callback=_gfp_s_&client=ca-pub-4697968187948142

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4697968187948142&plah=xn--80atdza.xn--80adxhks&bust=31064806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

db07ce2b06fd48e3d0b7c08733cb374e058f5c4d42e9e4803023757ff559eb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 53ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--80atdza.xn--80adxhks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 73ms
37ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--80atdza.xn--80adxhks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8974 89 KB
32 KB 664ms
638ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1034694590&adf=854766408&pi=t.ma~as.5954569188&w=1200&fwrn=4&fwrnh=100&lmt=1644518026&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026687&bpp=10&bdt=246&idt=162&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&correlator=6400695363302&frm=20&pv=2&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WtunSubVXM&p=https%3A//xn--80atdza.xn--80adxhks&dtd=184

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682bad20ad4d863be144d1d29306c4422b19f95dce71ae99419a276301acf4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Feb 2022 18:33:47 GMT
server: cafe
content-length: 32384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 18:33:47 GMT
cache-control: private

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 137 KB
50 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/ff97a008b4153450/cse_element__ru.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

496e107ebf9378b255f3cd59188764b070c3f66848e388e3c4d2dd1775d7705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "12172901055827856666"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Thu, 10 Feb 2022 18:33:46 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 42ms
9ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/ff97a008b4153450/default+ru.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/ff97a008b4153450/default+ru.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:04:14 GMT
x-content-type-options: nosniff
age: 178172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 08 Feb 2023 17:04:14 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/ru/ 1 KB
1 KB 25ms
8ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ru/branding.png

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:53:05 GMT
x-content-type-options: nosniff
age: 261641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1377
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 07 Feb 2023 17:53:05 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
178 B 49ms
10ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 30AF 70 KB
22 KB 1011ms
1011ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=600&slotname=5954569188&adk=357167731&adf=1621940880&pi=t.ma~as.5954569188&w=185&fwrn=4&fwrnh=100&lmt=1644518026&rafmt=1&psa=0&format=185x600&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026697&bpp=2&bdt=256&idt=276&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5bFOH2vpVC&p=https%3A//xn--80atdza.xn--80adxhks&dtd=287

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

346eef9c1f17d6c82daf00001498a47e40fbc504120a5f70edb6870dfb6a5dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Feb 2022 18:33:47 GMT
server: cafe
content-length: 22124
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 18:33:47 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BCD 90 KB
32 KB 901ms
900ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

368cd39aa84964bc66c8a6cb2e4212136ef6896dc5ccf35f01e1922ab9f9a930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Feb 2022 18:33:47 GMT
server: cafe
content-length: 32691
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 18:33:47 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A46D 172 KB
48 KB 486ms
482ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&adk=1812271804&adf=3025194257&lmt=1644518027&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026750&bpp=8&bdt=308&idt=281&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600%2C887x280&nras=1&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=288

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7a1defd1b0ce8107976819de175d5548e093a5376a077074aaebdba0f2d41a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Feb 2022 18:33:47 GMT
server: cafe
content-length: 49232
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 18:33:47 GMT
cache-control: private

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9545.YTI72_smFxoLBqrMaPCbxmuZSVuvuMd8LwgEYcYv3H5-crHtQHTuPSgFNImhZE-B.BYvuHJVPSG6Mpntz-hIwZsd3Hlg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9545.yG3CPWaUxCgW2AAytGcwdrRFoZggp7WdEl9at8O3acVXMyZgFiI4OeocC3akjI_Do-uuyU6uvf6H20qjsIVOCg%2C%2C.3qoF63Y7AV30nV1OO_VLugppOy8%2C

75 B
75 B

35ms
35ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9545.yG3CPWaUxCgW2AAytGcwdrRFoZggp7WdEl9at8O3acVXMyZgFiI4OeocC3akjI_Do-uuyU6uvf6H20qjsIVOCg%2C%2C.3qoF63Y7AV30nV1OO_VLugppOy8%2C

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9545.yG3CPWaUxCgW2AAytGcwdrRFoZggp7WdEl9at8O3acVXMyZgFiI4OeocC3akjI_Do-uuyU6uvf6H20qjsIVOCg%2C%2C.3qoF63Y7AV30nV1OO_VLugppOy8%2C
date: Thu, 10 Feb 2022 18:33:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame D6A6 92 B
679 B 416ms
49ms Script
text/javascript 94.100.180.54
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=services.moimir.cb&callback=1&url_list=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/share/ya-share-cnt.html?url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&services=yaru,vkontakte,facebook,twitter,odnoklassniki,moimir

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.54 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

069e1b3db9634db381c1588ee4c759a1e07fdab5145b251f2b9265844bbec1a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 18:33:47 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 92
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 dk Show response
connect.ok.ru/ Frame D6A6 25 B
2 KB 199ms
49ms Script
application/javascript 217.20.155.208
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklocs0&ref=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/share/ya-share-cnt.html?url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&services=yaru,vkontakte,facebook,twitter,odnoklassniki,moimir

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip208.155.odnoklassniki.ru

Software

apache /

Resource Hash

50bf025801375d65be7fd30144568a4b5cf491c1bb8398e7d05b6c24abb243e9

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adsafeprotected.com .serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com; worker-src blob: 'self'; connect-src wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fql.query Show response
api.facebook.com/method/ Frame D6A6 402 B
613 B 88ms
50ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/fql.query?query=select%20%20like_count%2C%20total_count%2C%20share_count%2C%20click_count%20from%20link_stat%20where%20url=%22https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F%22&format=json&callback=services.facebook.cb

Requested by

Host: yastatic.net
URL: https://yastatic.net/share/ya-share-cnt.html?url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&services=yaru,vkontakte,facebook,twitter,odnoklassniki,moimir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b980dd1986952837bbe250edffdf5e626cf9d01e6ad74e5823fa4caaff8ac6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: VUvVdz6ROJjVqMkpTVRJjK01xUYx88j+mKIO3bON1U/D6JG/Y66zSlfJOmyaWEn1AZX8+e+9voeuZF6oWdDJnA==
content-encoding: br
vary: Accept-Encoding
x-fb-trace-id: CdTH4Z8WqNu
date: Thu, 10 Feb 2022 18:33:47 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: ArJUd4rRhagPrttObyQClMl
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rev: 1005052201
facebook-api-version: v6.0
content-length: 250
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 share.php Show response
vk.com/ Frame D6A6 21 B
479 B 196ms
52ms Script
text/html 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&index=0&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/share/ya-share-cnt.html?url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&services=yaru,vkontakte,facebook,twitter,odnoklassniki,moimir

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.110150

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
content-encoding: gzip
x-frontend: front605105
server: kittenx
x-powered-by: KPHP/7.4.110150
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 35ms
34ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
last-modified: Wed, 09 Feb 2022 12:47:03 GMT
etag: "62038d97-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 10 Feb 2022 19:33:47 GMT

GET
H2 200 5_education_eng.m3u8 Show response
cdn.viadata.store/media/ 1 KB
2 KB 134ms
44ms XHR
application/vnd.apple.mpegurl 23.111.114.100
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/media/5_education_eng.m3u8
Requested by: Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.114.100 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: ed173a7a538a5d0d19ef3c00e79d79840009cbe24244ab62c4c770af3b471b60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
last-modified: Fri, 17 Dec 2021 09:07:30 GMT
server: nginx
etag: "61bc5352-520"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1312

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 371 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
pl.viadata.store/export/101751/ Frame 0F38 1 KB
920 B 196ms
49ms XHR
application/json 23.111.119.12
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl.viadata.store/export/101751/?secured=1&language=en&page_url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&pub_sid=101751&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=xn--80atdza.xn--80adxhks&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=27199&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=1&cb=1644518027269
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.119.12 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e42f4720bc358e05bba3b0fe8e272e91052b099a8174810200100fc58e6239c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
content-encoding: br
server: nginx/1.19.5
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xn--80atdza.xn--80adxhks
access-control-allow-credentials: true
access-control-allow-headers: sentry-trace

GET
H2

200

1 Show response
mc.yandex.com/watch/50468692/
Redirect Chain

https://mc.yandex.com/watch/50468692?wmode=7&page-url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A664%3Afu%3A0%3Aen%3Au...
https://mc.yandex.com/watch/50468692/1?wmode=7&page-url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A664%3Afu%3A0%3Aen%3...

331 B
413 B

37ms
36ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/50468692/1?wmode=7&page-url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A852561575862%3Ahid%3A537946381%3Az%3A0%3Ai%3A20220210183347%3Aet%3A1644518027%3Ac%3A1%3Arn%3A618398540%3Arqn%3A1%3Au%3A1644518027668681926%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644518025889%3Ads%3A0%2C24%2C301%2C1%2C222%2C0%2C%2C296%2C22%2C%2C%2C%2C853%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644518027%3At%3A%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7e734450f98b953ff075026ecf6a583fbf911cfd533db5793872fb45abe9d67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 10-Feb-2022 18:33:47 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xn--80atdza.xn--80adxhks
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Thu, 10-Feb-2022 18:33:47 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:47 GMT
last-modified: Thu, 10-Feb-2022 18:33:47 GMT
location: /watch/50468692/1?wmode=7&page-url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A664%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A852561575862%3Ahid%3A537946381%3Az%3A0%3Ai%3A20220210183347%3Aet%3A1644518027%3Ac%3A1%3Arn%3A618398540%3Arqn%3A1%3Au%3A1644518027668681926%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644518025889%3Ads%3A0%2C24%2C301%2C1%2C222%2C0%2C%2C296%2C22%2C%2C%2C%2C853%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644518027%3At%3A%D0%9A%D0%BB%D0%B0%D1%81%D1%81%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://xn--80atdza.xn--80adxhks
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 10-Feb-2022 18:33:47 GMT

GET
H2 200 5_education_eng000.ts Show response
cdn.viadata.store/media/ 665 KB
666 KB 136ms
136ms XHR
video/mp2t 23.111.114.100
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/media/5_education_eng000.ts
Requested by: Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.114.100 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e6cb6529d03ee94de5c8aeb347847ee9c997db1d233531a1d21d40990e72c4ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
last-modified: Fri, 17 Dec 2021 09:07:28 GMT
server: nginx
etag: "61bc5350-a64a4"
access-control-allow-methods: GET, POST, OPTIONS
content-type: video/mp2t
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 681124

GET
BLOB 200
OK a7c863f3-69f1-43a6-8760-0cb093c42d89
https://xn--80atdza.xn--80adxhks/ 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xn--80atdza.xn--80adxhks/a7c863f3-69f1-43a6-8760-0cb093c42d89
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d825cf02f25f38879ac6f09a7eccf1a2b7c6322b50b742d469c8f83976ba5f97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 62028
Content-Type: text/javascript

GET
H2 200 cs Show response
rtb-msk-2.viadata.store/vast/ Frame 0F38 71 B
430 B 147ms
48ms XHR
application/xml 23.111.115.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb-msk-2.viadata.store/vast/cs?zone=101751&w=432&h=243&site=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&vp=2&cbb=4518027470

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
age: 0
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://xn--80atdza.xn--80adxhks
cache-control: no-store
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type, Accept

GET
H2 200 vast-container Show response
dsp-eu.surfy.tech/bid/ Frame 0F38 874 B
1 KB 67ms
12ms XHR
application/xml 176.9.54.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-eu.surfy.tech/bid/vast-container?ssp=136&s1=101751&cbb=4518027472

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

176.9.54.148 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.148.54.9.176.clients.your-server.de

Software

Resource Hash

5b0c382f2df224cfd0d125df84b4201a27589778bf99c75cb7780917078b98dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://xn--80atdza.xn--80adxhks
date: Thu, 10 Feb 2022 18:33:47 GMT
access-control-allow-credentials: true
content-length: 874
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/xml

GET
H2 200 dsp
logs.viadata.store/event/ Frame 0F38 43 B
296 B 48ms
48ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=101751&event=rtb&event2=request&cb=1644518027473&tids=1205,9421

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Feb 2022 18:33:47 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 aaf44123f57f1327f74f8049c476dded.js Show response
www.gstatic.com/mysidia/ Frame 8974 8 KB
4 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/aaf44123f57f1327f74f8049c476dded.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1034694590&adf=854766408&pi=t.ma~as.5954569188&w=1200&fwrn=4&fwrnh=100&lmt=1644518026&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026687&bpp=10&bdt=246&idt=162&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&correlator=6400695363302&frm=20&pv=2&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WtunSubVXM&p=https%3A//xn--80atdza.xn--80adxhks&dtd=184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1ffc9ca7657f3d655db7b79eb1e7316e4d23aab2df01606d8ce022385e4b985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3501
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 14:21:09 GMT

GET
H2 200 e82dac7c873a7565e42e18fecf44738d.js Show response
www.gstatic.com/mysidia/ Frame 8974 8 KB
4 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e82dac7c873a7565e42e18fecf44738d.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd489807d2ec8d68c7101b8756a08658eebffbfa800d7c1fa9322ecd8fab0910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 14:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3509
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 May 2022 14:50:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8974 8 KB
1 KB 55ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 17:40:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 18:33:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 18:33:47 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 8974 1 KB
955 B 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:21:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 8974 19 KB
8 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 572
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:24:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 8974 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:31:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8974 124 KB
38 KB 55ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 18:33:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 8974 15 KB
7 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:29:27 GMT

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 8974 27 KB
11 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 14:21:09 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/ 150 KB
53 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/reactive_library_fy2019.js?bust=31064806

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bc74eab328fba1cb362818376fa2a652990aa8b589bc2757ed2bc5e95dec300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54646
x-xss-protection: 0
server: cafe
etag: 5396911621308697499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 18:33:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8974 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cbj5RiloFYrapOPWBmwen-a-gCt7N4s9n_Nrw1rEOkvfk4o4OEAEgu_iZC2CVgoCArAegAe-A4_4DyAEBqQJo57JfFyazPqgDAcgDywSqBNoBT9DzHGFC_8voh0Fcb4kGC08CIZHI70Zd6saxwbmmjMLa_eg7WjzpgaxC0KWUrrpWCEoshsgUm49et6cLah2K9ldVkIflKkyXlrnqEKArqFKv57b30uGx0fqXInSKySRiIlnqZiVjJU9RrJvAYLalp8OYw3NL8jJO3eGWbvneP6UFkuW65-zv9PwplJlkCJnyD2u3_xNn6E_pBosM_SyqKDHVUC3ixZjLP-e0VuM8NdD-6BznMhCjh87lZbxeqqARFDlu1f0vXnTlegL8UrIltO4rKSq6nPTUMsbABLei0anjA5IFBAgEGAGSBQQIBRgEgAf5_pwBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQmeUJ0ggJCIDhgBAQARgfgAoByAsB2BMNiBQF0BUBmBYBgBcBshccChoIABIUcHViLTQ2OTc5NjgxODc5NDgxNDIYAA&sigh=xIaCy4mkp9M&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1034694590&adf=854766408&pi=t.ma~as.5954569188&w=1200&fwrn=4&fwrnh=100&lmt=1644518026&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026687&bpp=10&bdt=246&idt=162&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&correlator=6400695363302&frm=20&pv=2&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WtunSubVXM&p=https%3A//xn--80atdza.xn--80adxhks&dtd=184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Feb 2022 18:33:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Feb 2022 18:33:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2BF7 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1034694590&adf=854766408&pi=t.ma~as.5954569188&w=1200&fwrn=4&fwrnh=100&lmt=1644518026&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026687&bpp=10&bdt=246&idt=162&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&correlator=6400695363302&frm=20&pv=2&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WtunSubVXM&p=https%3A//xn--80atdza.xn--80adxhks&dtd=184

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 10 Feb 2022 18:04:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 35ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--80atdza.xn--80adxhks

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 18:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--80atdza.xn--80adxhks

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 18:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/ Frame 4490 10 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 10 Feb 2022 04:17:51 GMT
expires: Thu, 24 Feb 2022 04:17:51 GMT
cache-control: public, max-age=1209600
age: 51356
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/ Frame B711 10 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 10 Feb 2022 04:17:51 GMT
expires: Thu, 24 Feb 2022 04:17:51 GMT
cache-control: public, max-age=1209600
age: 51356
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8974 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 653bf99bf98b81c92da9089f6faf3d4cbaf34c66af188145a46d9911a0d91f37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 8974 28 KB
28 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:14:29 GMT
x-content-type-options: nosniff
age: 173958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 18:14:29 GMT

GET
H2 200 vpaid_1.0.js Show response
dsp-eu.surfy.tech/static/ Frame 7C67 11 KB
11 KB 16ms
15ms Script
text/javascript 176.9.54.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-eu.surfy.tech/static/vpaid_1.0.js

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

176.9.54.148 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.148.54.9.176.clients.your-server.de

Software

Resource Hash

778a4bb659785899aadda3acc6c210ba6f583a2a3b94ac36243e324837c47520

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
last-modified: Sun, 05 Dec 2021 16:32:49 GMT
accept-ranges: bytes
content-length: 11295
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/javascript; charset=utf-8

GET
H3 200 css2
fonts.googleapis.com/ Frame 4490 4 KB
634 B 33ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 17:34:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 18:33:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 18:33:47 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4490 205 B
229 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:47:09 GMT
x-content-type-options: nosniff
age: 81998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Feb 2023 19:47:09 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4490 604 B
628 B 8ms
8ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:45:19 GMT
x-content-type-options: nosniff
age: 82108
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Feb 2023 19:45:19 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/ Frame 4490 19 KB
8 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8079
x-xss-protection: 0
server: cafe
etag: 5902764951541284931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 17:39:43 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2105 624 B
297 B 22ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYseW_vAEwAQ&v=APEucNUUSJVQ4fXb5lx8jA49nmdMkHbH_-Jsh0I1cdrMr3acJpRvUKOgsYUKrnzkqrOO-dbIUCjBviMmSxvW8-cLcwZfeTJ-pEB4N2DAACinyjtf-HXsotP3jTRSZnRSTmu5PEzXJfBIvDfCnIDBk1JcjnfwXGvriTknDSTXE69Nn2K5QRUQIao

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 10 Feb 2022 18:33:47 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3C2F 86 KB
34 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5VS1ejjtrEx8cOzvqeLY4Feq0lvLsN7peO4ZYICIKp0AUrJGFE-R3BCM7Y2r2bRDBh8ePQ8sUT5rb3hFQYNReQqCXY_VDg7I9gCaoJCxruTC15yByRTJFM8tPzxAZTFFeXtilEr4UEgoJjxY27PBImToyaA&dbm_d=AKAmf-CIHOfmb2RGA1GcK-cqk2aEeyvCPXsv08TRyRGh1MLCnc8tCTFK7XGDzjvJfjSi6VxKVWnTXSbe9sShFNoC-CTW5aHU-Egf8uIecJk1Z6e0CHOmzmb2ZtBzs6O2dKi2y7wVlhiY6rQ0pTbKZ9wlW65jWpaxcCzxyJtCid2X-dYhBrkNJC0UDN48WBkargg51WJilm98f2QxxhqLyCDP1EO_CKhhHfw3bsZfnwedxBme2YB2pUJCtVavOrWo0NsmMpUMs3ThsFZ3LJQb2_jPhi67JZISLi0SrEsf4c6wHy1-_AQIuH1XRtpF413n9ES-WwAY3ESFVAfVeYwgm2ArdsMHeMN9Z_-OocYATmw1Qvf8Ct5NExRQROFg5yOs_UuP8iAtEXil5CxvbwzJhwuWlZRosYPznvAuI1i9LNUTgO-WyQ3RNui5PIt1brF8eiiiBKsTZKu236KXlSzE2SMsrwCEawx9DmuA1gkIEujepIHuU2DMymP6JLS80RcpsPqANxrs5UnJ4fR8AInxjEg9H_jhfdfoRrMzyDt66BLW1hDwoVhZ9AeGaxclgDr9dl7wBdW4V50Y_e5qDeZgqmGjSGtgr7yHuJafHqgNdFSVjIftV_xioqAo6GRcSEMqRwgN7Fm-jUKpd99EWx-EZXqGe5Gt7Kuab0Nm92zpg-7-NqsSHg7ShYGrSJKlWjVcbmnRUlD1LanNVGjy0tgaisrH3Yoh7LxwBKbLm7gmZlyd8tCxwzr3k5UkGfXYKnPWVV1KMLjlEAgBMowSw39puDrHl7_2c_h_uoS3KO6rbDOtX8UE2MjBwgxZIxiz_F_mjAkgJyT_zgp70dV4lQzhDJaRx-Ptt3qXxVQJFAkC4gEd2DpEjqY48B9446w8P8kcx9NVHLLv62CWVzl1Mc-RtvFqVxDzKz-gN2W2_169jZMpJMscO-n8CCUx12z-RZIchsTT8r359B6uasDQa2__V0dNJ3-cWjOlJqkspp1ySMy6Z9XXGgVyvYw7FI60CJTSEQQPRG5Xgru2kHNvOMiPv-UCkleRLXL1eHPQ71g2pmgCxM-v094BHajcv3L3n5PLg2qQhi-NoT63azt0AxnxEhlLhrMw5wRT6Mtf8-qcHhdS1GwSEvQo7fojm5DPBfljEQvtuqgDiCWCPcZa_bWQkI4koN9q4QCJC5GWHGvsgNiO1FyW2k1TAlqD9DrN8mvuN7kkV4iTYm313EJJJRgRtORez1fNB79tQg1rAtKYoQZXBTsNl_3zOUCMfTN49N9xGTz08Tfim7pM1H93nQaPt-GJ85B97dswwFzsiNBReZ_OFFJc3xUEg3dL44GSJOMiln66rl1DLLVFU1SlACB9OWoNJ1uobocJ_hTBuV1MzX3Ok_nY179NcxWNRLSXqtXa5eCs3EljfN8YTPU0115E5UcrdyYhtLj3PyRu_gBC5Iz_QTqv58F8VDZkJ2APCSHrQCYKI7UpxNJIMgL6q_ru6RT04B09ZcBqyrDO1nWCdWOuetKDKzpu8fvL2FbJPT_oUv1f8zGqT_KfTdCvNuMgsgX-y6bOKrmmIy5rWEpy3vmGWdTCrvb004xN0uZRHcT5vDk026mDr6L53BuuyCE6f-cG7CftzzAsxzjBF5uA9TSy6O4LLtUV6xkAFk72vWcy5y9wTEkf7QB8SpmpEru0YD3ILPKjDMA-ikXzj7at5nybebtwRAKBat0b2qcaPoS4PIkhYxwBkCmKUDzzBc4A0tzrxUKcvtxLLg3shbDOCNMqTcbT0Zlp7DdcWDCTwewQicyXC_etPXRdEv0Des6RCaLt2KxRybezqeSHI763BkfrqXhOUG1wQ6ZNmNo9ccAUDtqhVP4jPPRGx96TtitBh8bTsJhfV_06FeKN7Nsb-Mp470LAi4iadT-IyB4lsYokO_-vjIw8Q9VulTB0lJQgaONSKTdTpEljV0PV9bajsDYSmkWtub8pnfFUJg97_gJl5FQ0jFK8jDyOlja3_pS0zFbdmsnMnnrZdgakSO_D7p-YSO2jbNdtilB4wcUxHOcPKw7iaXULpIhskHKPrTkwAur9cUx5KXDR8dNWS4cz3TErnN2mcE31Vl2SUUjTgh4-f1nVTRPum1Z6NkEtkMxYe7PT-FLv-I_3WAvfsv6uDIULHgzoeSlBzew0CzHHCVvGvwvf0YKz6Rjk6fgmtfWrg8DZKa3ADBzt9gzYvYG2vlm0wfDvq5dNeJibc7Nqr6jaTyopKwp5yYci6y0WbufbcagutDzrzuNgz6vFJMViPuQYFXKRdTFOsxEICcrxbkFfmxP85U-YYaPAGlnBbLv_hZknm0-UaedfIgv7CQt5YQP3r1rTTPrexM0QYhfP5uKYZLD9ipBz0ETWM4yRpkpMFH9nmcXXsls4_xwxj8c57prTaGfWgoo_Si4J_xyfzxdNk6FdRA_dELWHGfxyKHCXiBlxPzSW3QNTT93V0-FcoFteFOo3HJ5OxFFK8Y-g0d_qCaW7jO8VX4djtn_ALgystxg8x0_f7nk9KkZhN9J2rMfPzf5oQQmBWyQqA3E2LN2CmF0i5_SfpFonhnoXvaRBaeVjLZEwEDiCFQw9mB2Y8hKlX7j43XMaIGp2CdAjbMCQBfU-LNN0ChAvweKGqvLCieP5vz3eiTgnRu-f-UyxoJmnyJLn1xhNml_-tozf4WvG6KX0kqVK2VLkixwAOJQdq22dxsGFRPoTqggXy2NLeNco4y7XGn15aihSZGEWPwblutPKhP0Hy9NJsJhM44rYVuDAByCG4O85kiAdolX2GXvMR-PRVeA66lrygpaOLlP-g0eh85OTIm-B60lA_m23GL7jx7UGtETzvH10mcYM_V-Kh90v8iHBliKHJP_QbyMA11qdwDj9Izb5SQ6mJ0n1yKg4PW_rckqQ8a5hHuS0YkDPClXYfXXgF5LTjmFobZsNdkt5_Nr5vPNPThRqgGTlSnYGwc1CQGmf3Kh1ziE8JhGgBA1tG8BKeHC6-hbVsaYoqT2Tn5jZvF_wUKVlvobEUKCWl7AmKwrBPw&cid=CAASBORopNE&rfl=2%2Chttps%253A%252F%252Fxn--80atdza.xn--80adxhks%252F%240

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a50bfe57e2e31b177b17036158d17eca2a48e350916460f816bad30d48f35783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34386
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 3C2F 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:31:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C2F 124 KB
38 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 18:33:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 3C2F 15 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:29:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C2F 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWOWeUxAlEllpEFV5IJ1zr1SFDdcnTlRVDz1DPVXSiMqdESxySZUagl5wHsHIFoOgigpl-7qlXAz6dH6ixbEdPXmga0p8SDxL9q_KxEhl4L-l9eis

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2BF7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

99ms
99ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 18:33:47 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 18:33:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 18:33:47 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C57 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13873
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 17:16:04 GMT

GET
H2 200 vast Show response
dsp-eu.surfy.tech/bid/ Frame 7C67 620 B
811 B 41ms
13ms Fetch
application/xml 176.9.54.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-eu.surfy.tech/bid/vast?ssp=136&type=vast&width=432&height=243&domain=xn--80atdza.xn--80adxhks&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&s1=101751

Requested by

Host: dsp-eu.surfy.tech
URL: https://dsp-eu.surfy.tech/static/vpaid_1.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

176.9.54.148 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.148.54.9.176.clients.your-server.de

Software

Resource Hash

89d8e014618ca2b8f1c8fbdc5f61b3d69658c311ad78814484b56fe0e019ae5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://xn--80atdza.xn--80adxhks
date: Thu, 10 Feb 2022 18:33:47 GMT
access-control-allow-credentials: true
content-length: 620
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/xml

GET
H3 200 css
fonts.googleapis.com/ Frame 2F8A 8 KB
888 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 17:33:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 18:33:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 18:33:47 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 2F8A 1 KB
875 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:28:54 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame 2F8A 19 KB
8 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:30:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 2F8A 2 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:31:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F8A 124 KB
38 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 18:33:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 2F8A 15 KB
6 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:29:34 GMT

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 2F8A 27 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 14:21:09 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2105
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECriQwDEhRioFgzPY8O5DEY&google_cver=1

43 B
1014 B

35ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECriQwDEhRioFgzPY8O5DEY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYseW_vAEwAQ&v=APEucNUUSJVQ4fXb5lx8jA49nmdMkHbH_-Jsh0I1cdrMr3acJpRvUKOgsYUKrnzkqrOO-dbIUCjBviMmSxvW8-cLcwZfeTJ-pEB4N2DAACinyjtf-HXsotP3jTRSZnRSTmu5PEzXJfBIvDfCnIDBk1JcjnfwXGvriTknDSTXE69Nn2K5QRUQIao
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 18:33:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Feb 2022 18:33:48 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECriQwDEhRioFgzPY8O5DEY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2105
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgVai76g8pUJuy3Vc8u-kwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECriQwDEhRioFgzPY8O5DEY&google_cver=1

43 B
894 B

18ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECriQwDEhRioFgzPY8O5DEY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYseW_vAEwAQ&v=APEucNUUSJVQ4fXb5lx8jA49nmdMkHbH_-Jsh0I1cdrMr3acJpRvUKOgsYUKrnzkqrOO-dbIUCjBviMmSxvW8-cLcwZfeTJ-pEB4N2DAACinyjtf-HXsotP3jTRSZnRSTmu5PEzXJfBIvDfCnIDBk1JcjnfwXGvriTknDSTXE69Nn2K5QRUQIao
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 18:33:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Feb 2022 18:33:48 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECriQwDEhRioFgzPY8O5DEY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2105
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBSXPWmt0O_tLuDZ2stPF1Y&google_cver=1

43 B
1006 B

41ms
23ms

Image
image/gif

185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBSXPWmt0O_tLuDZ2stPF1Y&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYseW_vAEwAQ&v=APEucNUUSJVQ4fXb5lx8jA49nmdMkHbH_-Jsh0I1cdrMr3acJpRvUKOgsYUKrnzkqrOO-dbIUCjBviMmSxvW8-cLcwZfeTJ-pEB4N2DAACinyjtf-HXsotP3jTRSZnRSTmu5PEzXJfBIvDfCnIDBk1JcjnfwXGvriTknDSTXE69Nn2K5QRUQIao

Protocol

HTTP/1.1

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 18:33:48 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4de7d711-1585-4a05-a29b-74b262ae74cb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBSXPWmt0O_tLuDZ2stPF1Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2105
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc5NjExMjUxNjk0Nzg3MzA5Ng%3D%3D

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc5NjExMjUxNjk0Nzg3MzA5Ng%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 18:33:48 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d9726ea7-e2bf-4cb5-9ee8-1755a4e8f977
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc5NjExMjUxNjk0Nzg3MzA5Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/892152/58815466/ Frame 3C2F 231 KB
70 KB 139ms
35ms Script
application/javascript 34.247.75.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/892152/58815466/skeleton.js?ias_dspID=3&ias_campId=25576184&ias_pubId=pub-4697968187948142&ias_chanId=1&ias_placementId=15522180233&bidurl=https://xn--80atdza.xn--80adxhks/&ias_dealId=
Requested by: Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.75.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-75-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 78ac3bd9eb773ced53f2ba7d24b38a7fc7c7f08a204a2dd90bbf234eaad46e95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:48 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 3C2F 106 KB
38 KB 47ms
9ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Feb 2022 10:06:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/ Frame 3C2F 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5VS1ejjtrEx8cOzvqeLY4Feq0lvLsN7peO4ZYICIKp0AUrJGFE-R3BCM7Y2r2bRDBh8ePQ8sUT5rb3hFQYNReQqCXY_VDg7I9gCaoJCxruTC15yByRTJFM8tPzxAZTFFeXtilEr4UEgoJjxY27PBImToyaA&dbm_d=AKAmf-CIHOfmb2RGA1GcK-cqk2aEeyvCPXsv08TRyRGh1MLCnc8tCTFK7XGDzjvJfjSi6VxKVWnTXSbe9sShFNoC-CTW5aHU-Egf8uIecJk1Z6e0CHOmzmb2ZtBzs6O2dKi2y7wVlhiY6rQ0pTbKZ9wlW65jWpaxcCzxyJtCid2X-dYhBrkNJC0UDN48WBkargg51WJilm98f2QxxhqLyCDP1EO_CKhhHfw3bsZfnwedxBme2YB2pUJCtVavOrWo0NsmMpUMs3ThsFZ3LJQb2_jPhi67JZISLi0SrEsf4c6wHy1-_AQIuH1XRtpF413n9ES-WwAY3ESFVAfVeYwgm2ArdsMHeMN9Z_-OocYATmw1Qvf8Ct5NExRQROFg5yOs_UuP8iAtEXil5CxvbwzJhwuWlZRosYPznvAuI1i9LNUTgO-WyQ3RNui5PIt1brF8eiiiBKsTZKu236KXlSzE2SMsrwCEawx9DmuA1gkIEujepIHuU2DMymP6JLS80RcpsPqANxrs5UnJ4fR8AInxjEg9H_jhfdfoRrMzyDt66BLW1hDwoVhZ9AeGaxclgDr9dl7wBdW4V50Y_e5qDeZgqmGjSGtgr7yHuJafHqgNdFSVjIftV_xioqAo6GRcSEMqRwgN7Fm-jUKpd99EWx-EZXqGe5Gt7Kuab0Nm92zpg-7-NqsSHg7ShYGrSJKlWjVcbmnRUlD1LanNVGjy0tgaisrH3Yoh7LxwBKbLm7gmZlyd8tCxwzr3k5UkGfXYKnPWVV1KMLjlEAgBMowSw39puDrHl7_2c_h_uoS3KO6rbDOtX8UE2MjBwgxZIxiz_F_mjAkgJyT_zgp70dV4lQzhDJaRx-Ptt3qXxVQJFAkC4gEd2DpEjqY48B9446w8P8kcx9NVHLLv62CWVzl1Mc-RtvFqVxDzKz-gN2W2_169jZMpJMscO-n8CCUx12z-RZIchsTT8r359B6uasDQa2__V0dNJ3-cWjOlJqkspp1ySMy6Z9XXGgVyvYw7FI60CJTSEQQPRG5Xgru2kHNvOMiPv-UCkleRLXL1eHPQ71g2pmgCxM-v094BHajcv3L3n5PLg2qQhi-NoT63azt0AxnxEhlLhrMw5wRT6Mtf8-qcHhdS1GwSEvQo7fojm5DPBfljEQvtuqgDiCWCPcZa_bWQkI4koN9q4QCJC5GWHGvsgNiO1FyW2k1TAlqD9DrN8mvuN7kkV4iTYm313EJJJRgRtORez1fNB79tQg1rAtKYoQZXBTsNl_3zOUCMfTN49N9xGTz08Tfim7pM1H93nQaPt-GJ85B97dswwFzsiNBReZ_OFFJc3xUEg3dL44GSJOMiln66rl1DLLVFU1SlACB9OWoNJ1uobocJ_hTBuV1MzX3Ok_nY179NcxWNRLSXqtXa5eCs3EljfN8YTPU0115E5UcrdyYhtLj3PyRu_gBC5Iz_QTqv58F8VDZkJ2APCSHrQCYKI7UpxNJIMgL6q_ru6RT04B09ZcBqyrDO1nWCdWOuetKDKzpu8fvL2FbJPT_oUv1f8zGqT_KfTdCvNuMgsgX-y6bOKrmmIy5rWEpy3vmGWdTCrvb004xN0uZRHcT5vDk026mDr6L53BuuyCE6f-cG7CftzzAsxzjBF5uA9TSy6O4LLtUV6xkAFk72vWcy5y9wTEkf7QB8SpmpEru0YD3ILPKjDMA-ikXzj7at5nybebtwRAKBat0b2qcaPoS4PIkhYxwBkCmKUDzzBc4A0tzrxUKcvtxLLg3shbDOCNMqTcbT0Zlp7DdcWDCTwewQicyXC_etPXRdEv0Des6RCaLt2KxRybezqeSHI763BkfrqXhOUG1wQ6ZNmNo9ccAUDtqhVP4jPPRGx96TtitBh8bTsJhfV_06FeKN7Nsb-Mp470LAi4iadT-IyB4lsYokO_-vjIw8Q9VulTB0lJQgaONSKTdTpEljV0PV9bajsDYSmkWtub8pnfFUJg97_gJl5FQ0jFK8jDyOlja3_pS0zFbdmsnMnnrZdgakSO_D7p-YSO2jbNdtilB4wcUxHOcPKw7iaXULpIhskHKPrTkwAur9cUx5KXDR8dNWS4cz3TErnN2mcE31Vl2SUUjTgh4-f1nVTRPum1Z6NkEtkMxYe7PT-FLv-I_3WAvfsv6uDIULHgzoeSlBzew0CzHHCVvGvwvf0YKz6Rjk6fgmtfWrg8DZKa3ADBzt9gzYvYG2vlm0wfDvq5dNeJibc7Nqr6jaTyopKwp5yYci6y0WbufbcagutDzrzuNgz6vFJMViPuQYFXKRdTFOsxEICcrxbkFfmxP85U-YYaPAGlnBbLv_hZknm0-UaedfIgv7CQt5YQP3r1rTTPrexM0QYhfP5uKYZLD9ipBz0ETWM4yRpkpMFH9nmcXXsls4_xwxj8c57prTaGfWgoo_Si4J_xyfzxdNk6FdRA_dELWHGfxyKHCXiBlxPzSW3QNTT93V0-FcoFteFOo3HJ5OxFFK8Y-g0d_qCaW7jO8VX4djtn_ALgystxg8x0_f7nk9KkZhN9J2rMfPzf5oQQmBWyQqA3E2LN2CmF0i5_SfpFonhnoXvaRBaeVjLZEwEDiCFQw9mB2Y8hKlX7j43XMaIGp2CdAjbMCQBfU-LNN0ChAvweKGqvLCieP5vz3eiTgnRu-f-UyxoJmnyJLn1xhNml_-tozf4WvG6KX0kqVK2VLkixwAOJQdq22dxsGFRPoTqggXy2NLeNco4y7XGn15aihSZGEWPwblutPKhP0Hy9NJsJhM44rYVuDAByCG4O85kiAdolX2GXvMR-PRVeA66lrygpaOLlP-g0eh85OTIm-B60lA_m23GL7jx7UGtETzvH10mcYM_V-Kh90v8iHBliKHJP_QbyMA11qdwDj9Izb5SQ6mJ0n1yKg4PW_rckqQ8a5hHuS0YkDPClXYfXXgF5LTjmFobZsNdkt5_Nr5vPNPThRqgGTlSnYGwc1CQGmf3Kh1ziE8JhGgBA1tG8BKeHC6-hbVsaYoqT2Tn5jZvF_wUKVlvobEUKCWl7AmKwrBPw&cid=CAASBORopNE&rfl=2%2Chttps%253A%252F%252Fxn--80atdza.xn--80adxhks%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:28:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame 3C2F 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9577
x-xss-protection: 0
server: cafe
etag: 11201793935764353180
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:32:03 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7C67 376 KB
125 KB 75ms
32ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: dsp-eu.surfy.tech
URL: https://dsp-eu.surfy.tech/static/vpaid_1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127061
x-xss-protection: 0
expires: Thu, 10 Feb 2022 18:33:48 GMT

GET
H3 200 aaf44123f57f1327f74f8049c476dded.js Show response
www.gstatic.com/mysidia/ Frame 3BCD 8 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/aaf44123f57f1327f74f8049c476dded.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1ffc9ca7657f3d655db7b79eb1e7316e4d23aab2df01606d8ce022385e4b985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3501
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 14:21:09 GMT

GET
H3 200 e82dac7c873a7565e42e18fecf44738d.js Show response
www.gstatic.com/mysidia/ Frame 3BCD 8 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e82dac7c873a7565e42e18fecf44738d.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd489807d2ec8d68c7101b8756a08658eebffbfa800d7c1fa9322ecd8fab0910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 14:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3509
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 May 2022 14:50:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3BCD 8 KB
888 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 17:38:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 18:33:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 18:33:47 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 3BCD 1 KB
875 B 14ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:21:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D742 143 B
163 B 12ms
8ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 10 Feb 2022 18:04:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 3BCD 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:24:15 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 3BCD 2 KB
1 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:31:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BCD 124 KB
38 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 18:33:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 3BCD 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:29:27 GMT

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 3BCD 27 KB
11 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 14:21:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C2F 41 KB
15 KB 16ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Feb 2023 10:06:24 GMT

GET
DATA 200
OK truncated
/ Frame 3C2F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 567fcde4b23201ba8a99321ad456e5fbf5a47beb7d144793311ab3ed95e9716f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 30AF 8 KB
888 B 61ms
60ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=600&slotname=5954569188&adk=357167731&adf=1621940880&pi=t.ma~as.5954569188&w=185&fwrn=4&fwrnh=100&lmt=1644518026&rafmt=1&psa=0&format=185x600&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026697&bpp=2&bdt=256&idt=276&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5bFOH2vpVC&p=https%3A//xn--80atdza.xn--80adxhks&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58c9e8f7f121a11b1516bdac16d6e56bf75ee2fe57f6f505f2fd88a07e687b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 16:37:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 18:33:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 18:33:48 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 30AF 1 KB
875 B 10ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:21:30 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 30AF 19 KB
8 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:24:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3BCD 0
0 84ms
80ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2Ml0i1oFYsHsBYbwhwfKzpvACN7N4s9n_Nrw1rEOkvfk4o4OEAEgu_iZC2CVgoCArAegAe-A4_4DyAEBqQJ5qS6LLSKzPqgDAcgDywSqBOIBT9Cf48mTOgQZL888fuCL11lBkx7DtAfdm4nyUNveMEEBdjihWgksdNk17Aa0Q8S1pyJiF7cl375lAr5Mo-LWVYMVQ16CRjsZ_jAGjV77gkDnE4avBIsK_4-6uaHfu4W4ACE_QpMjmJHfRd5OpWHG0oVZqX07VqrOwodxn4cr5YNnXcOvu-NZseqKWUAStD8uwN9bKEhU7Je7F5UGbH6h5I32jA4OP0EKYWdrTof3Qn0CwWgrz_kHPVJyrLdPL1_xtLesldN5aWyyEefv2uNIUC0sYdq2WHbUuM0pt4-mRpBTpsAEt6LRqeMDkgUECAQYAZIFBAgFGASAB_n-nAGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCOyBvSCAkIgOGAEBABGB-ACgHICwHYEw2IFAXQFQGYFgGAFwGyFxwKGggAEhRwdWItNDY5Nzk2ODE4Nzk0ODE0MhgA&sigh=wv4c1vM8oxQ&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Feb 2022 18:33:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 30AF 2 KB
1 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:31:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30AF 124 KB
38 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 18:33:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 30AF 15 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 18:29:27 GMT

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 30AF 27 KB
11 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 14:21:09 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 151B 15 KB
4 KB 28ms
11ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f34b00de0af755057fe4057154c6e4fb1f4cbafbbb8383fc48ad452472d0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 4512
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 03 Feb 2022 21:37:07 GMT
expires: Fri, 03 Feb 2023 21:37:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 30 Nov 2021 13:20:04 GMT
content-type: text/html
age: 593801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3C2F 0
571 B 149ms
89ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgjcy4-k0bo_iHuBGyI7rFLFZ6btgX8bicC0St6k0MlrxEhHOU8wXRKTIyTNmgaROFMZ5R1Ln13psNIvFYg2zhrN5CSM5LLlwyNBoZucLHE0NFyvPWr2eVo9Ka0f2ieXiClaEz8Z89nDsEIbcKBgQR_Vd5M-4dqTTBxEsyHb6rsKQsbxPZ6BXNa59OF2X6sfhK1QbPSaahRYErIj4SmElflV-vfYvVkhsUIj82RIHnCWYRJEAa6-GncsbyB8y3HKY1h2u7H5so_hNnVLColKYc1Tw4UP5va3iRsrk34-4z8QEtxhgv9CtW_q5s4BYplPAbhJTtDuHOheJ2WQkK33RaCes3BKxJmCEq0JCZUalnEUu5H3KVv7zk23OQ6W-ErzkzVd9CgCS__6hSp3BDs2j_anQ3mb2gNann_HfztLehuiGDJJiAMdVmAtw6DCj4UK17DvGewcLryj68ljwmpzH9Fo-yW7v1Y-d5KrijfRiKgrFko7wlDcdtEBHuczE4HO2xGhqIf9rZAPXNpRgUBU3PTj_g7mm-mZtkSnv6lFPppbvTXqeBaHsAPm3oSZtiaKIFmk2-JOG9FMi-2ZROalCYTKhTfS9OWg8knB_6oZsAq29EWws0U5iWGSP4fcnKKXUdTEWaVIYZHJfHeB6BZkzCpIsw1FPFeFaqeLLmmN6pZlvJ0KKonmhKyUHnHJrC9MAQBO0G8B5iNuGcfiRmJfqHrAvJu18HXOBmZWrwty6MxTIvAEahZINX2shmxtJCZco_ixBqGpvrlGtoif_Dh-Gp8DlSMomWQSuGXTc69RNP_QKFjUnygxwy2h9aHJ8GIlUC1KIWnexBIpguL3W-xcI_iyxQqMIZLIyQl3KJiURsuTajn9RBoDdJTkAov_FDRR54YCk0T46qye4K_MPVxKF6O1UeTsxfPtYvg0nTsOBVcN_SC6uZLRBpqvhrlDOyo7t0EkApwWev2ZngLMcU9GgSLdqwloqaT7QdI450E5biBf_Qs11HzxMinLP-UPGmt5cgchliOPlre66Mf1Stx6EZ4fbewHwp4vzt96jpYJh46tVYI3LCAfZPUB7w5FsXoq5o49_HnqaexvTx5vJkHb8CnnVnNQ2b1AvaHJ5L-Y3i5AmXJZ9eYt9emziT4WDNdlMboNPJ3q_-Jdm46GIyvWuLSfHzO8ymUOiIAfxg-qDJafy7WZxh9DxIkDF0VJx7Xw&sai=AMfl-YSH1lHsys7I8iHcLjCxRwS5oLOTkSh_3Boy6WkGZMoHrNdRe2bwOMrHOy1vHIty5mr3MDvBcf24qghasmbiCrOXwx0dZOcu2PT2mY5MJOcsCWn7eNRSftVl-S76y71Sn5Tl&sig=Cg0ArKJSzCi9jwxXqI-BEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&cbvp=1&cstd=155&cisv=r20220208.47563&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 10 Feb 2022 18:33:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BA14 143 B
163 B 11ms
10ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 10 Feb 2022 18:04:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3BCD 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 814e81906e1501f9c3b4c2b527f85167a7146f99dbe1c72739bfe75b3e738a4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 30AF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 30AF 0
0 103ms
102ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cr4mei1oFYqDnA46AwNYPgPWFmAOQ58eUaIvRnJytDq_m9P0IEAEgu_iZC2CVgoCArAegAfX8_doDyAEBqAMBqgTbAU_QJesMNrewMsn1Kw-HiPGtFKci1KyunEii_vI59UvircGZp-vQ7VdTuFvcyfD9jYgJ7hOYPAzI5eKPVODKdedE7gIn15KCg0krVwIwk1x6TDl1Qg15qgMCsx7jYPhz06LJTIpoJRpyVuT2WUDRUadwQYXnN3ssIrn7Mc9HGOUvajcJmB3ev-VRnbHJMiRe2DJcKkwhzTYcBv05aJ8U2kjxOjt80oXCdOWxXDC2Rc0sEVgXRBFXu6vl94wX1ZZ9cIXsPucd_l3XzpJRGz06VRfxz8ZrbS6pbuJylcAEyN24p5ADkgUECAQYAZIFBAgFGASAB_OCgiWoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCG2BvSCAkIgOGAEBABGB-ACgHICwHYEwqIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNDY5Nzk2ODE4Nzk0ODE0MhgA&sigh=D-f6uIfb7sA&uach_m=[UACH]&template_id=5020

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=600&slotname=5954569188&adk=357167731&adf=1621940880&pi=t.ma~as.5954569188&w=185&fwrn=4&fwrnh=100&lmt=1644518026&rafmt=1&psa=0&format=185x600&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026697&bpp=2&bdt=256&idt=276&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5bFOH2vpVC&p=https%3A//xn--80atdza.xn--80adxhks&dtd=287
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Feb 2022 18:33:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6D48 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 10:06:25 GMT
expires: Fri, 10 Feb 2023 10:06:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 30443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.496.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FE79 601 KB
195 KB 24ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199641
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Feb 2022 11:12:25 GMT
expires: Thu, 09 Feb 2023 11:12:25 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 28 Jan 2022 21:03:56 GMT
content-type: text/html
age: 112883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7C67 44 KB
16 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Feb 2022 18:33:48 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7C67 107 B
122 B 21ms
18ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--80atdza.xn--80adxhks

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1478 143 B
163 B 10ms
9ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=600&slotname=5954569188&adk=357167731&adf=1621940880&pi=t.ma~as.5954569188&w=185&fwrn=4&fwrnh=100&lmt=1644518026&rafmt=1&psa=0&format=185x600&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026697&bpp=2&bdt=256&idt=276&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5bFOH2vpVC&p=https%3A//xn--80atdza.xn--80adxhks&dtd=287

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 10 Feb 2022 18:04:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 3BCD 28 KB
28 KB 26ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:14:29 GMT
x-content-type-options: nosniff
age: 173959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 18:14:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D742
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

90ms
85ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 18:33:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 18:33:48 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 18:33:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A392 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13873
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 17:16:04 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 3C2F
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/892152/58815466/4.js?ias_dspID=3&ias_campId=25576184&ias_pubId=pub-4697968187948142&ias_chanId=1&ias_placementId=15522180233&bidurl=https://xn--80atdza.xn--80a...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

8ms
8ms

Script
application/javascript

2600:9000:214f:3000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2600:9000:214f:3000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:39:50 GMT
content-encoding: gzip
age: 485638
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jan 2022 16:51:51 GMT
server: AmazonS3
etag: W/"96e16e7453ae2e6952bc6d2a20ea29f7"
vary: Accept-Encoding
x-amz-version-id: TI7Wu8.c3shY9Kbc25ps.McAaw9Y1JrB
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: ufdBv9eTfLffAr1DiTkTLrItT1yiL1-IhMq3LGKcsLzw8OYYddOE6w==

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:48 GMT
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 8215 80 KB
21 KB 37ms
8ms Script
application/javascript 2600:9000:214f:3000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 6769950
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: oYRFBXpcPGPnNwNEoGvkR0gdeLJ3F-e23duWu02mCPXiWGk7ta4Nww==

GET
H3 200 anim.min.js Show response
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 151B 8 KB
3 KB 14ms
8ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/anim.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e773643d244128c52ab5535c162c467b2378bef47a784567d2de56fdd4a9e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 08:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35380
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3367
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:20:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Feb 2023 08:44:08 GMT

GET
H3 200 polyfill.js Show response
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 151B 6 KB
2 KB 10ms
9ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/polyfill.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59634d2853fa1300f9d99b9d1550fcfd09366ba7ae58776b291af9e67dedaa7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:59:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1955
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:20:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Feb 2023 18:59:55 GMT

GET
H3 200 img1.jpg
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 151B 33 KB
33 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/img1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3feb1d3c9a720750b41b2fbe4dde115af9c232cb69a26aede9c49f58396deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 09:59:38 GMT
x-content-type-options: nosniff
age: 290050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33834
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:20:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 09:59:38 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DD66 37 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 10 Feb 2022 18:41:31 GMT

GET
DATA 200
OK truncated
/ Frame 30AF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d1c428e40b765df80e1fefeed8cd999af9f1ecfe5c4f97ef5ad674f6defca26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3C2F 43 B
215 B 569ms
177ms Image
image/gif 35.161.241.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892152&asId=75224e95-4cc7-f63d-ef3d-8a311024a535&tv=%7Bc:3QpqBs,pingTime:-3,time:96,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:96,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B89~0%5D,as:%5B89~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sX423m2+11%7C12%7C13%7C141%7C142%7C151%7C161%7C17%7C1811%7C1812%7C191*.892152-58815466%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c,idMap:191*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.241.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-241-67.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:48 GMT
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3C2F 43 B
215 B 568ms
178ms Image
image/gif 35.161.241.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892152&asId=75224e95-4cc7-f63d-ef3d-8a311024a535&tv=%7Bc:3QpqBu,pingTime:-6,time:98,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:98,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B90~0%5D,as:%5B90~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sX423m2+11%7C12%7C13%7C141%7C142%7C151%7C161%7C17%7C1811%7C1812%7C191*.892152-58815466%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c,idMap:191*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:xn--80atdza.xn--80adxhks*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.241.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-241-67.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:48 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 30AF 28 KB
28 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:14:29 GMT
x-content-type-options: nosniff
age: 173959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 18:14:29 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3C2F 43 B
216 B 532ms
177ms Image
image/gif 35.161.241.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892152&asId=75224e95-4cc7-f63d-ef3d-8a311024a535&tv=%7Bc:3QpqC0,pingTime:-2,time:130,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:540,beZ:542,mfA:545,cmA:547,inA:547,inZ:551,prA:551,prZ:559,si:565,poA:566,poZ:592,cmZ:592,mfZ:592,loA:638,loZ:640,ltA:671,ltZ:671%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:130,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B122~0%5D,as:%5B122~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sX423m2+11%7C12%7C13%7C141%7C142%7C151%7C161%7C17%7C1811%7C1812%7C191*.892152-58815466%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c,idMap:191*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:104,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.241.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-241-67.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:48 GMT
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BA14
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

65ms
64ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 18:33:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 18:33:48 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 18:33:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame DDBE 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4697968187948142&output=html&h=280&slotname=5954569188&adk=1246477578&adf=3069977406&pi=t.ma~as.5954569188&w=887&fwrn=4&fwrnh=100&lmt=1644518027&rafmt=1&psa=0&format=887x280&url=https%3A%2F%2Fxn--80atdza.xn--80adxhks%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644518026699&bpp=1&bdt=258&idt=306&shv=r20220208&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C185x600&correlator=6400695363302&frm=20&pv=1&ga_vid=22913345.1644518027&ga_sid=1644518027&ga_hid=787202300&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C31064730%2C31064806%2C31063222&oid=2&pvsid=4297315944154692&pem=766&tmod=1824884989&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ENEjiWHrR3&p=https%3A//xn--80atdza.xn--80adxhks&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13873
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 17:16:04 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 151B 877 B
904 B 8ms
8ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a19d96fde3b62300f9f41f049f8881fcb4180a422f06f1ef6eeeb615995eff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:00:10 GMT
x-content-type-options: nosniff
age: 171218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:20:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Feb 2023 19:00:10 GMT

GET
H3 200 titillium-web-v10-latin-700.woff
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 151B 15 KB
15 KB 9ms
8ms Font
font/woff 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/titillium-web-v10-latin-700.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae32776aae5fbba5f5e09afbc3f01e948cb97a1434924ebfbf25e8f2661d1625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 09:59:48 GMT
x-content-type-options: nosniff
age: 290040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:20:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 09:59:48 GMT

GET
H3 200 titillium-web-v10-latin-regular.woff
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 151B 16 KB
16 KB 9ms
8ms Font
font/woff 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/titillium-web-v10-latin-regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c54a8e83547d7ec3af9960ab4c4b50af1ea2f4bab7f356a6a9a8d3f251c459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:54:45 GMT
x-content-type-options: nosniff
age: 49143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16572
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:20:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Feb 2023 04:54:45 GMT

GET
H3 200 -KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D48 35 KB
13 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13554
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 20:27:41 GMT

GET
H3 200 img2.jpg
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 151B 11 KB
11 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/img2.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a43f1770b29491ce75b2b31fc89160be563726e06117498693299e2e1334b489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 04:54:45 GMT
x-content-type-options: nosniff
age: 49143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10876
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:20:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Feb 2023 04:54:45 GMT

GET
H3 200 img3.jpg
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 151B 24 KB
24 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/img3.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86297c2f055f491d40c32be608db8f179c45806bb49b05750919852629e1ef9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 09:59:48 GMT
x-content-type-options: nosniff
age: 290040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24495
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:20:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 09:59:48 GMT

GET
H3 200 cta-fx.png
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 151B 1 KB
1 KB 13ms
12ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/cta-fx.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d91d6727627a6b0c5540c941852e963f30c79ffd9f6779fbb3456036679e152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 09:59:48 GMT
x-content-type-options: nosniff
age: 290040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:20:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 09:59:48 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3C2F 0
23 B 71ms
44ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgjcy4-k0bo_iHuBGyI7rFLFZ6btgX8bicC0St6k0MlrxEhHOU8wXRKTIyTNmgaROFMZ5R1Ln13psNIvFYg2zhrN5CSM5LLlwyNBoZucLHE0NFyvPWr2eVo9Ka0f2ieXiClaEz8Z89nDsEIbcKBgQR_Vd5M-4dqTTBxEsyHb6rsKQsbxPZ6BXNa59OF2X6sfhK1QbPSaahRYErIj4SmElflV-vfYvVkhsUIj82RIHnCWYRJEAa6-GncsbyB8y3HKY1h2u7H5so_hNnVLColKYc1Tw4UP5va3iRsrk34-4z8QEtxhgv9CtW_q5s4BYplPAbhJTtDuHOheJ2WQkK33RaCes3BKxJmCEq0JCZUalnEUu5H3KVv7zk23OQ6W-ErzkzVd9CgCS__6hSp3BDs2j_anQ3mb2gNann_HfztLehuiGDJJiAMdVmAtw6DCj4UK17DvGewcLryj68ljwmpzH9Fo-yW7v1Y-d5KrijfRiKgrFko7wlDcdtEBHuczE4HO2xGhqIf9rZAPXNpRgUBU3PTj_g7mm-mZtkSnv6lFPppbvTXqeBaHsAPm3oSZtiaKIFmk2-JOG9FMi-2ZROalCYTKhTfS9OWg8knB_6oZsAq29EWws0U5iWGSP4fcnKKXUdTEWaVIYZHJfHeB6BZkzCpIsw1FPFeFaqeLLmmN6pZlvJ0KKonmhKyUHnHJrC9MAQBO0G8B5iNuGcfiRmJfqHrAvJu18HXOBmZWrwty6MxTIvAEahZINX2shmxtJCZco_ixBqGpvrlGtoif_Dh-Gp8DlSMomWQSuGXTc69RNP_QKFjUnygxwy2h9aHJ8GIlUC1KIWnexBIpguL3W-xcI_iyxQqMIZLIyQl3KJiURsuTajn9RBoDdJTkAov_FDRR54YCk0T46qye4K_MPVxKF6O1UeTsxfPtYvg0nTsOBVcN_SC6uZLRBpqvhrlDOyo7t0EkApwWev2ZngLMcU9GgSLdqwloqaT7QdI450E5biBf_Qs11HzxMinLP-UPGmt5cgchliOPlre66Mf1Stx6EZ4fbewHwp4vzt96jpYJh46tVYI3LCAfZPUB7w5FsXoq5o49_HnqaexvTx5vJkHb8CnnVnNQ2b1AvaHJ5L-Y3i5AmXJZ9eYt9emziT4WDNdlMboNPJ3q_-Jdm46GIyvWuLSfHzO8ymUOiIAfxg-qDJafy7WZxh9DxIkDF0VJx7Xw&sai=AMfl-YSH1lHsys7I8iHcLjCxRwS5oLOTkSh_3Boy6WkGZMoHrNdRe2bwOMrHOy1vHIty5mr3MDvBcf24qghasmbiCrOXwx0dZOcu2PT2mY5MJOcsCWn7eNRSftVl-S76y71Sn5Tl&sig=Cg0ArKJSzCi9jwxXqI-BEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=675&vt=11&dtpt=517&dett=3&cstd=155&cisv=r20220208.47563&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: xn--80atdza.xn--80adxhks
URL: https://xn--80atdza.xn--80adxhks/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 18:33:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1478
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

65ms
65ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 18:33:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Feb 2022 18:33:48 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Feb 2022 18:33:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8974 42 B
64 B 68ms
42ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLzoZNMU3JfkSx0EsIUobMiaMa7_4oecEKQXtOHhZe7vSYESJslCS-OcdI0GScW-4rMA-E5Eh2Ip6LyaIqyFeM3fcpxuNcU3yz-qaKRPwYpr1YfXS1Rg&sai=AMfl-YQSie1M8RlWRlangyQ7XINfydjAPkkUpZrsBJPi4crtlLhJiVFxrwTU7elgBflYgNIu8yPmz_gE6GHB&sig=Cg0ArKJSzH59EQb2AcyiEAE&id=lidar2&mcvt=1047&p=0,0,280,1200&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1034694590&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644518026873&rpt=947&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
dsp-eu.surfy.tech/ Frame FE79 1 KB
2 KB 13ms
12ms XHR
text/xml 176.9.54.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-eu.surfy.tech/vast?cid=683&crid=611&domain=xn--80atdza.xn--80adxhks&fm=1&h=243&id=UsymPDXYvUKuSJgbbDqZagyFbUcNSdnM&ssp=136&w=432

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

176.9.54.148 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.148.54.9.176.clients.your-server.de

Software

Resource Hash

cb2449f9e6c35edd07522d095c14ad0687e099ca0f74fb345d91ebcb8bdcfc83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Thu, 10 Feb 2022 18:33:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 1277
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/xml

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3C2F 43 B
215 B 175ms
175ms Image
image/gif 35.161.241.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892152&asId=75224e95-4cc7-f63d-ef3d-8a311024a535&tv=%7Bc:3QpqJE,pingTime:-10,time:604,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1644518028942%7C%7Cca61a5d4df706b58236fd810c1d096af%7C%7C920bd99aa4265c459f442b819dba176b%7C%7C0bb04b9f6d41a38c05d3838ed92918b6%7C%7C3679cf651dbbbcfc2084ac48fc387bd4%7C%7C95b3cb092c51c01a3b4836ad3f539d35%7C%7C589f6dcf638c53a87509dd405a773b15%7C%7Cbce81f700de67edd47b2b45f0254df48%7C%7C1629390669,im:%7Bpci:%7Btdr:283%7D%7D%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.241.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-241-67.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:49 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK bid Show response
clientside-video-bidder.rutarget.ru/ Frame FE79 27 B
702 B 365ms
110ms XHR
text/xml 80.64.106.149
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientside-video-bidder.rutarget.ru/bid?url=xn--80atdza.xn--80adxhks&request_id=UsymPDXYvUKuSJgbbDqZagyFbUcNSdnM&placement_id=113&mimes=video%2Fmp4&mimes=application%2Fjavascript&protocols=2&vd_api_0=VPAID_2_0&placement=3
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.149 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr4.rutarget.ru
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 18:33:49 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Rutarget-SameSite-Cookie: true
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length: 27

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D48 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUechi1oFYsSkMrbX7_UP_ZSosAkAAAAAOAHgBAI&bg=!GhmlGV3NAAbAtJCDwLQ7ACkAdvg8WhvyUTQRc2lFE6JQ1bi4sFDOYeyJ87N9MWZqAkz_wk8nPeixJgIAAADdUgAAAAJoAQeZAw6IZ_uN2MeI9TfiQ3aykxMfF53GsUzcSCtFBT4zl7bPxbztpDpcQALm8X7GEJoyAErdECu_06_eDrp7JwsaxAOyXBrnXEwwF7ax2munhSmduHgkjlszJ_BKyjp0qNgA6nP7bf-DRVUji06wxUTb0ru2IzgcHGgSofHH6xN0g1P4N0MX9YJs7CixcesHhIeU0o08o384bMf8FhsQ3n3Ya_I5X4ri6iV6SNk7sLLBeTDGjVdX0x9j68CSDv9_FVXRIY2ocAnxFEyXEs09-CnHeDUht1lwwnWMO9dv5-F07V_YShZ-fWTppACu5ig_FpkY31EXXLjpOVknaNKAAezbrthACAhxbWuMjLNgb-rfYsugTU6O-aA2t0iTKJ0qtArzTCQ2NVtAbvhwlVz7x_9qMTxwgDhHoqA7RUEnc2MBQZJUb11bxcx-BJE6qymdA3HXwpWJRvoWpk2mR2oXKWoNxccMHLHqB4aUp3P1Uy9Iah6VJbG26b5cxadQnQKff1B0xrqybPxGhBntXL-6jfwe-hrwJudLy5oQWiuCR6DwgcwJMnU-T51xQT-QslQODo8Ek0O5B6SnKkosym7jJzW2JRnbLg3pFZnU7SIkjOOsUFhGbFTwV8Df3P705E8j-WIkkhG5jdkvCaC66b3fq7Iw-87zRFPG5uv4ELP9PZAvYsu8-D5TJrOuyhcBvOMaQhZ8PGMIEEgoOQQXleAQg3cct6RJ-2vaGNB_dngCyVukwyaxGp8w0ENl0XThw86FJix9U7g7WURbWvUibyU090uzhf6mQX9NDZAHUnjInoTi1_BsDs8bFmBCawmKs9xdJUoXbiSAJrD5HsGluvu6uDNBqOt3P6LfvJhbBsRph5jn2_HAI7JVUKuOlJB7Px3OrVGDkUWHg_knthDFbmX7p8zy8wwQ96_9XV0hN6XeD6-W2j0idsmSKCDXwbIaQQeHr9Bu1eZjqgQA7nYAPUj4awe6dnWbpdxfoLNn1mrsjfE8T5AQAPfTDEM7e8YyFL2kc3dmoL5pw4Yl8J9XF1M_jaSTHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 22ms
22ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220208&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f1dd4e9125f5196244a40b6050bb24f42265bbb8e30c2ad6dbc023226c18c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 18:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9939
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 18:33:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9598 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 15:05:51 GMT
expires: Fri, 10 Feb 2023 15:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 12478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C230 783 B
534 B 22ms
22ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0174bdcd419ee4a6308dc9d5d4d637f159b7591efb58f3e6c6912b70fcb77e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9sNbvWwSC6OHhPHe/FBiaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 10 Feb 2022 18:33:49 GMT
date: Thu, 10 Feb 2022 18:33:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9sNbvWwSC6OHhPHe/FBiaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9598 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/51HlaoDq_D6uZSgBzZWUemIfoZ0TtR6K4rqMqSgJuCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13873
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 17:16:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C230 0
0 105ms
105ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220208&jk=4297315944154692&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9598 0
9 B 9ms
9ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ksTkhw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 18:33:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C2F 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2Xm3PZZOLUAACLm2lWDSnq6P2Z26vRpzbfCE7-DNojlKDeWbB93kQjagJq7HEob43rEID1HAxJdTSBKtASyfjZFLFdjeHNCDP6kTZBytvGWkOJRPxNw&sai=AMfl-YQQQJhhEZwCg6sd3lU4VPv9Pr8tzV1IyyncMy0xNaGazsl28iapz760C5cPQGA3DBNGW5E7aree7-z3&sig=Cg0ArKJSzJhH-N4fTSyCEAE&cid=CAASBORopNE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=691,1001,1001,1001,1001&tos=691,310,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644518027798&rpt=605&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3BCD 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCMlc9HK6qloegUoRt5cW6dWwRi7kcRCy-wl2AM8fZblrr9LaqvWCQcwKMcjAmm8dumPuERYAteIkyAmBQ2Ym7RlVZSr4tBSHVuiGa68do22GPLG8VyQ&sai=AMfl-YSeGiodMcLAyr44OR5jbaLsG3ZV9e9Tr-8K-deEpX1z62c1P8Tn_k7XO_y-BG-xuDAvC6bmLVGretQR&sig=Cg0ArKJSzAEfrS7wfGVcEAE&id=lidar2&mcvt=1000&p=0,0,280,887&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1246477578&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644518027017&rpt=1559&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30AF 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4Gsm4vRqEnJeuC_iT60e_qTmWDdZ25l4ZLWeiue4WhNpg6rU8aSDqL9VfH_cNB5tXK3U4X9ydckTJMW1Qmbm4aK8h45QmUd5fnuPYfwlQYezfEfQvzg&sai=AMfl-YQdMOMq7YZsBlY3nbuPdBHhLgMHt4JP86ISgG8KysLwLIxfYlxn_gAmlVctUByeHPF6hqF53dFcCGj4&sig=Cg0ArKJSzOslSfkilLUkEAE&id=lidar2&mcvt=1000&p=0,0,600,185&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=357167731&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644518026990&rpt=1638&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3C2F 43 B
215 B 174ms
173ms Image
image/gif 35.161.241.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892152&asId=75224e95-4cc7-f63d-ef3d-8a311024a535&tv=%7Bc:3QpqXu,pingTime:1,time:1462,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D,%7Bpiv:100,vs:i,r:,t:461%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:461,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B453~0%5D,as:%5B453~728.90%5D%7D%7D,%7Bsl:i,t:461,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:233,fm:sX423m2+11%7C12%7C13%7C141%7C142%7C151%7C161%7C17%7C1811%7C1812%7C191*.892152-58815466%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.241.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-241-67.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:49 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3C2F 43 B
215 B 175ms
174ms Image
image/gif 35.161.241.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892152&asId=75224e95-4cc7-f63d-ef3d-8a311024a535&tv=%7Bc:3QpqXu,pingTime:1,time:1462,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D,%7Bpiv:100,vs:i,r:,t:461%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:461,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B453~0%5D,as:%5B453~728.90%5D%7D%7D,%7Bsl:i,t:461,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:233,fm:sX423m2+11%7C12%7C13%7C141%7C142%7C151%7C161%7C17%7C1811%7C1812%7C191*.892152-58815466%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.241.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-241-67.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:49 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3C2F 43 B
215 B 174ms
174ms Image
image/gif 35.161.241.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892152&asId=75224e95-4cc7-f63d-ef3d-8a311024a535&tv=%7Bc:3QpqXv,pingTime:1,time:1463,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D,%7Bpiv:100,vs:i,r:,t:461%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:461,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B453~0%5D,as:%5B453~728.90%5D%7D%7D,%7Bsl:i,t:461,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:233,fm:sX423m2+11%7C12%7C13%7C141%7C142%7C151%7C161%7C17%7C1811%7C1812%7C191*.892152-58815466%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.241.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-241-67.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:49 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220208&jk=4297315944154692&bg=!eXqlej7NAAbS3PJy0tw7ACkAdvg8WupyClDlCcD0ebJlLJKzYMBa2Kzh-dvb2RfY6-vlMtFont8BCAIAAAB4UgAAAANoAQeZApQ-PFGoS5jcboEh5AivmFo2zHPKF8h5AueEUR5rWArLieG-d81FILxZ9eenucVQ3eljJ1ZTmsiPkNDMip_J8KpfLux_eF68VZAIlW--fsWOQZxQTUF48qa-JA7-vsEP3iee_UBHdjvC0DBjU0LbwPg6R6z5Y7-e7nS_rxtMJxFqsrZia3dKE21voaSG5VeiaUEdRkKmClUKYxke8qC_JJ3MBBAHGI-EcJPYweGvzDXUZUtu9NbKdKTDA09_fv_LHIjID2w_9OdCEYpYw75wDUuLv21VDxbAqVWe5_HeyCO2V00zz9KyrD1vJ1w5Tm1YesWEBzdONnrPUcQTKPAqlNahL5kEpE49PPZXPvY1axGb1TKm90B-YwuJm9vx5X2piZ5LtSc2I62F4O8yN_egGIG8pJgepEsDrxjYFYpX4AvnM-KEUgaxXv-RSZj9bb8Hapye77Us9HOaul5uxEbRWs639Crg-mB8undbvL03rcOYhRmk1cJH5YM-hGaZgth8uUTy7QWx8x0SCFzKRwvQW5fNmKg2dCbiSMw3wKKs1RumXhEIVgmmsYqmyEAKc_jZXhlqEs4cFfnKNkIfTJLVNX7j6B0c3wxqm7ejkXj5j7oBsF9qv1MU2li7KdDxVS1ya89SWuTiTda3ZP18yShyt2ETRoLMKiYA7GS__OxVfrn33X84k14jhEaqqVzDygfOOciiYod4GJm7eGXBMjaGVJQVX-4m-RghI6-rywtVbeq4gGB1cJxs7E7nAuT4EbCBMNnewZIKf3GaiUUjZrzti134EEv0RcqALSMCHB3JeAh2FN6R-xGkvtfrUHuT_TRzfkPRwFevFnPN8fOyaKy6KJFS2TrqZIPptv1wjb4ttqLlff02YeQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--80atdza.xn--80adxhks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 18:33:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xn--80atdza.xn--80adxhks/	1969-12-31 23:59:59	Name: PHPSESSID Value: 22a5cfb9bb10e0111a3d550ddf98e8d3
.viadata.store/	1970-01-20 01:31:50	Name: viads_uid Value: ca60ce98-d09b-47a8-8765-ed747bba7fa6
.xn--80atdza.xn--80adxhks/	1970-01-20 10:10:14	Name: __gads Value: ID=3912f431acbe39c8-2218eb323bcd005f:T=1644518026:RT=1644518026:S=ALNI_Ma485_X49Q-uVi3J1p4mcSbMnFFsw
.xn--80atdza.xn--80adxhks/	1970-01-20 09:34:14	Name: _ym_uid Value: 1644518027668681926
.xn--80atdza.xn--80adxhks/	1970-01-20 09:34:14	Name: _ym_d Value: 1644518027
.mc.yandex.com/	1970-01-20 00:48:38	Name: sync_cookie_csrf Value: 2099278903fake
.mc.yandex.ru/	1970-01-20 00:48:38	Name: sync_cookie_csrf Value: 996266029fake
.xn--80atdza.xn--80adxhks/	1970-01-20 00:49:50	Name: _ym_isad Value: 2
.yandex.com/	1970-01-20 09:34:14	Name: yandexuid Value: 4389500071644518027
.yandex.com/	1970-01-20 09:34:14	Name: yuidss Value: 4389500071644518027
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 375790461644518027
.yandex.com/	1970-01-23 16:24:38	Name: i Value: yM6s62EJ+b0Cu4iwNAKkIbv4NhlotiEZHacXGDvm2OIHoFXN2cQrwsoMW0SIeFYVfT76D7S2pnGv3tFPy3oUbqljx6w=
.yandex.com/	1970-01-20 09:34:14	Name: ymex Value: 1676054027.yrts.1644518027#1676054027.yrtsi.1644518027
.vk.com/	1970-01-20 09:41:44	Name: remixlang Value: 6
.viadata.store/	1970-01-20 01:00:09	Name: viads_sc Value: %7B%220%22%3A1644518027%2C%2239%22%3A1644518027%2C%2230%22%3A1644518027%2C%2227%22%3A1644518027%7D
.doubleclick.net/	1970-01-20 10:10:14	Name: IDE Value: AHWqTUlJbPCakDZinsO2w2L7Ufut65OBT0-YRP6JZNg6CKdChWvbWefnY14-jR2IRms
.doubleclick.net/	1970-01-20 00:48:41	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 09:34:14	Name: CMID Value: YgVai76g8pUJuy3Vc8u-kwAA
.casalemedia.com/	1970-01-20 02:58:14	Name: CMPS Value: 3240
.adnxs.com/	1970-01-20 02:58:14	Name: uuid2 Value: 7796112516947873096
.casalemedia.com/	1970-01-20 02:58:14	Name: CMPRO Value: 1217
.casalemedia.com/	1970-01-20 00:50:04	Name: CMST Value: YgVajGIFWowA
.casalemedia.com/	1970-01-20 09:34:14	Name: CMRUM3 Value: 2d62055a8c2760CAESECriQwDEhRioFgzPY8O5DEY
.adnxs.com/	1970-01-20 02:58:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%uj_(i<!]tbPl1M>e)ZlrFUfJ+tGXxo@I)zx=HQeutM$4]z==e>s<Z!>AYi6<[[B!t3bpRzqF1`*b^yr)rkta
.rutarget.ru/	1970-01-20 05:07:50	Name: userId Value: jrwiqbR-NuYR

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9545.yG3CPWaUxCgW2AAytGcwdrRFoZggp7WdEl9at8O3acVXMyZgFiI4OeocC3akjI_Do-uuyU6uvf6H20qjsIVOCg%2C%2C.3qoF63Y7AV30nV1OO_VLugppOy8%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.facebook.com
cdn.viadata.store
clients1.google.com
clientside-video-bidder.rutarget.ru
cm.g.doubleclick.net
connect.mail.ru
connect.ok.ru
cse.google.com
dsp-eu.surfy.tech
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
logs.viadata.store
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pl.viadata.store
rtb-msk-2.viadata.store
ru.viadata.store
s0.2mdn.net
stackpath.bootstrapcdn.com
static.adsafeprotected.com
tpc.googlesyndication.com
vk.com
www.google.com
www.googletagservices.com
www.gstatic.com
xn--80atdza.xn--80adxhks
yandex.st
yastatic.net
142.250.181.226
142.250.185.162
142.250.186.130
176.9.54.148
185.33.220.216
2.18.234.21
217.20.155.208
23.111.114.100
23.111.115.236
23.111.115.244
23.111.119.12
23.111.211.20
2600:9000:214f:3000:8:48e:53c0:93a1
2606:4700:3030::ac43:cc03
2606:4700::6812:bcf
2a00:1450:4001:800::2006
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a02:6b8:20::215
2a02:6b8::1:119
2a03:2880:f01c:800e:face:b00c:0:2
34.247.75.254
35.161.241.67
80.64.106.149
93.186.225.208
94.100.180.54
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
069e1b3db9634db381c1588ee4c759a1e07fdab5145b251f2b9265844bbec1a1
08ba166d2eec842cb8dd67412d5bdb3c7fc397b85f3cbe18228b64b82284a525
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc74eab328fba1cb362818376fa2a652990aa8b589bc2757ed2bc5e95dec300
11c54a8e83547d7ec3af9960ab4c4b50af1ea2f4bab7f356a6a9a8d3f251c459
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f3ee1a86e9ed001f71081031e7c31614f88de569e3cf2839674469d9a29e44e
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24a8d0334c4e95b7516a53cd7c2ae6b5dd4bcfaa706729f4ea7ce0d75a89c093
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
263bf806ffab05e6afa9767d16d91b3e802e508e87fd6653df07dc3b0239ae7b
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
346eef9c1f17d6c82daf00001498a47e40fbc504120a5f70edb6870dfb6a5dec
3513dd5778810912aa330656e0b29032f29b5c8a1553772a8483951a38bfd3f8
368cd39aa84964bc66c8a6cb2e4212136ef6896dc5ccf35f01e1922ab9f9a930
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392
406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
41a19d96fde3b62300f9f41f049f8881fcb4180a422f06f1ef6eeeb615995eff
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
496e107ebf9378b255f3cd59188764b070c3f66848e388e3c4d2dd1775d7705a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f1dd4e9125f5196244a40b6050bb24f42265bbb8e30c2ad6dbc023226c18c65
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bf025801375d65be7fd30144568a4b5cf491c1bb8398e7d05b6c24abb243e9
529846e2b4a7382ba84cff285b830c33af65f641bfc0aba46a70dd1051137d8c
5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567fcde4b23201ba8a99321ad456e5fbf5a47beb7d144793311ab3ed95e9716f
58c9e8f7f121a11b1516bdac16d6e56bf75ee2fe57f6f505f2fd88a07e687b05
59634d2853fa1300f9d99b9d1550fcfd09366ba7ae58776b291af9e67dedaa7f
5b0c382f2df224cfd0d125df84b4201a27589778bf99c75cb7780917078b98dc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
653bf99bf98b81c92da9089f6faf3d4cbaf34c66af188145a46d9911a0d91f37
682bad20ad4d863be144d1d29306c4422b19f95dce71ae99419a276301acf4f6
6bac599442fb930ea8a875bfd7e9167399eeb92af1ed763c158ed11464492a01
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81
75f34b00de0af755057fe4057154c6e4fb1f4cbafbbb8383fc48ad452472d0c4
778a4bb659785899aadda3acc6c210ba6f583a2a3b94ac36243e324837c47520
77e773643d244128c52ab5535c162c467b2378bef47a784567d2de56fdd4a9e1
78ac3bd9eb773ced53f2ba7d24b38a7fc7c7f08a204a2dd90bbf234eaad46e95
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7d1c428e40b765df80e1fefeed8cd999af9f1ecfe5c4f97ef5ad674f6defca26
7e29b8fa68a48c0fa32321c441c867176c5403716f3c7cf7e542b668c218cac2
7e734450f98b953ff075026ecf6a583fbf911cfd533db5793872fb45abe9d67e
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
814e81906e1501f9c3b4c2b527f85167a7146f99dbe1c72739bfe75b3e738a4b
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86297c2f055f491d40c32be608db8f179c45806bb49b05750919852629e1ef9b
89d8e014618ca2b8f1c8fbdc5f61b3d69658c311ad78814484b56fe0e019ae5c
8b980dd1986952837bbe250edffdf5e626cf9d01e6ad74e5823fa4caaff8ac6b
8d91d6727627a6b0c5540c941852e963f30c79ffd9f6779fbb3456036679e152
8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd
9086115520bf5abcb71b5aaf0345f0fccd7df5b6dfd72202f73bfdd869dade69
9146b51423f6bf1c35da34b538b3ab146c47053baa8ce83c7849d3b3b6c4ee94
944979b576ee52348d5c63d35f566c11df26f70ed15d2ceba61180662a49b114
9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
9ddc933a0da8e4ef10e235c114a6391820c5068c2c0a3ec4b0b81edba7363338
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a43f1770b29491ce75b2b31fc89160be563726e06117498693299e2e1334b489
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f85f02f96fe4e29cbed04fcf4e7786e2303ae89b4e6d2f69bcfe3d8c49fe92
a50bfe57e2e31b177b17036158d17eca2a48e350916460f816bad30d48f35783
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ae32776aae5fbba5f5e09afbc3f01e948cb97a1434924ebfbf25e8f2661d1625
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
c1ffc9ca7657f3d655db7b79eb1e7316e4d23aab2df01606d8ce022385e4b985
c7a1defd1b0ce8107976819de175d5548e093a5376a077074aaebdba0f2d41a3
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cb2449f9e6c35edd07522d095c14ad0687e099ca0f74fb345d91ebcb8bdcfc83
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d825cf02f25f38879ac6f09a7eccf1a2b7c6322b50b742d469c8f83976ba5f97
d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0
db07ce2b06fd48e3d0b7c08733cb374e058f5c4d42e9e4803023757ff559eb45
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e0174bdcd419ee4a6308dc9d5d4d637f159b7591efb58f3e6c6912b70fcb77e8
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42f4720bc358e05bba3b0fe8e272e91052b099a8174810200100fc58e6239c1
e6cb6529d03ee94de5c8aeb347847ee9c997db1d233531a1d21d40990e72c4ea
e751e56a80eafc3eae652801cd95947a621fa19d13b51e8ae2ba8ca92809b824
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
ed173a7a538a5d0d19ef3c00e79d79840009cbe24244ab62c4c770af3b471b60
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3feb1d3c9a720750b41b2fbe4dde115af9c232cb69a26aede9c49f58396deb
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fd489807d2ec8d68c7101b8756a08658eebffbfa800d7c1fa9322ecd8fab0910

xn--80atdza.xn--80adxhks Open in urlscan Pro Puny класс.москва IDN 2606:4700:3030::ac43:cc03 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

168 Requests

95 %HTTPS

53 %IPv6

25 Domains

39 Subdomains

37 IPs

5 Countries

2803 kBTransfer

6696 kBSize

25 Cookies

10 Outgoing links

Page URL History

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xn--80atdza.xn--80adxhks Open in urlscan Pro Puny
класс.москва IDN
2606:4700:3030::ac43:cc03 Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

95 %
HTTPS

53 %
IPv6

25
Domains

39
Subdomains

37
IPs

5
Countries

2803 kB
Transfer

6696 kB
Size

25
Cookies

168 HTTP transactions
20 data transactions