do-slez.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-zna...
Submission: On October 11 via api (October 11th 2023, 1:54:14 pm UTC) from US — Scanned from NL

Summary HTTP 110 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 13 domains to perform 110 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is do-slez.com.
TLS certificate: Issued by GTS CA 1P5 on August 16th 2023. Valid for: 3 months.

This is the only time do-slez.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
110	18

48 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

do-slez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	do-slez.com do-slez.com	1 MB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	525 KB
12	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	91 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 7957	3 KB
6	gstatic.com fonts.gstatic.com p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com	54 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	602 B
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3539	55 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	139 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 8860	408 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
110	13

	Domain	Requested by
48	do-slez.com	do-slez.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	do-slez.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	mc.yandex.com	3 redirects do-slez.com
4	www.googleadservices.com	do-slez.com
4	www.google.com	2 redirects do-slez.com tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	mc.yandex.ru	2 redirects do-slez.com
2	p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	do-slez.com www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.nl	do-slez.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	do-slez.com
110	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
t.me
twitter.com
oauth.vk.com
connect.ok.ru
www.instagram.com
www.pinterest.com
invite.viber.com
valthemes.com

Subject Issuer	Validity	Valid
do-slez.com GTS CA 1P5	`2023-08-16` - `2023-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
Frame ID: 4A50CAE33CD6EB5BF5BA3492115B5A2C
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 245D822A3B49496A018D3CAC0DFBA66E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&adk=1812271804&adf=3025194257&lmt=1697025249&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448766&bpp=4&bdt=850&idt=373&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7343662311951&frm=20&pv=2&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=393
Frame ID: 1600D0F5E3028A36AC0C0F74458F9C3E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&h=250&slotname=1992930607&adk=4046878037&adf=2642811866&pi=t.ma~as.1992930607&w=300&lmt=1697025249&format=300x250&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448775&bpp=1&bdt=859&idt=405&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7343662311951&frm=20&pv=1&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1089&ady=1109&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=syOQs7iwuS&p=https%3A//do-slez.com&dtd=411
Frame ID: 5C5E37FE62F9A3D83A45D1EAFD6DDCFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&h=600&slotname=9734492914&adk=3277062574&adf=3138880375&pi=t.ma~as.9734492914&w=300&fwrn=4&fwrnh=100&lmt=1697025249&rafmt=1&format=300x600&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448775&bpp=1&bdt=860&idt=417&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7343662311951&frm=20&pv=1&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1089&ady=2074&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=1&fsb=1&xpc=AV4hOGHSTW&p=https%3A//do-slez.com&dtd=421
Frame ID: 6A868F327FB2C72AA0EC147B518E3F61
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&h=280&slotname=2201730159&adk=3267854903&adf=2233362210&pi=t.ma~as.2201730159&w=336&lmt=1697025249&format=336x280&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448819&bpp=2&bdt=904&idt=393&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600&nras=1&correlator=7343662311951&frm=20&pv=1&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=471&ady=841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&xpc=by6vbdxnOI&p=https%3A//do-slez.com&dtd=399
Frame ID: 5BE6E91562D391FB7463A9E779DCB92B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EA4E586844A6AC1301713BBDD5F7ADC8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 53873FB7AEB296205D0CFC960145386B
Requests: 2 HTTP requests in this frame

Frame: https://p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: ED7C95D59D3BBFA49CEC995075F74ED5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: E16D364DDEC9E59810248E8E7D823EC2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: A4179D6DE7FC4E4B1C198779F1732F6E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 301667A19D27B2BF70E378C94EEBB1EB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9FA557AA3442B8922791E4906A0275FA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

14 загадочных вещей, за разгадкой которых пришлось обращаться к знатокам в сети

Detected technologies

Materialize CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*materialize(?:\.min)?\.css
materialize(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

95 %
HTTPS

88 %
IPv6

13
Domains

18
Subdomains

18
IPs

4
Countries

2051 kB
Transfer

4139 kB
Size

21
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/doslez/

Search URL Search Domain Scan URL

URL: https://t.me/d0slez

Search URL Search Domain Scan URL

URL: https://twitter.com/d0_slez

Search URL Search Domain Scan URL

URL: https://oauth.vk.com/authorize?client_id=7585612&redirect_uri=https%3A%2F%2Fdo-slez.com%2Findex.php%3Fdo%3Dauth-social%26provider%3Dvk&scope=offline%2Cemail&state=4f8b2de433b80eec6d7bc594f3d3e631&response_type=code&v=5.90

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/oauth?client_id=1708840619267906&redirect_uri=https%3A%2F%2Fdo-slez.com%2Findex.php%3Fdo%3Dauth-social%26provider%3Dfc&scope=public_profile%2Cemail&display=popup&state=4f8b2de433b80eec6d7bc594f3d3e631&response_type=code

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/oauth/authorize?client_id=512000595405&redirect_uri=https%3A%2F%2Fdo-slez.com%2Findex.php%3Fdo%3Dauth-social%26provider%3Dod&scope=VALUABLE_ACCESS%3BGET_EMAIL&state=4f8b2de433b80eec6d7bc594f3d3e631&response_type=code

Search URL Search Domain Scan URL

URL: https://www.instagram.com/smeysya__do__slez/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/do_slez/

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQB1xVJJMlbUuk9yTCoUJfwwOWGczNguJSv8YGZS%2Bn9h8RiuSu1ehHF3egFUEJUK

Search URL Search Domain Scan URL

URL: http://valthemes.com/
Title: креативными людьми

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10153.A_71Xfl5y8Gq0tjQLmtOGFR_ImBgxZXNOknraz5RzXwAI9jaQVSVXaRN125I0xkc.jpmEDJQZyt9I2FIWjjIS26rB18k%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10153.nW3r2Fr6EgdNyLZ1o-lrB8xUKUo6FFPTzlBLB-hfE_YzaWRYw6SBNWS_LQaNYpzSbQF1PSRhYKzjCOeeNnrorlvvCCLzk1kGxcaeYnw3T5U%2C.rkVPFLdlos1qGG8g61BWqrn3nMM%2C

Request Chain 75

https://mc.yandex.com/watch/47172399?wmode=7&page-url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A562%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1170401952676%3Ahid%3A699411896%3Az%3A120%3Ai%3A20231011155408%3Aet%3A1697032449%3Ac%3A1%3Arn%3A962404338%3Arqn%3A1%3Au%3A1697032449893659070%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A19%2C57%2C187%2C1%2C0%2C0%2C%2C687%2C14%2C%2C%2C%2C1165%3Aco%3A0%3Acpf%3A1%3Ans%3A1697032447649%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697032449%3At%3A14%20%D0%B7%D0%B0%D0%B3%D0%B0%D0%B4%D0%BE%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9%2C%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D0%B3%D0%B0%D0%B4%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BF%D1%80%D0%B8%D1%88%D0%BB%D0%BE%D1%81%D1%8C%20%D0%BE%D0%B1%D1%80%D0%B0%D1%89%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20%D0%BA%20%D0%B7%D0%BD%D0%B0%D1%82%D0%BE%D0%BA%D0%B0%D0%BC%20%D0%B2%20%D1%81%D0%B5%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/47172399/1?wmode=7&page-url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A562%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1170401952676%3Ahid%3A699411896%3Az%3A120%3Ai%3A20231011155408%3Aet%3A1697032449%3Ac%3A1%3Arn%3A962404338%3Arqn%3A1%3Au%3A1697032449893659070%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A19%2C57%2C187%2C1%2C0%2C0%2C%2C687%2C14%2C%2C%2C%2C1165%3Aco%3A0%3Acpf%3A1%3Ans%3A1697032447649%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697032449%3At%3A14%20%D0%B7%D0%B0%D0%B3%D0%B0%D0%B4%D0%BE%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9%2C%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D0%B3%D0%B0%D0%B4%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BF%D1%80%D0%B8%D1%88%D0%BB%D0%BE%D1%81%D1%8C%20%D0%BE%D0%B1%D1%80%D0%B0%D1%89%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20%D0%BA%20%D0%B7%D0%BD%D0%B0%D1%82%D0%BE%D0%BA%D0%B0%D0%BC%20%D0%B2%20%D1%81%D0%B5%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 76

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10153.90gCsAy7Mi9FY6kEMok3-fKBs5RhV0_hnrm5pvep9wLo0xBLi9X1lQJ0ozm3tKNh.saZEw01j9Oy6vuy2u77Jb2Pz_10%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10153.CL-qHTkiDgz0xfgbfMeIwpbj_f3EEi5sYRc5mMofzQTwdRXM-8L4ovRly96suaIp-O52I7dii6fn5vHCaO6hZCCz0Beb8CA-ZW0RuIStjLQ%2C.ISMtSuEn-JuVbdWfjumWgjgP6B8%2C

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 95

https://googleads.g.doubleclick.net/pagead/adview?ai=CIuJ_AakmZevED9Hh6gT4y7WYAvKA6KBv-4K3wYQS9r2Ex7E6EAEg6ueoKWCRhKCFjBigAb_L5oUCyAECqAMByAPJBKoEyAJP0IVTOcfBzCeDOLFAA06mz117I-9Oahy2ofWjqJB4nKAxKmyqpwRhDpCEv6sovoJzr6qMOMENJHU0VULySy3BrX44QFRluFQu2kpkdw8bW6XtYife3mZ91yyD8L51JFWTSPPIpCrELabjCCqZllFNg0rUS_QBTemU8nxETzySZnOBFDRnlRpDbQeydhilkAo2nfYnEcPsCVKpAqtaT7WrblfC7h8jqHjc_aDI3VcMF9yLAzf3Z827QOAoVqXIbWTcH6JGcyvhyYBXu8gJFaqj-pIW6KALnGB_51GZbQ3Oc4MvEeTrT8p48-PX0h6_BPOz1jnwj8DCcSF1v62d1GJmXEQMe8ZwlX0WjqmcPytka4cGr5BzOLprA2JpeHHl8yqe7N3-5a6cciwDPSrPdJ0UDhemVAgp3ZNrstIaubY9XPc4bXJeJ_EiwATLp4iZvASIBfmkovUxkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_-8gbMCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQnrAE0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJqAFodHRwczovL3d3dy5jb3Rvc2VuLmNvbS9ob3Qtc2FsZS8_dHNwdT1TUDIzMDkxM1VCWTMsU1AyMTExMjNJNlFZLFNQMjMwOTAyVjZMOCxTUDIyMTAxMkRQTU8sU1AyMzA5MDRWODgwLFNQMjMwODI0OTZMUixTUDIyMDgyNjNDNE4sU1AyMTEwMjBPN05QLFNQMjMwOTIxNkxOMyxTUDIzMDkyMVBXSUyACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzM4NjMzODIxNzA4MDU0MRgA&sigh=qo0X5N-ShB0&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNXELn4PXAnWvYQBX7zC8kTUSCBzBOv33UqvJYmrIGVY5KqJhHpUWfJDC9RH8sUEBxXzR0_ZvvjxdSkq9FJxsU6ZFEIaKYZfEYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222771828243329182915%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22549037503%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211077612089410151009%22}&andc=true

Request Chain 100

https://googleads.g.doubleclick.net/pagead/adview?ai=Clw4UAakmZY-pFITA7wKE4qX4BfKA6KBvo4O3wYQS9r2Ex7E6EAEg6ueoKWCRhKCFjBigAb_L5oUCyAECqAMByAPJBKoEyAJP0F3XMlXBYgv8uxrSrsuLdhR-Me55tvhgcnHi3tWU-UTWrvl8ntq88Y2nOdnMiHvr0prCsVRAA0r5Wv956fBiwZEyNQn7cO5to3laGqfvGpJfPnT6Tzr_FBxPHfSYkJFsh229OQXipn4IhDGzi8itsPGiNyUCpRg3eWUZQeBozd-E0r5CRmop4ZtXxoMn5J8Ijk_rzvnGwByZwoeCotq_Er13bE5nqpX5WVbhgjoLSiucup0krDquaNtwwHSCdFCHBzJXIZnMCwVd4jUiwOwPWcoa8hMyuCLZyAxmOvSVGCtmz1lLpwEcZTXUS_px_FnzUkVIkVkSqZEoqoVf6weaSbMJ-c_8rPIY9wG97Oz8Lg6Ex89BQgTxPQLNDGmngXWi270QrRYvVRBimxmFXWLaOA2t_ccko4N3ky3hSb9yUVIgkanTO4IVwATLp4iZvASIBfmkovUxkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_-8gbMCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqrwC0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJqAFodHRwczovL3d3dy5jb3Rvc2VuLmNvbS9ob3Qtc2FsZS8_dHNwdT1TUDIzMDkxM1VCWTMsU1AyMTExMjNJNlFZLFNQMjMwOTAyVjZMOCxTUDIyMTAxMkRQTU8sU1AyMzA5MDRWODgwLFNQMjMwODI0OTZMUixTUDIyMDgyNjNDNE4sU1AyMTEwMjBPN05QLFNQMjMwOTIxNkxOMyxTUDIzMDkyMVBXSUyACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzM4NjMzODIxNzA4MDU0MRgA&sigh=7y7crub2_uE&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNjq6Blv0v4jJbsv0B9kqJrApOEhFEf621Y5UH35NIz6sEsCFeOfuzdD2DWlmjR-RTdTbH9j2B_wQz0Kkeb0s6sGU4_SZVdQQYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216744340787453569819%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22549037503%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212738368842781709473%22}&andc=true

110 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html Show response
do-slez.com/chto-eto-za-shtuka/ 50 KB
12 KB 263ms
187ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

36e4ef8ca8aa52d02c51e5f0fdcfee9630b072ad98b66d03ab56a8cbecbf3bb8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 814797de695db96e-AMS
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Wed, 11 Oct 2023 13:54:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Mon, 28 Aug 2023 07:39:07 +0300 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform: hostinger
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pv%2BsKZjCsxWNx3gAU1jBEF01WpqZwNcLTd9EB2%2Bhyq4JSxfRm9UtzKpPGODo4CAxBVSpQGNGbD9EE8N7sYoWFrm3%2F5Hb7DLuPl170LG%2FCHO3TOuhrnf4rpp6f0juEb7mPniWJ6AbRW5aKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 151ms
64ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-45378071-1

Requested by

Host: do-slez.com
URL: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52ffb2c145ac6acacc0a5ac6e3218582daff1c6a9b1cd4339a7d8c7966acaeed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51745
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 13:54:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 219ms
71ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,900;1,400;1,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

321decb300f37659814a1a02935d094f76af8e6cc311d2c0cfb8861851e54af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 13:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 13:54:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 13:54:08 GMT

GET
H2 200 materialize.min.css
do-slez.com/templates/time/css/ 137 KB
22 KB 41ms
40ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/css/materialize.min.css?ver=d19756eb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852375aeca7c5b42f11d236a4bd5111b4323e3936d95926aa5b8912219a75478

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:07 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125295
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"224dd-622a06f7-bec7897dcbe53334;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9R0gEqrSGaj8mqX3FZjuKg51A8fLvu8L50Cj1%2BSkkQXgKI3GWI9vBz2pNOurcnCf9NjWiEAGw%2F8Q1km2PqWVqrLTh20i3Bt%2BUtSFREYEsx6iqJQJL260BeXFdbf7a2eOerXhnlPkVGlrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797df9aaeb96e-AMS
expires: Tue, 17 Oct 2023 03:05:52 GMT

GET
H2 200 magnific-popup.min.css
do-slez.com/templates/time/css/ 6 KB
2 KB 39ms
37ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/css/magnific-popup.min.css?ver=9ecff1c7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

298988f96f76d6936ce3b0f971b366cc179cea66881fd3ee92643e50bfccc759

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:07 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 437038
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"184f-622a06f7-7d8794e44ed66756;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xw7JQD0hUcpRC%2FhQOHRXq%2BWIhdzJ9ev4f68YuDqss8C54Ue0NPZB1gYj0fNv0tEXIfoJumIc%2B%2F7HD%2BZIoLuCO6K1Ocmc1hm8iU9S7CaFk7r3UQQY%2BkROO2RlctkaifZYlrDJZYfK0x%2ByaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 814797df9aafb96e-AMS
expires: Fri, 13 Oct 2023 12:30:09 GMT

GET
H2 200 engine.css
do-slez.com/templates/time/css/ 62 KB
23 KB 42ms
41ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/css/engine.css?ver=2276332d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c00abfdade1e99140778a79616d3bb328dc9d9ec1af936ec2cb5cadfd7cd434

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:07 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 446892
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"f9ce-622a06f7-e11fd75a595b429b;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVK5ckfxJa9N4v4I0D17bpAmyrDcudWu%2FADi3j5PEFcTbvUejumDUz5BVmrVhjxlHx3yadmibJ8qU3W3RFenmYrLUQOHk1GaEiug9IYEq7zAvN3zSc3fGP6kYcOEtu8PUiy9ZMIMtkO3Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 814797df9ab1b96e-AMS
expires: Fri, 13 Oct 2023 09:45:55 GMT

GET
H2 200 social-likes_flat.css
do-slez.com/templates/time/css/ 4 KB
2 KB 43ms
42ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/css/social-likes_flat.css?ver=002d9b6b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

153365a4cb7ea98ba91cf2d13445accd64633ba05b91774827eaf422c445e11c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:07 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 593250
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"e9d-622a06f7-d5f53e56d8cd5d6a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5Q%2BDb7K1boMIyhfiUYebF5jytm16lNpr2504AX%2BxKBGO707IDvk12%2FNNd25opABTZH1urOiyzil0tr4gL%2F83IFLJplFIF2f21tFJQZYrEu8M2k%2B7%2BxwWVOnrPXBtQa%2FCj2fb%2BQIzbDg5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797df9ab2b96e-AMS
expires: Wed, 11 Oct 2023 17:06:37 GMT

GET
H2 200 style.css
do-slez.com/templates/time/css/ 63 KB
12 KB 44ms
43ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/css/style.css?ver=bbda205c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e3a134b9f3fc583c523b6ea90a83157b796bd875bbdd99e23d63d6071931ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:07 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329160
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 11:21:57 GMT
server: cloudflare
etag: W/"fd8a-62e908d5-305d6a71c6d22dd2;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFvKYaaMAfTO7pLiJPd6KefcMi638ijJbFlcce6l5%2Be32Bk2G6K4S%2BIORibDhpG%2FBRoQ9ZF3ST8BDvG4oQg%2BoPMPQwXXndni%2FiyzS2tTnrLsusslodFxn2sOGunA7gvbgjDiW91dGurrrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797dfaab3b96e-AMS
expires: Sat, 14 Oct 2023 18:28:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 468ms
77ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60a1160e62b2565f10fd6cacbeec9f342a71b9e18537b50c42596942e2471079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50878
x-xss-protection: 0
server: cafe
etag: 8073546839699538480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:54:08 GMT

GET
H3 200 fb.svg
do-slez.com/templates/time/images/ 1022 B
1 KB 120ms
96ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/fb.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

710745fe47c9ff5ad5112bc800b1bcf87bb030615dd0880b5aaf7dce52d22488

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 339066
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"3fe-622a06f7-4fab7c9bb76ea2fb;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWJPsZmwlgmVdNWtv31Di%2BYoIr8j0LDsjBhTtL2BOB%2BOe7ROb9KcigukciQEQX4m2ds0M2FKEvZBZBQzi%2Fa6KC5JMIrry4MU%2FMU%2B62updIWEqzS1KOEFNgjvVi%2FGLSgsvm6akRTKZcz82A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149851b06-AMS
expires: Sat, 14 Oct 2023 15:43:02 GMT

GET
H3 200 tg.png
do-slez.com/templates/time/images/ 3 KB
4 KB 386ms
361ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/tg.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08301c5407f042787ea73c4d45458720fb1c28f84d89223591ddba0ae2fa7ea2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510983
alt-svc: h3=":443"; ma=86400
content-length: 3062
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: "bf6-622a06f7-e438efadd9e43a49;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnzyDcPtYCmv2ur2p4manFDA0ieec%2B3HyMejl%2FVVxqF%2FYiBm5uFZS%2FrpTT1E70xZCIV0pj%2FxKjvKj8zmNGIEZeZDe3SLvAQm9yTMbhQ6QSdqYR0fvlKB0Xe2a9CX4MeXLd2T9Tvhv9p8UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149871b06-AMS
expires: Thu, 12 Oct 2023 15:57:45 GMT

GET
H3 200 tw.svg
do-slez.com/templates/time/images/ 2 KB
2 KB 385ms
362ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/tw.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c91d007b4c44170ad09d364947cb466238c13ceee417b9afe5a6da3dab96b4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31375
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"7ca-622a06f7-8d9b0001954b4190;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TAUyAxGCFm8x%2Fh2%2B5VsdMX%2FdB%2FbuVklSYLFRViSmtQdKtPWt3jm5a%2FCv1W3SEW%2B0xCiXlEVS3zLwgasNamUhA4iOhQ6y2jbOOQqmWX%2BmBGlXIg%2FeLcMIq6apl2TWISm4mAB5IBqo6JytA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149881b06-AMS
expires: Wed, 18 Oct 2023 05:11:13 GMT

GET
H3 200 logo.svg
do-slez.com/templates/time/images/ 8 KB
4 KB 386ms
363ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ade37f1522d7104aab8071099e623cbf8c5b907c7d68132ec4b7734b1480872

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29942
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"1e59-622a06f7-c1b036c3cf1856b3;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7T1kAQeblkLZdb0fw0sdpv13YHX5v2rqqVXtuRo7fRUwSuAwk20tkOrCEiavUtNnQ2LhpwDHFnz2nN79Oe2IO3P7qAaxNHOISoUPAP5uyaUtFjJ0BZUgadZIa4eEyzl7Cxo1tnPppXBLvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e1498a1b06-AMS
expires: Wed, 18 Oct 2023 05:35:06 GMT

GET
H3 200 vk.svg
do-slez.com/templates/time/images/ 2 KB
2 KB 386ms
363ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/vk.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e3f24be4a5fcfdaaba3a9c48bb3fa975c45573c689e98b50f2cd8ab7e47b71b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336186
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"860-622a06f7-9b9a235b29708d84;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsGPK%2BwHT0PIFRpaLn2%2B9Nrf%2FaKORsPoTFhpiMcbGk1zPPvWBxfT2a%2F72xZGIM%2Feafe1n652ykIH3AgFr%2BTDnZJTvy1C8fDrAdb%2BlEGMtza11V%2BSpm2BTlWHy961SXiaPei0RHnIpyYkng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e1498d1b06-AMS
expires: Sat, 14 Oct 2023 16:31:02 GMT

GET
H3 200 ok.svg
do-slez.com/templates/time/images/ 2 KB
2 KB 387ms
363ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/ok.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c1c4e5a4a45b2a2c02b1a5f9a12097b9f656c729b622770b065c8fbad39fb83

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 502762
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"84c-622a06f7-1eaf401dd9025d5e;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wiq8FzgaNpNMO%2FHyGI%2BmRPTzI1r8cfrXXzvh4WXx4vXEJmk0CaP%2FGHbhRNOdHWyvNLUWs825pNhU7SQQdbvtfpkdn4WOukkE2EvJ6DYodkMrEvSfTesaOBMNR%2Fn%2F8TSja2N2JT9%2Fcn%2BTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e1498e1b06-AMS
expires: Thu, 12 Oct 2023 18:14:46 GMT

GET
H3 200 search.svg
do-slez.com/templates/time/images/ 1 KB
1 KB 387ms
363ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/search.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c87fd5ed50dc415503bfe719137e2eb18e1e4e7ac784b4430babfa36f41a87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 320061
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"4ad-622a06f7-c33947b827fa1b7d;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoRRZq%2BZKTS%2FnT0h5UtyWnSqBMXgRji2%2BmrK06mjO4qQHJvNBOd%2ByE0QTGPM7idXsIVoP5NLynvaNDxVQgZp9BUtONV0qkg4knSrfBM%2FezPkjyoBkcltc4lK9U6pxYCoGAsPvwYCYIm5tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149921b06-AMS
expires: Sat, 14 Oct 2023 20:59:47 GMT

GET
H3 200 1645136859_1.jpg
do-slez.com/uploads/posts/2022-02/ 21 KB
21 KB 387ms
363ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/1645136859_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3419e37bb33df8e7768f01a05e217a8944ac7c9be0ea64c5ad4e5607de1f355

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196779
alt-svc: h3=":443"; ma=86400
content-length: 21180
last-modified: Thu, 10 Mar 2022 14:08:28 GMT
server: cloudflare
etag: "52bc-622a065c-fad51b2c3d49dfde;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjNBzwkda9PKRUMrZbhKCl4D77Tl4Wt7Tc7n6%2FzQ6zndI2tDMZONxCWHtOFT6vad5ylhw59XOqW0sw8sq81S52meJkACK5JFoF3QjjdMwdEdBk%2BsIn5Yz1kMYkJWUby%2Bg33vaLlNGvzTBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149961b06-AMS
expires: Mon, 16 Oct 2023 07:14:29 GMT

GET
H3 200 1645136859_2.jpg
do-slez.com/uploads/posts/2022-02/ 55 KB
55 KB 407ms
383ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/1645136859_2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

605ebeac6aa545a3a6ad3effa2bd659a1b159eadd487c4927138fafcf41499f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196779
alt-svc: h3=":443"; ma=86400
content-length: 55983
last-modified: Thu, 10 Mar 2022 14:08:25 GMT
server: cloudflare
etag: "daaf-622a0659-932da46c7c6009d0;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efFOPq6MoEDUn6wbJSMZmrzfaJcXO7AQVY2iBbJAPi2QW9sAU6tfWFmTRZrYJwINhqeUMamTF69%2Ff0rkT2u%2Bh%2FTQjSLoBcxxgpl8H4CZGXwnpEwJLbgVwZ3VAR7dwhAkY5MXYvBq%2BkxxGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149971b06-AMS
expires: Mon, 16 Oct 2023 07:14:29 GMT

GET
H3 200 1645136860_3.jpg
do-slez.com/uploads/posts/2022-02/ 25 KB
25 KB 411ms
387ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/1645136860_3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45f9b2efd474813afedb1435c1658a10d65bb6142bb76d5d055a643b0698073e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196779
alt-svc: h3=":443"; ma=86400
content-length: 25245
last-modified: Thu, 10 Mar 2022 14:08:29 GMT
server: cloudflare
etag: "629d-622a065d-b1fec7b582298ea2;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BFMfZ7BG1ZkrlcmFiFowZu4PM5YJXI%2FhNnAtLXNuG%2BB8zZPTtwA5bnxahvrFowVOjSgFKHXy%2Fn%2BpgDqpxrve2ZIAVsz316IRj%2FaXNfL9UC9dNOiDIywGNhJcP9%2BBMvnKeo8ypXImvQKKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149991b06-AMS
expires: Mon, 16 Oct 2023 07:14:29 GMT

GET
H3 200 1645136860_4.jpg
do-slez.com/uploads/posts/2022-02/ 41 KB
41 KB 432ms
408ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/1645136860_4.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

781d61330da219c29471ad9321bf0b546e87a9b45fee8e9b558f3e8729d18575

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196779
alt-svc: h3=":443"; ma=86400
content-length: 41665
last-modified: Thu, 10 Mar 2022 14:08:28 GMT
server: cloudflare
etag: "a2c1-622a065c-4043f521b1790df;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94KW%2BSU6DBIHLsHtaV6UhB7Vd9yTt1YN3i6QDNWOu4vE53ph2D4NeARk%2BbyzfLRpJofP4ftG0Ud35iSVE7qOEw1eznmSVDSChIQ9PQ%2FBimnewtFjB6hhumafiLy2OwwTelmI7wKZ%2BMnVYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e1499b1b06-AMS
expires: Mon, 16 Oct 2023 07:14:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 461ms
74ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3386338217080541

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4ab5f5e28b334a9be7b2c93d01606731914dfdc97845e22c4946a26ba36d76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://do-slez.com/
Origin: https://do-slez.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51161
x-xss-protection: 0
server: cafe
etag: 7580266948201079337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:54:08 GMT

GET
H3 200 1645136956_mycollages-56.jpg
do-slez.com/uploads/posts/2022-02/ 67 KB
67 KB 439ms
416ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/1645136956_mycollages-56.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d9227d69792096270907d7aa9c8ed18409b6f0a69d959cf250d903695a783f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196779
alt-svc: h3=":443"; ma=86400
content-length: 68204
last-modified: Thu, 10 Mar 2022 14:08:25 GMT
server: cloudflare
etag: "10a6c-622a0659-9b419f9b4b4137bb;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzQZApltrDkeShLHutx8HDht3D%2BK1ekQgpE%2B5UbXtOkCFLqw%2FciFtAs0s5Z9qQkYPyQ7D6JvHQs2JqIeVBm2KorZEl%2B4Gz8JEdeK89105GIhwqSB8f209OZM1nbe4wzT%2B%2FsDUfCAc92YKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e1499d1b06-AMS
expires: Mon, 16 Oct 2023 07:14:29 GMT

GET
H3 200 1645137033_screenshot_1.jpg
do-slez.com/uploads/posts/2022-02/ 52 KB
53 KB 442ms
417ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/1645137033_screenshot_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c18d18135f95675c579dc35c55c4e027c01fccc2c18956bfdbefb9d8ce5767

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196779
alt-svc: h3=":443"; ma=86400
content-length: 53551
last-modified: Thu, 10 Mar 2022 14:08:26 GMT
server: cloudflare
etag: "d12f-622a065a-98234ec84d5ca8ed;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FzT%2FH%2FJP%2FfuPI7Dlpw6BPb7NGazu5COlcEAAwItrfkcvWjXmukpECAqeCQO5pxRrl0%2BOA3xJdz3wSXapgtSpGkkbiQ0wedn6fxlarmLTnpKYbZC96f4oxq%2F7%2FguKjPCudY%2FzMteYpd52g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149a01b06-AMS
expires: Mon, 16 Oct 2023 07:14:29 GMT

GET
H3 200 1645136861_7.jpg
do-slez.com/uploads/posts/2022-02/ 69 KB
70 KB 453ms
429ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/1645136861_7.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0db7c14cf22ee4af9f33b0f18f0150493044698a9839fb184cbea264d0dd987

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196779
alt-svc: h3=":443"; ma=86400
content-length: 70595
last-modified: Thu, 10 Mar 2022 14:08:26 GMT
server: cloudflare
etag: "113c3-622a065a-ec44caf368e93806;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSr%2Fo41X6Xv43l%2Fw4fHg3jfbKZlELU6ywZ%2BQm%2Be5cBa9tZxVdhj2eKFia0qT56DdD3kqmaI69B0JRiM1HsVMF%2FGx0Hmt10JGY4%2F3LsGSHL16ilSH8aVJKp4422c2wf3xp7KPEZxS1%2BGlIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149a21b06-AMS
expires: Mon, 16 Oct 2023 07:14:29 GMT

GET
H3 200 8-4.jpg
do-slez.com/uploads/posts/2022-02/ 50 KB
51 KB 458ms
434ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/8-4.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa0bb7dc2edcc25f378154b4b66ecf51dec9e8bb1434967b39d1a0b38e10197

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 427151
alt-svc: h3=":443"; ma=86400
content-length: 51623
last-modified: Thu, 10 Mar 2022 14:08:28 GMT
server: cloudflare
etag: "c9a7-622a065c-bdcae7d9fc35882f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGCpSgCcc5O2gQJtSHBotFuXe7P5g%2FUZaTI5895ZcgylWiTtK6OY0vdJVIZQzHhJw2p8uLOb7p7o8PsE6tD5Y9NlprPvlODlAK8ytuhbixyVEJ3sJlise4GbO%2FEZatDrhogcuJPXqql8JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149a41b06-AMS
expires: Fri, 13 Oct 2023 15:14:57 GMT

GET
H3 200 1645136862_9.jpg
do-slez.com/uploads/posts/2022-02/ 62 KB
63 KB 467ms
443ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/1645136862_9.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd65db9815ba22bb81f32334c9d15efaf0b569012b8faefc0acb70a93d6fa989

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196779
alt-svc: h3=":443"; ma=86400
content-length: 63774
last-modified: Thu, 10 Mar 2022 14:08:27 GMT
server: cloudflare
etag: "f91e-622a065b-58412b480fd875fe;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWxqqSPJLL0Ja1sB8TVF0BFCQf0L9%2F651%2B9r9gT%2FYfhM5Kj6o0xbvWIXOFFb9YY66Imfim0R4kaGUDyIuDtGuR9cCOzJp08sc5AxQxXTCRM0ETEb8Dng8WOoQjrqlWF9L17BY5ZvFjUJjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149a61b06-AMS
expires: Mon, 16 Oct 2023 07:14:29 GMT

GET
H3 200 10-2.jpg
do-slez.com/uploads/posts/2022-02/ 40 KB
40 KB 468ms
444ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/10-2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78ec0bc4903432561a2a3f1c4f061246f9de609a2f74d2e3c5cd91d42943efab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 427150
alt-svc: h3=":443"; ma=86400
content-length: 40776
last-modified: Thu, 10 Mar 2022 14:08:26 GMT
server: cloudflare
etag: "9f48-622a065a-b019592263b67623;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfpy17MpmdoNv2KDVQADf62KO5dMvCfmQUx61UsKT1qDKwnglp7VOxHx2Iz4mhqzTU4HEd%2FKLmIo36J1%2Bt4mJeUQJXqzVXisrrNwj%2F9%2FddBNQGK31Lu6usJxzUXtDRzKdzZfoZFxUF0s1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149a71b06-AMS
expires: Fri, 13 Oct 2023 15:14:58 GMT

GET
H3 200 1645136862_11.jpg
do-slez.com/uploads/posts/2022-02/ 15 KB
15 KB 473ms
449ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/1645136862_11.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f63f08a5a598c12cdf13aa502699cd2f0530f23b60697e67bf1382a3967288c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196780
alt-svc: h3=":443"; ma=86400
content-length: 14987
last-modified: Thu, 10 Mar 2022 14:08:27 GMT
server: cloudflare
etag: "3a8b-622a065b-8d0727cdee88f79f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPz0U0wcvLjwGld3LqEOLnibcq6TrWLUMSArzZ%2FcjlZI0uUBVE0om4X1oJG8GxZQeDdWndl34V6WsvFAvTjQYsp1Of4VnPz%2BjVRIU%2FI70GLfqhKU3P14qLtscPUqEABLJatsNgtEQFX8AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149a81b06-AMS
expires: Mon, 16 Oct 2023 07:14:28 GMT

GET
H3 200 1645136862_12.jpg
do-slez.com/uploads/posts/2022-02/ 27 KB
28 KB 480ms
456ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/1645136862_12.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7bd896a70c56723e194191fa8b58aba64582f85c15e054c4df9746af269b416

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196779
alt-svc: h3=":443"; ma=86400
content-length: 27592
last-modified: Thu, 10 Mar 2022 14:08:25 GMT
server: cloudflare
etag: "6bc8-622a0659-bc81cfca26252083;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAmNFH8Q5%2F%2BKEV77iI8HW7K3Xph83gbDnqjoao%2FytkUN3jNI6Nbux7jrkL6M6HO0BIwWgR7cjDvfD6LEPbEze6uHi3H5xIsmzyXG%2B%2BXfqcoxtZ1KSyxM1ccv0%2BqkYlTxwjo%2BUzWcDE1dEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149a91b06-AMS
expires: Mon, 16 Oct 2023 07:14:29 GMT

GET
H3 200 13-1.jpg
do-slez.com/uploads/posts/2022-02/ 82 KB
83 KB 481ms
457ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/13-1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68ac4c8ce7e2552649de079539994a10612405568c5148a885729f8ce5c12276

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 427150
alt-svc: h3=":443"; ma=86400
content-length: 84220
last-modified: Thu, 10 Mar 2022 14:08:26 GMT
server: cloudflare
etag: "148fc-622a065a-24554a8217ff575f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Wjw6feb%2FNpxYIAZqU3zrBnt%2B4d1FsyzzYE7EEwfI35oZUH6pJ2A86T%2B5hhW1n9tN9fzbFak2ut7JQQbr6Fg0Op1kMHFqupwfnQgo%2Bxia2XlNZczAvH6Fct7POJYOL4qtxryWyFcJ%2BOjLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149ab1b06-AMS
expires: Fri, 13 Oct 2023 15:14:58 GMT

GET
H3 200 1645136863_14.jpg
do-slez.com/uploads/posts/2022-02/ 17 KB
17 KB 483ms
459ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/1645136863_14.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d08ba768715ee9f4ba8ac0e234dd2c10e896a11545d1c0b272406f1b0ff8ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196779
alt-svc: h3=":443"; ma=86400
content-length: 17054
last-modified: Thu, 10 Mar 2022 14:08:28 GMT
server: cloudflare
etag: "429e-622a065c-fbe6404e4d61e515;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWcIO8Ey9esLlho02QsFS0Do4VM8eV93NcSP0Vbe8q08jj2b%2FfSlYhHV6tXEE%2BHi0kLhigka0wXeUVeyKHjEVCUIg8D6aHYOph1x193TdWzccNektLsXBl2f8RYfy1gT8N1HXRBdcHX1dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149ac1b06-AMS
expires: Mon, 16 Oct 2023 07:14:29 GMT

GET
H3 200 viber.svg
do-slez.com/templates/time/images/ 3 KB
2 KB 483ms
459ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/viber.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d26d31ec6e043d76d2db81b0ac312abcda302a8b1a819f790e1cca5cb45549

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336186
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"c32-622a06f7-e1c647bf3c3e21be;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXuiHbFi7hA40klkCLSkxm9b0tLLzSCOOiW%2BDhtbHl16Eh6kjtXdQymQIIwC%2BndYLmzg5mF3TsUBShPmeXsxDP9Rqup7u4vR45JgOWdqK0%2Bc1GE6x4P1Mj3UOiFMEGQkqkF05IHZiGCjog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149ae1b06-AMS
expires: Sat, 14 Oct 2023 16:31:02 GMT

GET
H3 200 foto_8.jpg
do-slez.com/uploads/fotos/ 7 KB
8 KB 484ms
460ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/fotos/foto_8.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f34a58605bb0449ff37991066d37aabf495c5b06b58cdbfae32346556d2eb832

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 459972
alt-svc: h3=":443"; ma=86400
content-length: 7509
last-modified: Thu, 10 Mar 2022 14:06:15 GMT
server: cloudflare
etag: "1d55-622a05d7-91f3187a1f7199b7;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3x5Clp3cF3P1Bq5YxxwJp3tZb1z1PST7xCt4hFnhpyO2yCjs1WWNzKSNlwuqlOwGJFVIIX1G96FSLOEYea%2FgqKfvZxBrKBJVyWwCFgn%2B8fmiZOjcjrmiesfQ1gqQmDb4VHOSCtTdWChBDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149af1b06-AMS
expires: Fri, 13 Oct 2023 06:07:56 GMT

GET
H3 200 inst.svg
do-slez.com/templates/time/images/ 2 KB
1 KB 486ms
462ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/inst.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22155eb14464d7f9913d0a676e8feee4b6f573c7ceec35b788aed95c8242ecd0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 339066
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"6b5-622a06f7-2527cba1b3f696e5;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYTCZMxulLWVRjFWJVgLM1fUN3udplwSfKGQmdvCsNGghrQhfpANnVlYQiC935x7Y3Ph5noBAs4i6wTMpjqyqL6FwV%2F2WJytPSfAAl4Z1qiNLYQC%2BT6o7l4wnZVP28p7hSy05Sw5XOrV6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149b01b06-AMS
expires: Sat, 14 Oct 2023 15:43:02 GMT

GET
H3 200 pin.svg
do-slez.com/templates/time/images/ 2 KB
1 KB 487ms
463ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/pin.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cac16f7eba734856c24bfeec562a8495cf23d9b9ee6431f50767aa595fa2dfb8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 317877
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"658-622a06f7-b5d4f6659fd56620;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3I7dG1m0M6kYgBwvYYqUAkEnavcw96HrxLJo%2B7ttbhxZe0VI8JtW7%2Fb4EG8d8hSGCYX29hfdJ8kRQc%2Fk4pC4fqh7X6Rf2A%2FjmpfYl%2FidnGkdsXOKZLpcINRYTVm5DS8DcAqKXaw3G%2FuLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149b11b06-AMS
expires: Sat, 14 Oct 2023 21:36:11 GMT

GET
H3 200 vib.svg
do-slez.com/templates/time/images/ 3 KB
2 KB 487ms
463ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/vib.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5e171e43a1737a9e87be1c372da50c534e925a57ccede005bc3edcc3784e669

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 355343
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Aug 2022 13:31:43 GMT
server: cloudflare
etag: W/"afa-62f6563f-8120b57aa03b454;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDa1BX%2FVNMAeGzv8PyBZKc%2FjGu85zlAfdWfmJ%2BB6UfA7kWvVP2BQxtg4mD7sm5sfSbJahYTu6%2FQlAdZ0tursZsKwm1vUaxxg1TdDGctDhDuFEP6m8g%2BUZs7saVMsY4Pzv6U2jSmfwRek4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149b21b06-AMS
expires: Sat, 14 Oct 2023 11:11:45 GMT

GET
H3 200 rss.svg
do-slez.com/templates/time/images/ 1 KB
1 KB 487ms
463ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/rss.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abd4a8d3140f8afd2757a8332b8d4f2052e252efd5d62200f6f6a1c5478fb0fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 339064
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"5f0-622a06f7-345d836c806526a8;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USgZKRwDNJLe3%2FXbeyCi5GpKvILC6h%2B4FYfji6HW3uClVe3PcQwCOblp3RCb4hIMj9IMw%2B5crEe67ba9iqOoPf8WYwGQFTF66lLEJRW78enDGP9SBSlcfbhbED7JX5XZmv1t1WeA8R12tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149b31b06-AMS
expires: Sat, 14 Oct 2023 15:43:04 GMT

GET
H3 200 index.php
do-slez.com/engine/classes/min/ 3 KB
1 KB 394ms
393ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/engine/classes/min/index.php?f=engine/editor/css/default.css&v=a4409

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

84ac4668615a89556551d47504f98682ad26a78f14cd1cbdba10eddcaabee429

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:04 GMT
server: cloudflare
etag: W/"pub1646921464;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jcDFnvbqgZiT68VsNO1Aq7VcEhu4j82z8QZD73H4luCuzhYf9HFM9Mq93j17M4RbPEn26UKXGAZ%2FpLEwd3ujGj44czolXN9JFTbBB4oqiFGruIN3LQKa9vSKb3dpA%2FRFFaRKW2RLKEGew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e0e9121b06-AMS
expires: Thu, 10 Oct 2024 13:54:08 GMT

GET
H3 200 index.php Show response
do-slez.com/engine/classes/min/ 84 KB
31 KB 377ms
377ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/engine/classes/min/index.php?g=general&v=a4409

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:04 GMT
server: cloudflare
etag: W/"pub1646921464;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEq0DFiN0Sc1fKVQc1Lk%2B6Ge0FcNPM177Kzwo0jvTM7cMp%2B40Z2s6jxfPUPL0CEh3v2HE%2F%2FNVv4b9qkA1lTeWRVPO9onszjZlEwOGGT4iUwywgPP6NfZRKItOEX5Dfl3GK2pEfKgCuvX4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e0f9311b06-AMS
expires: Thu, 10 Oct 2024 13:54:08 GMT

GET
H3 200 index.php Show response
do-slez.com/engine/classes/min/ 132 KB
36 KB 487ms
464ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js&v=a4409

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

e54399938ecdd986a499f241beee20b0b5ef8dd88a98e5397f188db2d4d1c836

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:04 GMT
server: cloudflare
etag: W/"pub1646921464;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2mTteAUo9fR%2FPOH8NMja122P3peYAu%2BH%2BG8vUtmtSvylrbCVNxJ9nPGC2qfBYeEcibpfSCCkP4XR9r7W8C3pxCyvMrDWcTtYVtbb%2BDf89UFfNf9h2AOKFA9Aj2CiLTv57cye6IxAMbLvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149b41b06-AMS
expires: Thu, 10 Oct 2024 13:54:08 GMT

GET
H3 200 materialize.min.js Show response
do-slez.com/templates/time/js/ 162 KB
51 KB 46ms
45ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/js/materialize.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de6aa04d48473607d7823af38cf39a5b4dc3750f61816f76040a732d11284680

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336186
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"287ee-622a06f7-c8de40aa74935869;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGJ5O3oLDGe%2BczRbblLw2%2BYCzVioxa4FLZmc1QoApdHZ2mscGEIgIriEmKuABTq%2FggXH01F5zaiSnyRAZmzWq7%2B6qdMfnK2xjJM09iKlWyX%2FFXh7jaE8yxPNr7m5Uy1wa2Q0UE2UAZwwkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e109381b06-AMS
expires: Sat, 14 Oct 2023 16:31:02 GMT

GET
H3 200 jquery.magnific-popup.min.js Show response
do-slez.com/templates/time/js/ 14 KB
6 KB 112ms
88ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/js/jquery.magnific-popup.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fdad3adde6fdceecacd9caa54610a8302e9c6a8147e1702eb59106ed1d94732

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 129828
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"3987-622a06f7-a75c3e60b8a73522;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVVSkI%2Be5hfY2Zs9vfpQzpRuyaH3y3eleoTYu2yKZUeIkhsowh1eMHq6bNRSCvSyEcnaKLidsbd3BGp5IDMEy9ePiHv1x6rxWAzVclfb2K2zx5GcdiXhQHsyIx6tlBlXdCOHSiipQTpw0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149791b06-AMS
expires: Tue, 17 Oct 2023 01:50:20 GMT

GET
H3 200 jquery.validate.pack.min.js Show response
do-slez.com/templates/time/js/ 20 KB
7 KB 113ms
88ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/js/jquery.validate.pack.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3df0d46956ded454ab3b9ffc9a0b3957ad7570e9a91b6bf3c5865ddfa52aae59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341988
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"51ad-622a06f7-a554f04b0c4b7f57;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoMeKdqxNJC%2FK1XFeUnQSZ2ZpUt98Dw7g0haKCqaAtbzuPOAm%2BE6fJiasGNmILZOjlG5buRIBtZTyVtbiM9ayBfynN0HmjLY1U6RG%2B7UqJjhaTkl5vYqSUbYT7vPzi5QswyA4LZEKlFSYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e1497a1b06-AMS
expires: Sat, 14 Oct 2023 14:54:20 GMT

GET
H3 200 jquery-ias.min.js Show response
do-slez.com/templates/time/js/ 17 KB
7 KB 113ms
89ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/js/jquery-ias.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd8b144555962e1a99e8148de9d4a5927b4d7345031dad871b7d5ac4de58814f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 326401
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"44d2-622a06f7-6900637f846868a5;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtkpMAxZaSK37UrhsVlQ1XLgVMvYJaJq7kjSAzTsQUXP7VCjJH3ekLKd5c21fQDhqjbvxs60kCVBqGUBO9TB%2F4fdyH0lDhzVhSu%2Fbg114qnugF9FKcz14U8PA0OH0RdqFYxxXVcp%2BBkywg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e1497b1b06-AMS
expires: Sat, 14 Oct 2023 19:14:07 GMT

GET
H3 200 social-likes.min.js Show response
do-slez.com/templates/time/js/ 15 KB
6 KB 119ms
95ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/js/social-likes.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de055e8c6090bbae29a777c2d42b81a3aef5dd8eacba6ba307a320aa40f26534

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410912
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"3d58-622a06f7-e9041c033f4e0c52;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcdBUgXvRsNklJowM609zCe353J0K5lq%2Bnn5rIVWeEUlc84nNYKSvp9dlMfxazlt8IQjRJ%2BQW3nXL%2FyLIqlZZrmmx%2FaSnuCXxfqh1v0rJdt1ev6YmE3HYE7UtfKyvay%2B4%2Bh6BA%2FROIz40Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e1497c1b06-AMS
expires: Fri, 13 Oct 2023 19:45:36 GMT

GET
H3 200 appear.min.js Show response
do-slez.com/templates/time/js/ 934 B
1 KB 120ms
95ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/js/appear.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8456bb8a5451e665b77ee4deb3c693adb6f5b431bb8260787f118da7829fc37f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 315136
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"3a6-622a06f7-972303ecf91d9739;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Blqt5SCYVX9GjZdL6YbC38wfDBSj%2BpJaAX0AJ8tPX6USzMiq1O6lDz3DvnpkFtzlyFPSx4XjfCHIiFpoqhzhj%2BFmhGHeRUj9b%2B9GxJ7nqSykXex5d3IxEYNAm4atin9bwMZNNiJUwVrTNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e1497f1b06-AMS
expires: Sat, 14 Oct 2023 22:21:52 GMT

GET
H3 200 init.js Show response
do-slez.com/templates/time/js/ 11 KB
4 KB 379ms
354ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/js/init.js?v=1697032447

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6db83951e80ffaa3042471b421b145d08a0150d677d35b6712fba73775afc346

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 Feb 2023 22:31:46 GMT
server: cloudflare
etag: W/"2d6b-63ed5d52-3d239913d44a27db;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c320ivjMX13bmCgHSlggvRmHmYOqdRka6VylJAIrR%2FLqoIHka577mUyJPZXbj%2BW51X2BiBymWzFtXvNgeK3mY7gJm9Rf%2BLVHi5iauGauiHyt%2BXyW49PiDTsNUBctPD2tW%2Bf%2BPCoKC7Rydg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149811b06-AMS
expires: Wed, 18 Oct 2023 13:54:08 GMT

GET
H3 200 endless_scroll.js Show response
do-slez.com/templates/time/js/ 2 KB
1 KB 120ms
95ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://do-slez.com/templates/time/js/endless_scroll.js?v=1.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbe1109fa65523f28bec21002eab9078702f096021bb7e5b4d5df970c490dde9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336186
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 14:11:03 GMT
server: cloudflare
etag: W/"655-622a06f7-162016fce038c54d;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wf15N5SjOayp%2BuXiU1Bt2PknYAVB5m8zDoMpQfbeT5qcselLFxdRw3Dwnebh%2FEXeInbZrpRcFL2WZi4rbJOWF%2BLuZx2CWNjv9M%2Fx5ou%2BV7ylLNXnaJInUlGqegmrbY7RQu0DRgSS4xYRPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149821b06-AMS
expires: Sat, 14 Oct 2023 16:31:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
88 KB 347ms
323ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F3E5EFFVRJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45378071-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91de3cd38d58e0d5c01335eede66b95567ee4e8f3d93587811aae1af9eba3690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 13:54:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 488ms
52ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45378071-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 13:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 155
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 11 Oct 2023 15:51:33 GMT

GET
H3 200 mycollages-56.jpg
do-slez.com/uploads/posts/2022-02/ 28 KB
28 KB 480ms
466ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2022-02/mycollages-56.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67fde9ceb33654e80046c3be7b5dacd1fde01d3975ec4fcde0925b55d75fddc5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 333797
alt-svc: h3=":443"; ma=86400
content-length: 28160
last-modified: Thu, 10 Mar 2022 14:08:28 GMT
server: cloudflare
etag: "6e00-622a065c-2a6d87d0d1548b37;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeM4G7Tsl76tZjGB8iuibyI6yxlTrowbc4u%2FW89kgXwD4h4m4p2lL4rAr8oIUXTFk79ONfsMZbEg5x8rpgsbn3RCD0sFzGAyDENiLALX1LKCDZYFBZ6FooLE7%2FyuVoGYE1yMQ23BcX1W%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149b61b06-AMS
expires: Sat, 14 Oct 2023 17:10:51 GMT

GET
DATA 200
OK truncated
/ 643 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab71c2c714baf0395f1a7cc08c6a48210be19f39b3875037b9915473daf095c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 tg.svg
do-slez.com/templates/time/images/ 680 B
1008 B 481ms
467ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/templates/time/images/tg.svg

Requested by

Host: do-slez.com
URL: https://do-slez.com/templates/time/css/style.css?ver=bbda205c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f261614df9e022baf70563434866654c3c6d0960a16e4dcad9594435f2dd4af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/templates/time/css/style.css?ver=bbda205c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 327490
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 09:39:45 GMT
server: cloudflare
etag: W/"2a8-62c2b561-5c208b0bcf4d8519;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7k08cK8cykyofcrPDSSRf8QLG6ywScx2L8mUtBrF8P0hhnZ4J1gPn2n9jYHgelX1MrGG5zDewid3uQEAcOypk10WjbOaRHfDsLieLGOJFykxuAMfXkkwFuO7l105bmDazIzHX1X9RQY7Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 814797e149b71b06-AMS
expires: Sat, 14 Oct 2023 18:55:58 GMT

GET
H3 200 mycollages-4-1.jpg
do-slez.com/uploads/posts/2023-06/ 68 KB
69 KB 481ms
468ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2023-06/mycollages-4-1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5835dacdef244d460a5516b3d9ea143bb1caec3ea253c3f5e222d23ea5d41eb9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 338412
alt-svc: h3=":443"; ma=86400
content-length: 70000
last-modified: Sat, 10 Jun 2023 15:58:42 GMT
server: cloudflare
etag: "11170-64849db2-80f0a1318b550ef9;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2BmYdMWsbRx8PoKdq5ms%2FKHaohwqfuUYrQvap2Z2dJqN0OhoQrva7H3nnRq5tbdy6L7x4MiqM9d4KtOhhka8z9Pxd6TGM1hjXkZFRMpvTTe%2BlbY1Y5%2BCST8kNemBfk8Efc5tlQGrAdbBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149b91b06-AMS
expires: Sat, 14 Oct 2023 15:53:56 GMT

GET
H3 200 1693172382_mycollages-3.jpg
do-slez.com/uploads/posts/2023-08/ 61 KB
62 KB 483ms
469ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://do-slez.com/uploads/posts/2023-08/1693172382_mycollages-3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

332636cfedd61b76b588c4c73f008af75d658c381df80822f52b892f383befce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/chto-eto-za-shtuka/14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html?fbclid=iwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 286653
alt-svc: h3=":443"; ma=86400
content-length: 62462
last-modified: Sun, 27 Aug 2023 21:39:42 GMT
server: cloudflare
etag: "f3fe-64ebc29e-59bfecee1ea9ee9d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kfBcDQwp27yIKOzmAxq%2FP2etGKi983uCRy2UpBMdOkHXpmDVRlEGGgEoNtAG1PMTZTD%2Fccki9HNZXDJK04NMUk8QIQERNg1CQP44HS93yQZoJyRYczq7NdN4Ixagc6Bwc77GGC9agu%2FgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 814797e149ba1b06-AMS
expires: Sun, 15 Oct 2023 06:16:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 423ms
61ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,900;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fdb12ceee3a402d3a54afe354552459dd3950e9c6dece06288e4cc0a7a7c060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://do-slez.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:31:20 GMT
x-content-type-options: nosniff
age: 242568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9700
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Oct 2024 18:31:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 440ms
79ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,900;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://do-slez.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 00:00:04 GMT
x-content-type-options: nosniff
age: 395644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 00:00:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 383ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,900;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://do-slez.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:12:51 GMT
x-content-type-options: nosniff
age: 510077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:12:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 454ms
103ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,900;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://do-slez.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 21:03:42 GMT
x-content-type-options: nosniff
age: 579026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 21:03:42 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 153 KB
55 KB 300ms
144ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0eca58343b0a77cab226a19050ce5e382de98bdba10d53d21e13d2190ab2e67f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:28:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651fef42-d890"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 55440
expires: Wed, 11 Oct 2023 14:54:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 103ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F3E5EFFVRJ&gtm=45je3a90&_p=1295412826&cid=1098213883.1697032449&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1697032448&sct=1&seg=0&dl=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&dt=14%20%D0%B7%D0%B0%D0%B3%D0%B0%D0%B4%D0%BE%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9%2C%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D0%B3%D0%B0%D0%B4%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BF%D1%80%D0%B8%D1%88%D0%BB%D0%BE%D1%81%D1%8C%20%D0%BE%D0%B1%D1%80%D0%B0%D1%89%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20%D0%BA%20%D0%B7%D0%BD%D0%B0%D1%82%D0%BE%D0%BA%D0%B0%D0%BC%20%D0%B2%20%D1%81%D0%B5%D1%82%D0%B8&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F3E5EFFVRJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 13:54:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://do-slez.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 389 KB
132 KB 112ms
111ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3386338217080541&plah=do-slez.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3386338217080541

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47131a93557c73c0e9463c2642c3f1c4dcdf9d2eb084837b20a0a7411f8f8b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135183
x-xss-protection: 0
server: cafe
etag: 1454368937846935018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:54:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 245D 10 KB
5 KB 119ms
32ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3386338217080541

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://do-slez.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 10411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 11:00:37 GMT
etag: 2603938475786422795
expires: Wed, 25 Oct 2023 11:00:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3386338217080541&_=1697032448542

Requested by

Host: do-slez.com
URL: https://do-slez.com/engine/classes/min/index.php?g=general&v=a4409

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c7ee94573392860dff638a70a11b4844e9cc69598b88e0e8b6e5b3b3a28528c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51164
x-xss-protection: 0
server: cafe
etag: 7559043248682324877
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:54:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 41ms
40ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1295412826&t=pageview&_s=1&dl=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&ul=en-us&de=UTF-8&dt=14%20%D0%B7%D0%B0%D0%B3%D0%B0%D0%B4%D0%BE%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9%2C%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D0%B3%D0%B0%D0%B4%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BF%D1%80%D0%B8%D1%88%D0%BB%D0%BE%D1%81%D1%8C%20%D0%BE%D0%B1%D1%80%D0%B0%D1%89%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20%D0%BA%20%D0%B7%D0%BD%D0%B0%D1%82%D0%BE%D0%BA%D0%B0%D0%BC%20%D0%B2%20%D1%81%D0%B5%D1%82%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1321811612&gjid=1448627920&cid=1098213883.1697032449&tid=UA-45378071-1&_gid=1949789625.1697032449&_r=1&gtm=457e3a90&jsscut=1&z=981188664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://do-slez.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 13:54:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://do-slez.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 111ms
33ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45378071-1&cid=1098213883.1697032449&jid=1321811612&gjid=1448627920&_gid=1949789625.1697032449&_u=YADAAUAAAAAAACAAI~&z=1805457125

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://do-slez.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 11 Oct 2023 13:54:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://do-slez.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10153.A_71Xfl5y8Gq0tjQLmtOGFR_ImBgxZXNOknraz5RzXwAI9jaQVSVXaRN125I0xkc.jpmEDJQZyt9I2FIWjjIS26rB18k%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10153.nW3r2Fr6EgdNyLZ1o-lrB8xUKUo6FFPTzlBLB-hfE_YzaWRYw6SBNWS_LQaNYpzSbQF1PSRhYKzjCOeeNnrorlvvCCLzk1kGxcaeYnw3T5U%2C.rkVPFLdlos1qGG8g61BWqrn3nMM%2C

43 B
67 B

80ms
79ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10153.nW3r2Fr6EgdNyLZ1o-lrB8xUKUo6FFPTzlBLB-hfE_YzaWRYw6SBNWS_LQaNYpzSbQF1PSRhYKzjCOeeNnrorlvvCCLzk1kGxcaeYnw3T5U%2C.rkVPFLdlos1qGG8g61BWqrn3nMM%2C

Requested by

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:09 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10153.nW3r2Fr6EgdNyLZ1o-lrB8xUKUo6FFPTzlBLB-hfE_YzaWRYw6SBNWS_LQaNYpzSbQF1PSRhYKzjCOeeNnrorlvvCCLzk1kGxcaeYnw3T5U%2C.rkVPFLdlos1qGG8g61BWqrn3nMM%2C
date: Wed, 11 Oct 2023 13:54:09 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
185 B 73ms
72ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:09 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:26:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651feecc-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 11 Oct 2023 14:54:09 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 129ms
58ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45378071-1&cid=1098213883.1697032449&jid=1321811612&_u=YADAAUAAAAAAACAAI~&z=884123155

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 13:54:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 133ms
62ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45378071-1&cid=1098213883.1697032449&jid=1321811612&_u=YADAAUAAAAAAACAAI~&z=884123155

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 13:54:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
602 B 122ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=do-slez.com&callback=_gfp_s_&client=ca-pub-3386338217080541

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3386338217080541&plah=do-slez.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4731416f6bffdc8b5cc13abe7ee428db0795e0ef8f2552f17f5e5d17e700724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1600 10 KB
5 KB 401ms
400ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&adk=1812271804&adf=3025194257&lmt=1697025249&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448766&bpp=4&bdt=850&idt=373&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7343662311951&frm=20&pv=2&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=393

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0466ea87e970e215b1df244fc192f537becc506cae5ee6381dc99c33102d73a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://do-slez.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4730
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:54:09 GMT
expires: Wed, 11 Oct 2023 13:54:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=nav&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 13:54:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C5E 718 B
580 B 182ms
181ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&h=250&slotname=1992930607&adk=4046878037&adf=2642811866&pi=t.ma~as.1992930607&w=300&lmt=1697025249&format=300x250&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448775&bpp=1&bdt=859&idt=405&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7343662311951&frm=20&pv=1&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1089&ady=1109&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=syOQs7iwuS&p=https%3A//do-slez.com&dtd=411

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba33fd0c97f24bfd158cd1b8ee21a22d02d4bc036466374075f00bca8da29930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://do-slez.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:54:09 GMT
expires: Wed, 11 Oct 2023 13:54:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A86 120 KB
41 KB 309ms
308ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&h=600&slotname=9734492914&adk=3277062574&adf=3138880375&pi=t.ma~as.9734492914&w=300&fwrn=4&fwrnh=100&lmt=1697025249&rafmt=1&format=300x600&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448775&bpp=1&bdt=860&idt=417&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7343662311951&frm=20&pv=1&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1089&ady=2074&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=1&fsb=1&xpc=AV4hOGHSTW&p=https%3A//do-slez.com&dtd=421

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e753fbad6e8bf929b5ff2f85155ee7ecfe32ae2cc3b5c50e9fb8e62a13e15a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://do-slez.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42262
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:54:09 GMT
expires: Wed, 11 Oct 2023 13:54:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5BE6 107 KB
39 KB 461ms
461ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&h=280&slotname=2201730159&adk=3267854903&adf=2233362210&pi=t.ma~as.2201730159&w=336&lmt=1697025249&format=336x280&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448819&bpp=2&bdt=904&idt=393&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600&nras=1&correlator=7343662311951&frm=20&pv=1&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=471&ady=841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&xpc=by6vbdxnOI&p=https%3A//do-slez.com&dtd=399

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca3d8a39e7f06951523703d2654927ca823553c45636a4bdaafe9fc8a5eec595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://do-slez.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39668
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:54:09 GMT
expires: Wed, 11 Oct 2023 13:54:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/47172399/
Redirect Chain

https://mc.yandex.com/watch/47172399?wmode=7&page-url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html...
https://mc.yandex.com/watch/47172399/1?wmode=7&page-url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.ht...

428 B
547 B

73ms
72ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/47172399/1?wmode=7&page-url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A562%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1170401952676%3Ahid%3A699411896%3Az%3A120%3Ai%3A20231011155408%3Aet%3A1697032449%3Ac%3A1%3Arn%3A962404338%3Arqn%3A1%3Au%3A1697032449893659070%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A19%2C57%2C187%2C1%2C0%2C0%2C%2C687%2C14%2C%2C%2C%2C1165%3Aco%3A0%3Acpf%3A1%3Ans%3A1697032447649%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697032449%3At%3A14%20%D0%B7%D0%B0%D0%B3%D0%B0%D0%B4%D0%BE%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9%2C%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D0%B3%D0%B0%D0%B4%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BF%D1%80%D0%B8%D1%88%D0%BB%D0%BE%D1%81%D1%8C%20%D0%BE%D0%B1%D1%80%D0%B0%D1%89%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20%D0%BA%20%D0%B7%D0%BD%D0%B0%D1%82%D0%BE%D0%BA%D0%B0%D0%BC%20%D0%B2%20%D1%81%D0%B5%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Requested by

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1341f6efaddf7a48018dbf0296fdba6b44dc012ebc9852e7a70d263516775fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 13:54:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 11-Oct-2023 13:54:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://do-slez.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Wed, 11-Oct-2023 13:54:09 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 13:54:09 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 11-Oct-2023 13:54:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/47172399/1?wmode=7&page-url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A562%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1170401952676%3Ahid%3A699411896%3Az%3A120%3Ai%3A20231011155408%3Aet%3A1697032449%3Ac%3A1%3Arn%3A962404338%3Arqn%3A1%3Au%3A1697032449893659070%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A19%2C57%2C187%2C1%2C0%2C0%2C%2C687%2C14%2C%2C%2C%2C1165%3Aco%3A0%3Acpf%3A1%3Ans%3A1697032447649%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697032449%3At%3A14%20%D0%B7%D0%B0%D0%B3%D0%B0%D0%B4%D0%BE%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9%2C%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D0%B3%D0%B0%D0%B4%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D1%85%20%D0%BF%D1%80%D0%B8%D1%88%D0%BB%D0%BE%D1%81%D1%8C%20%D0%BE%D0%B1%D1%80%D0%B0%D1%89%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20%D0%BA%20%D0%B7%D0%BD%D0%B0%D1%82%D0%BE%D0%BA%D0%B0%D0%BC%20%D0%B2%20%D1%81%D0%B5%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: https://do-slez.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 11-Oct-2023 13:54:09 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10153.90gCsAy7Mi9FY6kEMok3-fKBs5RhV0_hnrm5pvep9wLo0xBLi9X1lQJ0ozm3tKNh.saZEw01j9Oy6vuy2u77Jb2Pz_10%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10153.CL-qHTkiDgz0xfgbfMeIwpbj_f3EEi5sYRc5mMofzQTwdRXM-8L4ovRly96suaIp-O52I7dii6fn5vHCaO6hZCCz0Beb8CA-ZW0RuIStjLQ%2C.ISMtSuEn-JuVbdWfj...

43 B
79 B

72ms
72ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10153.CL-qHTkiDgz0xfgbfMeIwpbj_f3EEi5sYRc5mMofzQTwdRXM-8L4ovRly96suaIp-O52I7dii6fn5vHCaO6hZCCz0Beb8CA-ZW0RuIStjLQ%2C.ISMtSuEn-JuVbdWfjumWgjgP6B8%2C

Requested by

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:09 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10153.CL-qHTkiDgz0xfgbfMeIwpbj_f3EEi5sYRc5mMofzQTwdRXM-8L4ovRly96suaIp-O52I7dii6fn5vHCaO6hZCCz0Beb8CA-ZW0RuIStjLQ%2C.ISMtSuEn-JuVbdWfjumWgjgP6B8%2C
date: Wed, 11 Oct 2023 13:54:09 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 16580114920730824420
tpc.googlesyndication.com/daca_images/simgad/ Frame 6A86 75 KB
75 KB 244ms
77ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16580114920730824420

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&h=600&slotname=9734492914&adk=3277062574&adf=3138880375&pi=t.ma~as.9734492914&w=300&fwrn=4&fwrnh=100&lmt=1697025249&rafmt=1&format=300x600&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448775&bpp=1&bdt=860&idt=417&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7343662311951&frm=20&pv=1&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1089&ady=2074&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=1&fsb=1&xpc=AV4hOGHSTW&p=https%3A//do-slez.com&dtd=421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

923c462ff24f39cf0ab8f21ab33f25a535947a23968b116d8c738889a486cb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 02:18:43 GMT
x-content-type-options: nosniff
age: 300926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76515
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 22:43:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Oct 2024 02:18:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 6A86 23 KB
9 KB 197ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:36:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA4E 143 B
166 B 48ms
41ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&h=600&slotname=9734492914&adk=3277062574&adf=3138880375&pi=t.ma~as.9734492914&w=300&fwrn=4&fwrnh=100&lmt=1697025249&rafmt=1&format=300x600&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448775&bpp=1&bdt=860&idt=417&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7343662311951&frm=20&pv=1&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1089&ady=2074&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=1&fsb=1&xpc=AV4hOGHSTW&p=https%3A//do-slez.com&dtd=421
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6A86 3 KB
1 KB 202ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:25:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6A86 20 KB
9 KB 194ms
36ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A86 187 KB
59 KB 216ms
60ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:54:09 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6A86 36 KB
15 KB 224ms
68ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 10:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14932
x-xss-protection: 0
server: cafe
etag: 14442377342001293717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 10:47:16 GMT

GET
H2 200 2591701278358631768
tpc.googlesyndication.com/daca_images/simgad/ Frame 5BE6 34 KB
34 KB 120ms
119ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2591701278358631768

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&h=280&slotname=2201730159&adk=3267854903&adf=2233362210&pi=t.ma~as.2201730159&w=336&lmt=1697025249&format=336x280&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448819&bpp=2&bdt=904&idt=393&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600&nras=1&correlator=7343662311951&frm=20&pv=1&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=471&ady=841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&xpc=by6vbdxnOI&p=https%3A//do-slez.com&dtd=399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da461726c3c6e06a6a3bfbd4303de508e38a1398c38da72a92411c53005b9c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 23:24:15 GMT
x-content-type-options: nosniff
age: 311394
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34356
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 22:43:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Oct 2024 23:24:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 5BE6 23 KB
9 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5BE6 3 KB
1 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:25:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5BE6 20 KB
8 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BE6 187 KB
59 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:54:09 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5BE6 36 KB
15 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 10:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14932
x-xss-protection: 0
server: cafe
etag: 14442377342001293717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 10:47:16 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5387 143 B
166 B 34ms
33ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3386338217080541&output=html&h=280&slotname=2201730159&adk=3267854903&adf=2233362210&pi=t.ma~as.2201730159&w=336&lmt=1697025249&format=336x280&url=https%3A%2F%2Fdo-slez.com%2Fchto-eto-za-shtuka%2F14284-14-zagadochnyh-veschej-za-razgadkoj-kotoryh-prishlos-obraschatsja-k-znatokam-v-seti.html%3Ffbclid%3Diwar0ttaplg3--laafs1x6qafpdkgzbxjqteb5qcvahshy5ciex8ch7oehah4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697032448819&bpp=2&bdt=904&idt=393&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600&nras=1&correlator=7343662311951&frm=20&pv=1&ga_vid=1098213883.1697032449&ga_sid=1697032449&ga_hid=1295412826&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=471&ady=841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C44804783%2C44805098%2C44803793%2C44804939&oid=2&pvsid=2399950027083993&tmod=83517014&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&xpc=by6vbdxnOI&p=https%3A//do-slez.com&dtd=399
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame ED7C 247 B
871 B 148ms
41ms Document
text/html 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

76928403ef2f54cef813da1d5457c753c3d71a6f061c4f58aa1ac5d6636ada70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 205
content-security-policy-report-only: script-src 'nonce-DB8qLY5hTKA7xNSkGyDG8Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:54:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6A86 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c98135f03544dc47e678d62c9e172b9bcfb01eacbaa327846eae492d502ce0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA4E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
43ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:54:09 GMT
expires: Wed, 11 Oct 2023 13:54:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:54:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5387
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
48ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:54:09 GMT
expires: Wed, 11 Oct 2023 13:54:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:54:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6A86
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CIuJ_AakmZevED9Hh6gT4y7WYAvKA6KBv-4K3wYQS9r2Ex7E6EAEg6ueoKWCRhKCFjBigAb_L5oUCyAECqAMByAPJBKoEyAJP0IVTOcfBzCeDOLFAA06mz117I-9Oahy2ofWjqJB4nKAxKmy...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222771828243329182915%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%2...

0
0

219ms
95ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222771828243329182915%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22549037503%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211077612089410151009%22}&andc=true

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:10 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2771828243329182915","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["549037503"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"11077612089410151009"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 11 Oct 2023 13:54:10 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 11 Oct 2023 13:54:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2771828243329182915","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["549037503"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"11077612089410151009"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5BE6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 032d775218b47fd3ebf6e8c9e8d5fefd8ba76cb6666c470ac87d0334a39604ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe.html Show response
p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame ED7C 5 KB
2 KB 42ms
41ms Document
text/html 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

c03fc4e5bf45e547a1ef51a2771d3839e2b86d383ae224010c59e8b3d2968772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-0CC07S_ODduFUgwW7PQQxg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:54:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame E16D 37 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 537417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 08:37:12 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 248ms
93ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 13:54:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5BE6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Clw4UAakmZY-pFITA7wKE4qX4BfKA6KBvo4O3wYQS9r2Ex7E6EAEg6ueoKWCRhKCFjBigAb_L5oUCyAECqAMByAPJBKoEyAJP0F3XMlXBYgv8uxrSrsuLdhR-Me55tvhgcnHi3tWU-UTWrvl...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216744340787453569819%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%...

0
0

220ms
96ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216744340787453569819%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22549037503%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212738368842781709473%22}&andc=true

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:10 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16744340787453569819","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["549037503"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"12738368842781709473"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 11 Oct 2023 13:54:10 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 11 Oct 2023 13:54:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16744340787453569819","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["549037503"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"12738368842781709473"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 85ms
84ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd193336aef10419cb5f5113a530283114a25138f98e4e620f4211ab8bb8f017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12097
x-xss-protection: 0

GET
H3 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame A417 37 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 537418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 08:37:12 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 128ms
93ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 13:54:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 13:54:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3016 13 KB
5 KB 34ms
33ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://do-slez.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:25:02 GMT
expires: Thu, 10 Oct 2024 13:25:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9FA5 829 B
561 B 44ms
44ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

06270513b60a2c81aa3a687f854128f38bb13f81aa168796fff29cc8b10e6512

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_HIDYBYbTZipSmGkPlSxQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://do-slez.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_HIDYBYbTZipSmGkPlSxQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 13:54:10 GMT
expires: Wed, 11 Oct 2023 13:54:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3016 37 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 12:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 12:17:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9FA5 0
0 70ms
70ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=2399950027083993&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3016 0
10 B 33ms
32ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2uNmQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:54:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
69ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=2399950027083993&bg=!zc6lzoHNAAbjlzx0w5c7ADQBe5WfOFRbZD1cKtO0lFbyzHDJaxYEOJpD0VN_PqpqINNgddADr5YRCDienBCGqE4b_Xs1AgAAAEJSAAAAB2gBB5kCu3pR1juzygW2c7_D4AWA7M0hYCnU2AUGcnyMSu0Swdv_yln5rnS16Pq5cudrhjtq3MRj7CLOkevH2kyTLNjsYw6HwH3v-GSd_XOsWC9g7oZdK4f249e_0jydlfXvnwsG4Gr2g8BexPr-ZaKnomntpJEz8zqwNvoPWNMybQW0PjxX4C4wfi3Qs6-Oz5jg0YKfKExSm7ZqfiMwZfv4q0EyPAQSZNj_r-5Vj-ESpVPByDMBt7smsE8PxIWee77xZcMcvAaI6C6SkoogXRj_vrM6iNfxcspK60Sa6DAqbysyjXotQ-tSAbuRchNB8RBkyhS-LmM9RRqa6tAK69wyWrnAuKVqJwmYeA2ZBygFVD0YmXAmGdYPRcRUvtBSkVkFzAD4estMRD_v5VpZGP6nhs2uOSrqv2yQsICmM6R1FciTumDZsrZ3gvcbNyDc3nFiu1odxmuwx8Kh6fRe2g4--F-Vkt03JAy5C7XNLaskR0P72X0BrO1Iaf-3BG4ht0UANJNQbsHfGH1bnRTzvacqBJ4JM4xn_tXxU_UXIC5yjW-cVfKI1M2etr76eSQx8hB_ETf1Bs7OnGmE8ydOXlTWXsL1cnCvc8oFG77QfjhAgP5Nfz4k0KGH0rRlwRZbgL1dchP9z8eOKoBTu0a5ZHZj-O7NmmxvZJBvMG6aUMgJm-9Mm-0DdKwVVKvLYP67Th3fyOL-PdVvvJjF2t1EqxiAeDbkodEVbnsIgEzxNhqNGW_YdCRb8sbGMqT-PPaBiRiNjeu_PdCp5-QDWfHeVg6JD_k0qMNhyCpEr1nCWrmDRaM_5slT0xjpcVv5A8l7WIMm7cUhZZFV-0IO4QMzBrsfWdgLhbLUZnvvPij8RzMUJi_V7NtzE5ynwvW1pr8UicJ_n2Qy14tu0Pi0dD8UI7I81lZ2Hp7zVYfVybaUw9K5MQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://do-slez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5BE6 42 B
64 B 142ms
141ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSm5vAxlatzx2NDjyNsCGfbj1mc6mD3Lfu3bOir5J_mtFP1TLSQ84rwudDK4_Vpq2-RZQ6Ou4mVdc5rCD2zTIcRD_QcCYsZp5Eon6eFlOj0n8HpW4QurfbQ1pk1vXr7I5wSQA90mMqpi9C&sai=AMfl-YRW7ikIeSzVhTeSdngPPxWC8rMKOhc7mwgpmIUvpDYTSlHaoEaJEfdRw0yh9sCjS1s-rSBMPEkEveXveTUVziG-OrrflyIlrSbiXyfgBVmjCY-lU78_TTEqNvEyWya4xD36LNn47bVtWBm4rw&sig=Cg0ArKJSzAxaBU79x68bEAE&cid=CAQSTADICaaNjq6Blv0v4jJbsv0B9kqJrApOEhFEf621Y5UH35NIz6sEsCFeOfuzdD2DWlmjR-RTdTbH9j2B_wQz0Kkeb0s6sGU4_SZVdQQYAQ&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3267854903&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697032449219&rpt=699&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 13:54:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
do-slez.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 120e3558ffffa259b21ea280d18ae3d4
.do-slez.com/	1970-01-21 00:59:52	Name: _ga Value: GA1.2.1098213883.1697032449
.do-slez.com/	1970-01-20 15:25:18	Name: _gid Value: GA1.2.1949789625.1697032449
.do-slez.com/	1970-01-20 15:23:52	Name: _gat_gtag_UA_45378071_1 Value: 1
.do-slez.com/	1970-01-21 00:09:28	Name: _ym_uid Value: 1697032449893659070
.do-slez.com/	1970-01-21 00:09:28	Name: _ym_d Value: 1697032449
.do-slez.com/	1970-01-20 15:25:04	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 15:23:53	Name: sync_cookie_csrf Value: 2519415975fake
.mc.yandex.ru/	1970-01-20 15:23:53	Name: sync_cookie_csrf Value: 87356475fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 20360741697032449
.yandex.com/	1970-01-21 00:59:52	Name: i Value: 76l2lj38pb9Y784cuPNPaDAJnWRNVECslm9B3VzMJiTu0gHHFFMG229fGwxRQakeFGkyVjzPpJDEG1av+rHNhPtilOU=
.yandex.com/	1970-01-21 00:59:52	Name: yandexuid Value: 2535846291697032449
.yandex.com/	1970-01-21 00:09:28	Name: yuidss Value: 2535846291697032449
.yandex.com/	1970-01-21 00:09:28	Name: ymex Value: 1728568449.yrts.1697032449#1728568449.yrtsi.1697032449
.yandex.com/	1970-01-21 00:09:28	Name: bh Value: KgI/MA==
.do-slez.com/	1970-01-21 00:45:28	Name: __gads Value: ID=f96a70e3e945d971:T=1697032449:RT=1697032449:S=ALNI_Mb9GRVxgxCZl6YTYHojqYS1dGqJ8w
.do-slez.com/	1970-01-21 00:45:28	Name: __gpi Value: UID=00000c94cb9cc1a7:T=1697032449:RT=1697032449:S=ALNI_MYjT6twWSYgBcQZ09BAzxFf3ylH2w
.doubleclick.net/	1970-01-20 15:23:56	Name: DSID Value: NO_DATA
.do-slez.com/	1970-01-21 00:59:52	Name: _ga_F3E5EFFVRJ Value: GS1.1.1697032448.1.0.1697032449.0.0.0
.doubleclick.net/	1970-01-21 00:45:28	Name: IDE Value: AHWqTUneoWKDfSl43CHb7Ioi9sh98oJZkGopzX9BQBs8nDdZNt1OlLuzJQCuYclrqbM
.googleadservices.com/	1970-01-20 17:33:28	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

do-slez.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
p4-fjpv3eqmonypm-o3enksil2mxhf7dq-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
142.250.185.162
142.250.185.227
2001:4860:4802:32::36
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9c
2a02:6b8::1:119
2a06:98c1:3120::3
032d775218b47fd3ebf6e8c9e8d5fefd8ba76cb6666c470ac87d0334a39604ed
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
06270513b60a2c81aa3a687f854128f38bb13f81aa168796fff29cc8b10e6512
08301c5407f042787ea73c4d45458720fb1c28f84d89223591ddba0ae2fa7ea2
0aa0bb7dc2edcc25f378154b4b66ecf51dec9e8bb1434967b39d1a0b38e10197
0c7ee94573392860dff638a70a11b4844e9cc69598b88e0e8b6e5b3b3a28528c
0c98135f03544dc47e678d62c9e172b9bcfb01eacbaa327846eae492d502ce0e
0eca58343b0a77cab226a19050ce5e382de98bdba10d53d21e13d2190ab2e67f
0fdad3adde6fdceecacd9caa54610a8302e9c6a8147e1702eb59106ed1d94732
11d08ba768715ee9f4ba8ac0e234dd2c10e896a11545d1c0b272406f1b0ff8ab
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12d26d31ec6e043d76d2db81b0ac312abcda302a8b1a819f790e1cca5cb45549
1341f6efaddf7a48018dbf0296fdba6b44dc012ebc9852e7a70d263516775fdc
153365a4cb7ea98ba91cf2d13445accd64633ba05b91774827eaf422c445e11c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c00abfdade1e99140778a79616d3bb328dc9d9ec1af936ec2cb5cadfd7cd434
21c87fd5ed50dc415503bfe719137e2eb18e1e4e7ac784b4430babfa36f41a87
22155eb14464d7f9913d0a676e8feee4b6f573c7ceec35b788aed95c8242ecd0
298988f96f76d6936ce3b0f971b366cc179cea66881fd3ee92643e50bfccc759
2d9227d69792096270907d7aa9c8ed18409b6f0a69d959cf250d903695a783f9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321decb300f37659814a1a02935d094f76af8e6cc311d2c0cfb8861851e54af8
332636cfedd61b76b588c4c73f008af75d658c381df80822f52b892f383befce
36e4ef8ca8aa52d02c51e5f0fdcfee9630b072ad98b66d03ab56a8cbecbf3bb8
3df0d46956ded454ab3b9ffc9a0b3957ad7570e9a91b6bf3c5865ddfa52aae59
45f9b2efd474813afedb1435c1658a10d65bb6142bb76d5d055a643b0698073e
47131a93557c73c0e9463c2642c3f1c4dcdf9d2eb084837b20a0a7411f8f8b0f
48c18d18135f95675c579dc35c55c4e027c01fccc2c18956bfdbefb9d8ce5767
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4e3f24be4a5fcfdaaba3a9c48bb3fa975c45573c689e98b50f2cd8ab7e47b71b
4f261614df9e022baf70563434866654c3c6d0960a16e4dcad9594435f2dd4af
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
52ffb2c145ac6acacc0a5ac6e3218582daff1c6a9b1cd4339a7d8c7966acaeed
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5835dacdef244d460a5516b3d9ea143bb1caec3ea253c3f5e222d23ea5d41eb9
605ebeac6aa545a3a6ad3effa2bd659a1b159eadd487c4927138fafcf41499f6
60a1160e62b2565f10fd6cacbeec9f342a71b9e18537b50c42596942e2471079
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
67fde9ceb33654e80046c3be7b5dacd1fde01d3975ec4fcde0925b55d75fddc5
68ac4c8ce7e2552649de079539994a10612405568c5148a885729f8ce5c12276
6c1c4e5a4a45b2a2c02b1a5f9a12097b9f656c729b622770b065c8fbad39fb83
6c91d007b4c44170ad09d364947cb466238c13ceee417b9afe5a6da3dab96b4b
6db83951e80ffaa3042471b421b145d08a0150d677d35b6712fba73775afc346
710745fe47c9ff5ad5112bc800b1bcf87bb030615dd0880b5aaf7dce52d22488
76928403ef2f54cef813da1d5457c753c3d71a6f061c4f58aa1ac5d6636ada70
781d61330da219c29471ad9321bf0b546e87a9b45fee8e9b558f3e8729d18575
78ec0bc4903432561a2a3f1c4f061246f9de609a2f74d2e3c5cd91d42943efab
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8456bb8a5451e665b77ee4deb3c693adb6f5b431bb8260787f118da7829fc37f
84ac4668615a89556551d47504f98682ad26a78f14cd1cbdba10eddcaabee429
852375aeca7c5b42f11d236a4bd5111b4323e3936d95926aa5b8912219a75478
91de3cd38d58e0d5c01335eede66b95567ee4e8f3d93587811aae1af9eba3690
923c462ff24f39cf0ab8f21ab33f25a535947a23968b116d8c738889a486cb55
93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c
99e3a134b9f3fc583c523b6ea90a83157b796bd875bbdd99e23d63d6071931ef
9ade37f1522d7104aab8071099e623cbf8c5b907c7d68132ec4b7734b1480872
9f63f08a5a598c12cdf13aa502699cd2f0530f23b60697e67bf1382a3967288c
9fdb12ceee3a402d3a54afe354552459dd3950e9c6dece06288e4cc0a7a7c060
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
ab71c2c714baf0395f1a7cc08c6a48210be19f39b3875037b9915473daf095c5
abd4a8d3140f8afd2757a8332b8d4f2052e252efd5d62200f6f6a1c5478fb0fc
b3419e37bb33df8e7768f01a05e217a8944ac7c9be0ea64c5ad4e5607de1f355
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
ba33fd0c97f24bfd158cd1b8ee21a22d02d4bc036466374075f00bca8da29930
bd8b144555962e1a99e8148de9d4a5927b4d7345031dad871b7d5ac4de58814f
c03fc4e5bf45e547a1ef51a2771d3839e2b86d383ae224010c59e8b3d2968772
c7bd896a70c56723e194191fa8b58aba64582f85c15e054c4df9746af269b416
ca3d8a39e7f06951523703d2654927ca823553c45636a4bdaafe9fc8a5eec595
cac16f7eba734856c24bfeec562a8495cf23d9b9ee6431f50767aa595fa2dfb8
cbe1109fa65523f28bec21002eab9078702f096021bb7e5b4d5df970c490dde9
cd193336aef10419cb5f5113a530283114a25138f98e4e620f4211ab8bb8f017
d0466ea87e970e215b1df244fc192f537becc506cae5ee6381dc99c33102d73a
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
da461726c3c6e06a6a3bfbd4303de508e38a1398c38da72a92411c53005b9c6e
dd65db9815ba22bb81f32334c9d15efaf0b569012b8faefc0acb70a93d6fa989
de055e8c6090bbae29a777c2d42b81a3aef5dd8eacba6ba307a320aa40f26534
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6aa04d48473607d7823af38cf39a5b4dc3750f61816f76040a732d11284680
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4731416f6bffdc8b5cc13abe7ee428db0795e0ef8f2552f17f5e5d17e700724
e54399938ecdd986a499f241beee20b0b5ef8dd88a98e5397f188db2d4d1c836
e5e171e43a1737a9e87be1c372da50c534e925a57ccede005bc3edcc3784e669
e753fbad6e8bf929b5ff2f85155ee7ecfe32ae2cc3b5c50e9fb8e62a13e15a3d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0db7c14cf22ee4af9f33b0f18f0150493044698a9839fb184cbea264d0dd987
f34a58605bb0449ff37991066d37aabf495c5b06b58cdbfae32346556d2eb832
f4ab5f5e28b334a9be7b2c93d01606731914dfdc97845e22c4946a26ba36d76f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

do-slez.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

110 Requests

95 %HTTPS

88 %IPv6

13 Domains

18 Subdomains

18 IPs

4 Countries

2051 kBTransfer

4139 kBSize

21 Cookies

10 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

do-slez.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

95 %
HTTPS

88 %
IPv6

13
Domains

18
Subdomains

18
IPs

4
Countries

2051 kB
Transfer

4139 kB
Size

21
Cookies

110 HTTP transactions
3 data transactions