pastebin.pl Open in urlscan Pro
185.157.81.233  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOGlXUYDintaDilAvjmlTg&google_cver=1

Request Chain 88

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGeb8H100QCYS4A8PdBqOQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1

Request Chain 89

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEO8EDtPjKa77wYyOl7DmwSc&google_cver=1

Request Chain 90

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D

Request Chain 91

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1

Request Chain 92

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGeb8H100QCYS4A8PdBqOQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1

Request Chain 93

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEP-CSnhiT5fbRt_xuHGzvbM&google_cver=1

Request Chain 94

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D

Request Chain 96

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 111

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 20b438ed Show response pastebin.pl/view/	51 KB 12 KB	562ms 243ms	Document text/html	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Full URL https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash abcd04d677a9d3b33e2532cc302f439badf3d15883a1adfc25b39f43217d18c5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 19 May 2023 15:55:23 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.3/	82 KB 30 KB	438ms 139ms	Script text/javascript	172.217.16.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f202.1e100.net Software sffe / Resource Hash 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 11:33:20 GMT content-encoding gzip x-content-type-options nosniff age 15724 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29707 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 18 May 2024 11:33:20 GMT
GET H2	200	16262479586fe652146aefffcee5e73b9d19256f5d.css pastebin.pl/static/asset/	122 KB 26 KB	184ms 184ms	Stylesheet text/css	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Full URL https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash 840bc887a55611080cdb939aa4badc289f1ed695d707c4e1d632143737c60fc1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/view/20b438ed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:24 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 14 Jul 2021 08:17:54 GMT server nginx etag W/"60ee9db2-1e71d" vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Sun, 18 Jun 2023 15:55:24 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	137 KB 47 KB	477ms 192ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288 Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 51fed40a55326ed1a812dbef3a89424b9e9d103d0dadc3a02770e3c85127baca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ Origin https://pastebin.pl accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:25 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47428 x-xss-protection 0 server cafe etag 620019622746196512 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Fri, 19 May 2023 15:55:25 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	221 KB 78 KB	440ms 153ms	Script application/javascript	142.250.186.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-88PKPGCEBF Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f8.1e100.net Software Google Tag Manager / Resource Hash 2e769d488c0c7212bb2fbca7622579762e4ae69922ac0d0ac3687ffb3b0f5afc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79656 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 19 May 2023 15:55:25 GMT
GET H2	200	btc.png pastebin.pl/custom-images/	6 KB 6 KB	164ms 162ms	Image image/png	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastebin.pl/custom-images/btc.png Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash 6d14cf497310bee3d3a2d4f4cc09c63d6230da3cc9e2f30c5d6ba23b36aac7f6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/view/20b438ed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:24 GMT strict-transport-security max-age=31536000 last-modified Wed, 14 Jul 2021 07:32:37 GMT server nginx etag "60ee9315-171e" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 5918 expires Sun, 18 Jun 2023 15:55:24 GMT
GET H2	200	Facebook.png pastebin.pl/custom-images/flat_web_icon_set/color/	3 KB 4 KB	214ms 212ms	Image image/png	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastebin.pl/custom-images/flat_web_icon_set/color/Facebook.png Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash 89c5625aa0ecfeaa47ae9da990cda5ab80fe8088ab1cd55ee7394e870de5eafa Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/view/20b438ed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:24 GMT strict-transport-security max-age=31536000 last-modified Wed, 14 Jul 2021 07:32:37 GMT server nginx etag "60ee9315-d42" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3394 expires Sun, 18 Jun 2023 15:55:24 GMT
GET H2	200	Twitter.png pastebin.pl/custom-images/flat_web_icon_set/color/	4 KB 4 KB	216ms 214ms	Image image/png	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastebin.pl/custom-images/flat_web_icon_set/color/Twitter.png Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash 49c45399074a6af07b176d55bb85b3de42b2c2889bf9efa37310b4e71cf14f43 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/view/20b438ed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:24 GMT strict-transport-security max-age=31536000 last-modified Wed, 14 Jul 2021 07:32:37 GMT server nginx etag "60ee9315-e3c" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3644 expires Sun, 18 Jun 2023 15:55:24 GMT
GET H2	200	Google+.png pastebin.pl/custom-images/flat_web_icon_set/color/	4 KB 4 KB	222ms 220ms	Image image/png	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastebin.pl/custom-images/flat_web_icon_set/color/Google+.png Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash 1e7a8021a029a0b1b97d9df2c059ad4fe80ff8d9db9564c593bdde97df48f5ff Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/view/20b438ed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:24 GMT strict-transport-security max-age=31536000 last-modified Wed, 14 Jul 2021 07:32:37 GMT server nginx etag "60ee9315-f1d" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3869 expires Sun, 18 Jun 2023 15:55:24 GMT
GET H2	200	Tumblr.png pastebin.pl/custom-images/flat_web_icon_set/color/	3 KB 4 KB	229ms 228ms	Image image/png	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastebin.pl/custom-images/flat_web_icon_set/color/Tumblr.png Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash c285eb7872ade449e43574b5d1637d2e9973d0cc0c94b28630cd6c3b4ddef451 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/view/20b438ed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:24 GMT strict-transport-security max-age=31536000 last-modified Wed, 14 Jul 2021 07:32:37 GMT server nginx etag "60ee9315-d6f" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3439 expires Sun, 18 Jun 2023 15:55:24 GMT
GET H2	200	Reddit.png pastebin.pl/custom-images/flat_web_icon_set/color/	4 KB 4 KB	233ms 232ms	Image image/png	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastebin.pl/custom-images/flat_web_icon_set/color/Reddit.png Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash c3a49cc082ee48a3041a22f3112ffb3cbfe73c9e739efcebcfca7eaf6e01393c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/view/20b438ed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:24 GMT strict-transport-security max-age=31536000 last-modified Wed, 14 Jul 2021 07:32:37 GMT server nginx etag "60ee9315-f83" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3971 expires Sun, 18 Jun 2023 15:55:24 GMT
GET H2	200	Wordpress.png pastebin.pl/custom-images/flat_web_icon_set/color/	4 KB 4 KB	241ms 240ms	Image image/png	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastebin.pl/custom-images/flat_web_icon_set/color/Wordpress.png Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash 010bfbc6758a3fbed41c7a3aeadddb18d0df8b573cbf92a738c1f9a9e6c313f4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/view/20b438ed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:24 GMT strict-transport-security max-age=31536000 last-modified Wed, 14 Jul 2021 07:32:37 GMT server nginx etag "60ee9315-f84" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3972 expires Sun, 18 Jun 2023 15:55:24 GMT
GET H2	200	Email.png pastebin.pl/custom-images/flat_web_icon_set/color/	4 KB 4 KB	328ms 327ms	Image image/png	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastebin.pl/custom-images/flat_web_icon_set/color/Email.png Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash dec2d47a7e0bea7d7ff08fc9900b45fcd381c19ce7299512e1d363dc25a8f687 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/view/20b438ed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:24 GMT strict-transport-security max-age=31536000 last-modified Wed, 14 Jul 2021 07:32:37 GMT server nginx etag "60ee9315-e5c" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3676 expires Sun, 18 Jun 2023 15:55:24 GMT
GET H2	200	20b438ed pastebin.pl/view/qr/	382 B 648 B	328ms 327ms	Image image/png	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastebin.pl/view/qr/20b438ed Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash cdcabcc0174fe6a0f72d2ea30687f72b5592e2c7c99faf51962edf0a0d71f945 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/view/20b438ed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type image/png pragma no-cache date Fri, 19 May 2023 15:55:24 GMT cache-control no-store, no-cache, must-revalidate strict-transport-security max-age=31536000 server nginx expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 878 B	423ms 145ms	Script text/javascript	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f4.1e100.net Software GSE / Resource Hash ebb78fcddd1ce16b5147e76f0e6e70eef501a40a43c77190f93ccf6e2d880f74 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:24 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 558 x-xss-protection 1; mode=block expires Fri, 19 May 2023 15:55:24 GMT
GET H2	200	16262479587430a1044da8a37b18147203f4015289.js Show response pastebin.pl/static/asset/	207 KB 74 KB	181ms 180ms	Script application/javascript	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Full URL https://pastebin.pl/static/asset/16262479587430a1044da8a37b18147203f4015289.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash a84b47af6771a16e70ce39032dd82089965ea697822de088b651e52174461a6c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/view/20b438ed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:24 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 14 Jul 2021 16:37:27 GMT server nginx etag W/"60ef12c7-33dce" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Sun, 18 Jun 2023 15:55:24 GMT
GET H2	200	banner_soc.png pastebin.pl/themes/stikkedizr/images/	2 KB 3 KB	326ms 326ms	Image image/png	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pastebin.pl/themes/stikkedizr/images/banner_soc.png Requested by Host: pastebin.pl URL: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash de59078a2d00e0219c60ef1a78d52c51142efd21edf7c87e9a3e1367c8e44b8f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type image/png pragma no-cache date Fri, 19 May 2023 15:55:24 GMT cache-control no-store, no-cache, must-revalidate strict-transport-security max-age=31536000 server nginx expires Sun, 18 Jun 2023 15:55:24 GMT
GET H2	200	fontawesome-webfont.woff pastebin.pl/themes/stikkedizr/fonts/	43 KB 44 KB	363ms 363ms	Font application/font-woff	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Full URL https://pastebin.pl/themes/stikkedizr/fonts/fontawesome-webfont.woff?v=4.0.3 Requested by Host: pastebin.pl URL: https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://pastebin.pl/static/asset/16262479586fe652146aefffcee5e73b9d19256f5d.css Origin https://pastebin.pl accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type application/font-woff pragma no-cache date Fri, 19 May 2023 15:55:24 GMT cache-control no-store, no-cache, must-revalidate strict-transport-security max-age=31536000 server nginx expires Sat, 20 May 2023 15:55:24 GMT
GET H2	200	recaptcha__ka.js Show response www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/	443 KB 168 KB	426ms 140ms	Script text/javascript	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 2f9d4ed6cb64a77560860ca3735c9100246eb33d9064c232db2b76dd98cbe543 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ Origin https://pastebin.pl accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 17 May 2023 15:36:59 GMT content-encoding gzip x-content-type-options nosniff age 173906 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170954 x-xss-protection 0 last-modified Mon, 15 May 2023 04:00:52 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 16 May 2024 15:36:59 GMT
GET H2	200	text Show response pastebin.pl/main/get_cm_js/	0 327 B	167ms 167ms	XHR text/html	185.157.81.233 S-NET-AS
General Check archive.org Show headers Download Go to Full URL https://pastebin.pl/main/get_cm_js/text?_=1684511724983 Requested by Host: pastebin.pl URL: https://pastebin.pl/static/asset/16262479587430a1044da8a37b18147203f4015289.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.157.81.233 , Poland, ASN42927 (S-NET-AS, PL), Reverse DNS 185.157.81.233.in-addr.arpa Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://pastebin.pl/view/20b438ed X-Requested-With XMLHttpRequest accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:25 GMT strict-transport-security max-age=31536000 content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/	355 KB 120 KB	480ms 208ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 19ebd6e5b2bf240dbe3c63585bcc351a8544328ef916acbb981df1b2c0e61340 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:25 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 122654 x-xss-protection 0 server cafe etag 5666291242756027305 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 19 May 2023 15:55:25 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame A247	10 KB 5 KB	417ms 134ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2536515702233288 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 65232 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4540 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 18 May 2023 21:48:13 GMT etag 15057649708203361565 expires Thu, 01 Jun 2023 21:48:13 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect www.google-analytics.com/g/	0 251 B	432ms 145ms	Ping text/plain	142.250.185.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-88PKPGCEBF&gtm=45je35h0&_p=1424187311&cid=1402083713.1684511725&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684511725&sct=1&seg=0&dl=https%3A%2F%2Fpastebin.pl%2Fview%2F20b438ed&dt=How%20Landlords%20Electrical%20Certificate%20Was%20Able%20To%20B%20-%20Pastebin&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-88PKPGCEBF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pastebin.pl cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame ED29	51 KB 28 KB	160ms 158ms	Document text/html	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f4.1e100.net Software GSE / Resource Hash 590540a01a294fdc430f0aa7c5cb4784fc9e648fd9e5be00205a5f7bb9abab7a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-RFPBJGHoz61juK34Y89zpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pastebin.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 28604 content-security-policy script-src 'report-sample' 'nonce-RFPBJGHoz61juK34Y89zpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:55:25 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame ED29	55 KB 55 KB	415ms 138ms	Stylesheet text/css	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 14:30:16 GMT x-content-type-options nosniff age 5109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56403 x-xss-protection 0 last-modified Mon, 15 May 2023 04:00:52 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 18 May 2024 14:30:16 GMT
GET H3	200	recaptcha__ka.js Show response www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame ED29	443 KB 167 KB	583ms 306ms	Script text/javascript	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 2f9d4ed6cb64a77560860ca3735c9100246eb33d9064c232db2b76dd98cbe543 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 17 May 2023 15:36:59 GMT content-encoding gzip x-content-type-options nosniff age 173906 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170954 x-xss-protection 0 last-modified Mon, 15 May 2023 04:00:52 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 16 May 2024 15:36:59 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	389 B 601 B	985ms 147ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=pastebin.pl&callback=_gfp_s_&client=ca-pub-2536515702233288 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash 849508599f0fc50c8c2f3ea83dfd0ad60d4d926291de4de36b416f2490e0e0a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 249 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.ge/adsid/	107 B 531 B	971ms 143ms	Script application/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ge/adsid/integrator.js?domain=pastebin.pl Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:26 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	974ms 147ms	Script application/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=pastebin.pl Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:26 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	176ms 175ms	Image image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame BA33	514 KB 123 KB	1175ms 1174ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2536515702233288&output=html&adk=1812271804&adf=3025194257&lmt=1684511725&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fpastebin.pl%2Fview%2F20b438ed&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684511725262&bpp=4&bdt=1188&idt=709&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3418288181761&frm=20&pv=2&ga_vid=1402083713.1684511725&ga_sid=1684511726&ga_hid=1424187311&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44772268%2C44788442%2C44792089&oid=2&pvsid=4105589473415225&tmod=1528691172&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=738 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 6313049b648307bae6371dc404a43cf606f143f5e578cf326e907400bda0d2af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 126097 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:55:27 GMT expires Fri, 19 May 2023 15:55:27 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame ED29	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame ED29	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame ED29	2 KB 2 KB	138ms 138ms	Image image/png	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 13 May 2023 22:52:35 GMT x-content-type-options nosniff age 493371 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Sat, 20 May 2023 22:52:35 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame ED29	15 KB 16 KB	466ms 135ms	Font font/woff2	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 13 May 2023 22:24:03 GMT x-content-type-options nosniff age 495083 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 May 2024 22:24:03 GMT
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 0B02	7 KB 1 KB	150ms 149ms	Document text/html	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f4.1e100.net Software GSE / Resource Hash a0064836bbda6a4e2d10a5ec5eabdf1cf8463c799c43800886287bb28272c6ed Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-1ZNBXpOQSwLd-l6KiPKjeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pastebin.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1152 content-security-policy script-src 'report-sample' 'nonce-1ZNBXpOQSwLd-l6KiPKjeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:55:26 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame ED29	102 B 134 B	148ms 148ms	Other text/javascript	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f4.1e100.net Software GSE / Resource Hash b483843fd1e252191147929d28e5b1344f4c4b86306939a65775d72284e7e895 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at&co=aHR0cHM6Ly9wYXN0ZWJpbi5wbDo0NDM.&hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=normal&cb=e67y7jz2kbpz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 112 x-xss-protection 1; mode=block expires Fri, 19 May 2023 15:55:26 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame 0B02	55 KB 55 KB	140ms 139ms	Stylesheet text/css	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 14:30:16 GMT x-content-type-options nosniff age 5111 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56403 x-xss-protection 0 last-modified Mon, 15 May 2023 04:00:52 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 18 May 2024 14:30:16 GMT
GET H3	200	recaptcha__ka.js Show response www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame 0B02	443 KB 167 KB	159ms 158ms	Script text/javascript	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=ka&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6LfIMAcTAAAAAPke3mAt0nu12lRi_2AUJyWOV_at Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 2f9d4ed6cb64a77560860ca3735c9100246eb33d9064c232db2b76dd98cbe543 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 17 May 2023 15:36:59 GMT content-encoding gzip x-content-type-options nosniff age 173908 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170954 x-xss-protection 0 last-modified Mon, 15 May 2023 04:00:52 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 16 May 2024 15:36:59 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	189ms 188ms	XHR application/json	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 2eee13eff606a29a649997a6b60bcbd55270a650c13bd0f36d7e0058dc3da21a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:27 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11235 x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/	152 KB 51 KB	230ms 230ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 453195c3884df2dc8baf943fed648cf04d9ddb4776c6c24a311ca6df0641f53a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:27 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52640 x-xss-protection 0 server cafe etag 11988361686899660269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 19 May 2023 15:55:27 GMT
GET H2	200	ca-pub-2536515702233288 Show response fundingchoicesmessages.google.com/i/	132 KB 45 KB	446ms 163ms	Script application/javascript	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-2536515702233288?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash 64f737f1d65003f93c8cdb2aff80d21e5a997ab5ba1e2b0c3e8669ea9e4e8a4e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-qd18y6jQLX9JWYo719H6Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:27 GMT content-security-policy script-src 'report-sample' 'nonce-qd18y6jQLX9JWYo719H6Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	453ms 175ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 19 May 2023 15:55:27 GMT
GET H2	200	integrator.js Show response adservice.google.ge/adsid/	107 B 165 B	140ms 139ms	Script application/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ge/adsid/integrator.js?domain=pastebin.pl Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:28 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	146ms 146ms	Script application/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=pastebin.pl Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:28 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/ Frame 71D7	10 KB 4 KB	133ms 132ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 39367 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4540 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 04:59:21 GMT etag 15057649708203361565 expires Fri, 02 Jun 2023 04:59:21 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/ Frame C062	10 KB 4 KB	132ms 132ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 39367 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4540 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 04:59:21 GMT etag 15057649708203361565 expires Fri, 02 Jun 2023 04:59:21 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/ Frame 15E5	10 KB 4 KB	134ms 132ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 39367 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4540 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 04:59:21 GMT etag 15057649708203361565 expires Fri, 02 Jun 2023 04:59:21 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/ Frame 9B6D	10 KB 4 KB	143ms 142ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 39367 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4540 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 04:59:21 GMT etag 15057649708203361565 expires Fri, 02 Jun 2023 04:59:21 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	AGSKWxXTXdXm5nHc2lUxw7bu6Xh1U7geiqSL676feGreZ6cJMMHdPSNuzX2YmnSCaLAhTKU8Rf44fAxYh_7LwN9xZBU= Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	167ms 166ms	Script application/javascript	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXTXdXm5nHc2lUxw7bu6Xh1U7geiqSL676feGreZ6cJMMHdPSNuzX2YmnSCaLAhTKU8Rf44fAxYh_7LwN9xZBU=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0NTExNzI4LDQxMDAwMDAwXSwiNDJDODE4NEMtNEI3Ri00QjY3LThCQTMtQTU2RkJDQjlERTYxIixudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYXN0ZWJpbi5wbC92aWV3LzIwYjQzOGVkIixudWxsLFtbOCwiNDVCZ2dmZHpHaVUiXSxbOSwiZW4tVVMiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash 5dc908e246ff81addaeef2b8775abe06bf60e22ec7c7d709a56633f57f1624e3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-62WZJw5bATXatWrAWUVQug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:28 GMT content-security-policy script-src 'report-sample' 'nonce-62WZJw5bATXatWrAWUVQug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6500	13 KB 5 KB	136ms 133ms	Document text/html	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 2410 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:15:18 GMT expires Sat, 18 May 2024 15:15:18 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame CEA5	783 B 534 B	150ms 148ms	Document text/html	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f4.1e100.net Software GSE / Resource Hash fa3b8a3d24493d1c52e398a97e5435e52e674c0c68bdcd288102e9df5df9ee5f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ewTb6d3Um_6djELrQzTTGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pastebin.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-ewTb6d3Um_6djELrQzTTGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:55:28 GMT expires Fri, 19 May 2023 15:55:28 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	css2 fonts.googleapis.com/ Frame 71D7	4 KB 1 KB	427ms 144ms	Stylesheet text/css	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 19 May 2023 15:55:28 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 19 May 2023 15:12:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 19 May 2023 15:55:28 GMT
GET H3	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 71D7	205 B 229 B	139ms 138ms	Image image/png	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 09:32:06 GMT x-content-type-options nosniff age 23002 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 18 May 2024 09:32:06 GMT
GET H3	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 71D7	604 B 628 B	140ms 139ms	Image image/png	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:30:03 GMT x-content-type-options nosniff age 1525 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 18 May 2024 15:30:03 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 71D7	20 KB 8 KB	134ms 133ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 18 May 2023 17:35:55 GMT content-encoding br x-content-type-options nosniff age 80373 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8271 x-xss-protection 0 server cafe etag 10419244916965318868 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 01 Jun 2023 17:35:55 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame E7F2	624 B 246 B	177ms 174ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXHs5mUoOjUR9upgWFLz1E-ADOgowzyHB0eqlXcN0Ar34fFJ3C15TSD0G8TxxjTu-rO2kMQB_UaOq4hHVD-L9AaLy8mUA Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:55:28 GMT expires Fri, 19 May 2023 15:55:28 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 5ED4	22 KB 9 KB	139ms 139ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 13:34:09 GMT content-encoding br x-content-type-options nosniff age 8479 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8780 x-xss-protection 0 server cafe etag 16540081610679671253 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 13:34:09 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 5ED4	7 KB 3 KB	142ms 142ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp_fy2021.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 13:34:09 GMT content-encoding br x-content-type-options nosniff age 8479 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3047 x-xss-protection 0 server cafe etag 5552017188384030315 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 13:34:09 GMT
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 5ED4	41 KB 15 KB	134ms 133ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:39:45 GMT content-encoding gzip x-content-type-options nosniff age 18943 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 18 May 2024 10:39:45 GMT
GET H2	200	web.prestigeconstructions.cpv-dv.js Show response script.mfilterit.net/v3/i/client/ Frame 5ED4	30 KB 11 KB	477ms 159ms	Script application/javascript	13.225.78.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.mfilterit.net/v3/i/client/web.prestigeconstructions.cpv-dv.js?mfpackagename=web.prestigeconstructions.cpv&ADSTXTADSYSTEMDOMAIN=google.com&ADSXTPUBLISHERID=pub-2536515702233288&AUCTIONID=ABAjH0jI5vKOVQbvIobSYHwBb-oZ&BUNDLEID=&CAMPAIGNID=19998000137&CREATIVEID=485176633&EXCHANGEID=1&INSERTIONORDERID=1011520848&INVENTORYSOURCEEXTERNALID=&PUBLISHERID=1&SOURCEURL=https://pastebin.pl/view/20b438ed&SOURCEURLENC=https://pastebin.pl/view/20b438ed&UNIVERSALSITEID=38837122840&CACHEBUSTER=1684511726165178&CLICKURL=https://googleads.g.doubleclick.net/aclk?sa=L&ai=CSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&sig=AOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w&client=ca-pub-2536515702233288&adurl=https://wafs.mfilterit.net/rdct/%3Fmf_package_name%3Dweb.prestigeconstructions.cpv%26url%3Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%26mf1%3D%24%7BCACHEBUSTER%7D%26mf2%3D%24%7BCLICK_URL%7D%26mf3%3D%24%7BCREATIVE_ID%7D%26mf4%3D%24%7BCAMPAIGN_ID%7D%26mf5%3D%24%7BSOURCE_URL%7D%26mf6%3D%24%7BPUBLISHER_ID%7D%26gclid%3DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&CLICKURLENC=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&CLICKPOINTROLL=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&DCDBMTOKEN=AD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIiYjlv0qoAvz07oUCsALQqqriA0AB0gIqGAAiEwi6ubuY34H_AhU6gn8EHXlQC3EoATABOI7d3OujEUACSAFYiIEgELnqrOcB3Rp-rMMz58E8rcX6JY-BmQ&channel=dv360&IFDBM=${ifdyn:GDN}{ifpla:Shp123}{ifdbm:DiD} Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-41.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 95933f7fdf5212c6d9a8741415c85b0230473a00919e570c1e81306c2dfa0bab Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 00:56:30 GMT x-amz-version-id null content-encoding gzip last-modified Tue, 27 Sep 2022 10:03:28 GMT server AmazonS3 via 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 etag W/"3b4fae212dbd10d73230040e8d1d61f4" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript age 53939 x-amz-cf-id q3DcCMKm9vNpsxPVtbfJ0l0j2RlV_U9J3UTj4xtnDATzWZvN0XCTrQ==
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 5ED4	3 KB 1 KB	180ms 180ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:15:19 GMT content-encoding br x-content-type-options nosniff age 2409 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 15:15:19 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 5ED4	19 KB 8 KB	164ms 163ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:38:12 GMT content-encoding br x-content-type-options nosniff age 19036 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7953 x-xss-protection 0 server cafe etag 16153819885643670827 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 10:38:12 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 5ED4	170 KB 53 KB	456ms 145ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash 47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53893 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1684322484769956" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 19 May 2023 15:55:28 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5ED4	42 B 63 B	177ms 177ms	Image image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Di2Mk-AdKllqDNFSyy7AcIju749RvNc8-AyxTknWtdfCN5MTW-FliSvkMPJMEoW-4MyVzLaK9iiY7B7mRkvNxPoYNuAFoLVISerAj4YIuyQdhsFgo Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:28 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	12966773588449590959 s0.2mdn.net/simgad/ Frame 5ED4	101 KB 102 KB	427ms 138ms	Image image/jpeg	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/12966773588449590959 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software sffe / Resource Hash 2abd1a8b2340dc2d87eeab611512a28efa4111f1262841d013c04862ab8862f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 13 May 2023 13:04:46 GMT x-content-type-options nosniff age 528642 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 103708 x-xss-protection 0 last-modified Wed, 19 Apr 2023 06:59:12 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 May 2024 13:04:46 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 1CEC	624 B 246 B	173ms 172ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXB1zLyQPil6gIVKJsYTmj4EYWz9JIqGedG_NjGRdgVftRk0HJhzYQYLdCPKsjl-m2SkTIMm0AHipzgXOD4v46nJokNBA Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:55:28 GMT expires Fri, 19 May 2023 15:55:28 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	12966773588449590959 s0.2mdn.net/simgad/ Frame 4ED6	101 KB 101 KB	505ms 241ms	Image image/jpeg	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/12966773588449590959 Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software sffe / Resource Hash 2abd1a8b2340dc2d87eeab611512a28efa4111f1262841d013c04862ab8862f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 13 May 2023 13:04:46 GMT x-content-type-options nosniff age 528642 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 103708 x-xss-protection 0 last-modified Wed, 19 Apr 2023 06:59:12 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 12 May 2024 13:04:46 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 4ED6	22 KB 9 KB	138ms 138ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 13:34:09 GMT content-encoding br x-content-type-options nosniff age 8479 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8780 x-xss-protection 0 server cafe etag 16540081610679671253 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 13:34:09 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 4ED6	7 KB 3 KB	148ms 147ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp_fy2021.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 13:34:09 GMT content-encoding br x-content-type-options nosniff age 8479 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3047 x-xss-protection 0 server cafe etag 5552017188384030315 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 13:34:09 GMT
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 4ED6	41 KB 15 KB	153ms 152ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:39:45 GMT content-encoding gzip x-content-type-options nosniff age 18943 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 18 May 2024 10:39:45 GMT
GET H2	200	web.prestigeconstructions.cpv-dv.js Show response script.mfilterit.net/v3/i/client/ Frame 4ED6	30 KB 11 KB	503ms 216ms	Script application/javascript	13.225.78.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.mfilterit.net/v3/i/client/web.prestigeconstructions.cpv-dv.js?mfpackagename=web.prestigeconstructions.cpv&ADSTXTADSYSTEMDOMAIN=google.com&ADSXTPUBLISHERID=pub-2536515702233288&AUCTIONID=ABAjH0gq6Bk0XYYt2sawqlGIm7YS&BUNDLEID=&CAMPAIGNID=19998000137&CREATIVEID=485176633&EXCHANGEID=1&INSERTIONORDERID=1011520848&INVENTORYSOURCEEXTERNALID=&PUBLISHERID=1&SOURCEURL=https://pastebin.pl/view/20b438ed&SOURCEURLENC=https://pastebin.pl/view/20b438ed&UNIVERSALSITEID=38837122840&CACHEBUSTER=1684511726165179&CLICKURL=https://googleads.g.doubleclick.net/aclk?sa=L&ai=CdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&sig=AOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ&client=ca-pub-2536515702233288&adurl=https://wafs.mfilterit.net/rdct/%3Fmf_package_name%3Dweb.prestigeconstructions.cpv%26url%3Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%26mf1%3D%24%7BCACHEBUSTER%7D%26mf2%3D%24%7BCLICK_URL%7D%26mf3%3D%24%7BCREATIVE_ID%7D%26mf4%3D%24%7BCAMPAIGN_ID%7D%26mf5%3D%24%7BSOURCE_URL%7D%26mf6%3D%24%7BPUBLISHER_ID%7D%26gclid%3DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&CLICKURLENC=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&CLICKPOINTROLL=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&DCDBMTOKEN=AD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIiYjlv0qoAvz07oUCsALQqqriA0AB0gIqGAAiEwi7ubuY34H_AhU6gn8EHXlQC3EoATABOI7d3OujEUACSAFYiIEgELnqrOcBjyBlbmotR1d0P8XPKyLC5A&channel=dv360&IFDBM=${ifdyn:GDN}{ifpla:Shp123}{ifdbm:DiD} Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-41.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 95933f7fdf5212c6d9a8741415c85b0230473a00919e570c1e81306c2dfa0bab Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 00:56:30 GMT x-amz-version-id null content-encoding gzip last-modified Tue, 27 Sep 2022 10:03:28 GMT server AmazonS3 via 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 etag W/"3b4fae212dbd10d73230040e8d1d61f4" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript age 53939 x-amz-cf-id TAgVIYaXfzXdwrJfmX3Oy81QxMJliwARrS6W3PfhmmC-EVx9llvBWw==
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 4ED6	3 KB 1 KB	197ms 197ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:15:19 GMT content-encoding br x-content-type-options nosniff age 2409 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 15:15:19 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 4ED6	19 KB 8 KB	181ms 180ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:38:12 GMT content-encoding br x-content-type-options nosniff age 19036 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7953 x-xss-protection 0 server cafe etag 16153819885643670827 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 10:38:12 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4ED6	170 KB 53 KB	604ms 324ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash 47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53893 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1684322484769956" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 19 May 2023 15:55:28 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4ED6	42 B 63 B	178ms 178ms	Image image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKwn9UvQO6Q8SvNqhe9H0rpidk5BqkcK18DHgM9zugyhuCYMs_unNsWgPP0DbNktQPylmLqal8GRGNQqB5Yl32LsNP0tnECjUnb1-qkbFdjvQ9wyI Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:28 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 9B6D	0 0	178ms 178ms	Fetch text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C81Qz7ptnZLyKCrqE_tMP-aCtiAe50p6icP38v4eiEdrZHhABIPyvrpIBYI3y0gOgAaLD4KQDyAECqAMByAPJBKoE2gFP0BO6f3OPZ1SigafDiBn_6AwBxkgP26eBmzdUd-6yE4gddg02lbUE2uL-6J-2XE9zXRAjNfPsBGTJ4GO8v6dAdRfJ5IBdZu3Yl_QzBBAwpmDi9SZ7VmP2fB5f_fvwXKJpISlon57xAaoK7X-vXcT7VMvZeeHWGrmYN_23x4SQyVNZtieAymsVa_3TsbZfFIbMSvdEg7BaoAKYBbLx5f5OtK7EhFmIo1xVBL4GSwSBNNyWlZNE9ZwsqJGIfHYVwIh88NNSQU-fXo1OlQ4Qbwx-bLDhwMepAa7ymcAE5NTW3sgEkgUECAQYAZIFBAgFGASgBgKAB8a8n1uoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCc8BHSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNTM2NTE1NzAyMjMzMjg4GAA&sigh=LfM266nh394&uach_m=[UACH]&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 19 May 2023 15:55:28 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 19 May 2023 15:55:28 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 9B6D	22 KB 9 KB	187ms 187ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:38:13 GMT content-encoding br x-content-type-options nosniff age 19035 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8780 x-xss-protection 0 server cafe etag 16540081610679671253 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 10:38:13 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 3B62	143 B 166 B	137ms 136ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 214 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:51:54 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 9B6D	3 KB 1 KB	197ms 196ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:15:19 GMT content-encoding br x-content-type-options nosniff age 2409 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 15:15:19 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 9B6D	19 KB 8 KB	197ms 197ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:38:12 GMT content-encoding br x-content-type-options nosniff age 19036 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7953 x-xss-protection 0 server cafe etag 16153819885643670827 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 10:38:12 GMT
GET H2	200	13759818770648877927 tpc.googlesyndication.com/simgad/ Frame 9B6D	20 KB 20 KB	211ms 211ms	Image image/png	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/13759818770648877927?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql_BtQwkYL3CuDO6LTdSpL7uGoerA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software sffe / Resource Hash bc9504ff88dfe4b04208e2bcc993b57a94ce14a5d91ed3baf8f313894b6bfd63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:04:34 GMT x-content-type-options nosniff age 21054 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20126 x-xss-protection 0 last-modified Wed, 05 Oct 2022 14:03:31 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 18 May 2024 10:04:34 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 9B6D	170 KB 53 KB	553ms 292ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash 47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53893 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1684322484769956" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 19 May 2023 15:55:28 GMT
GET H2	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 9B6D	32 KB 13 KB	201ms 201ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 18 May 2023 17:35:24 GMT content-encoding br x-content-type-options nosniff age 80404 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13064 x-xss-protection 0 server cafe etag 484897097926465030 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 01 Jun 2023 17:35:24 GMT
GET H2	200	AGSKWxVMi6vVqLw-t_q8l3welvVt1Q-c2MYTfqZE3XA4zmA6XcOO8NE7PJmaN3nwdYAaJRW1rpuOQFc2jjSubzsCYXTSKaCfG0UtElXTdaJDwOw72dlozDul77wPXmDgJrCeiX2e-ENJWA== Show response fundingchoicesmessages.google.com/f/	13 KB 6 KB	177ms 175ms	Script application/javascript	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxVMi6vVqLw-t_q8l3welvVt1Q-c2MYTfqZE3XA4zmA6XcOO8NE7PJmaN3nwdYAaJRW1rpuOQFc2jjSubzsCYXTSKaCfG0UtElXTdaJDwOw72dlozDul77wPXmDgJrCeiX2e-ENJWA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0NTExNzI4LDI5MDAwMDAwMF0sIjQyQzgxODRDLTRCN0YtNEI2Ny04QkEzLUE1NkZCQ0I5REU2MSIsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMixudWxsLCJwbCJdLCJodHRwczovL3Bhc3RlYmluLnBsL3ZpZXcvMjBiNDM4ZWQiLG51bGwsW1s4LCI0NUJnZ2ZkekdpVSJdLFs5LCJlbi1VUyJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash 79e6ab21d1377aaff9ab5513da25b5ce92e7512e5bbfed7127a69684feabcc10 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-a0xUajO1_6n_AMdyMXmhcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:28 GMT content-security-policy script-src 'report-sample' 'nonce-a0xUajO1_6n_AMdyMXmhcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame CEA5	0 0	172ms 172ms	Image text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=4105589473415225&rc=null Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	200	08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response pagead2.googlesyndication.com/bg/ Frame 6500	37 KB 14 KB	139ms 138ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 06:58:39 GMT content-encoding br x-content-type-options nosniff age 32209 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14732 x-xss-protection 0 last-modified Mon, 08 May 2023 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 18 May 2024 06:58:39 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame B12D	22 KB 8 KB	141ms 141ms	Document text/html	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 31449 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 19 May 2023 07:11:19 GMT expires Sat, 18 May 2024 07:11:19 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E7F2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOGlXUYDintaDilAvjmlTg&google_cver=1	43 B 632 B	273ms 136ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOGlXUYDintaDilAvjmlTg&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXHs5mUoOjUR9upgWFLz1E-ADOgowzyHB0eqlXcN0Ar34fFJ3C15TSD0G8TxxjTu-rO2kMQB_UaOq4hHVD-L9AaLy8mUA Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 19 May 2023 15:55:29 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Fri, 19 May 2023 15:55:28 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEOGlXUYDintaDilAvjmlTg&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E7F2 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGeb8H100QCYS4A8PdBqOQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1	43 B 766 B	137ms 137ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXHs5mUoOjUR9upgWFLz1E-ADOgowzyHB0eqlXcN0Ar34fFJ3C15TSD0G8TxxjTu-rO2kMQB_UaOq4hHVD-L9AaLy8mUA Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 19 May 2023 15:55:30 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Fri, 19 May 2023 15:55:29 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame E7F2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEO8EDtPjKa77wYyOl7DmwSc&google_cver=1	43 B 1 KB	201ms 200ms	Image image/gif	37.252.171.149 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEO8EDtPjKa77wYyOl7DmwSc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXHs5mUoOjUR9upgWFLz1E-ADOgowzyHB0eqlXcN0Ar34fFJ3C15TSD0G8TxxjTu-rO2kMQB_UaOq4hHVD-L9AaLy8mUA Protocol HTTP/1.1 Server 37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 19 May 2023 15:55:29 GMT AN-X-Request-Uuid 3e7296e0-22af-46ec-994a-a13ca5616827 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 91.239.206.185; 91.239.206.185; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 19 May 2023 15:55:28 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEO8EDtPjKa77wYyOl7DmwSc&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame E7F2 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D	170 B 243 B	147ms 146ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXHs5mUoOjUR9upgWFLz1E-ADOgowzyHB0eqlXcN0Ar34fFJ3C15TSD0G8TxxjTu-rO2kMQB_UaOq4hHVD-L9AaLy8mUA Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:29 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 19 May 2023 15:55:29 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 91.239.206.185; 91.239.206.185; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 918452f6-a07a-4570-9c31-26ebd7e3997d Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 1CEC Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1	43 B 632 B	137ms 135ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXB1zLyQPil6gIVKJsYTmj4EYWz9JIqGedG_NjGRdgVftRk0HJhzYQYLdCPKsjl-m2SkTIMm0AHipzgXOD4v46nJokNBA Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 19 May 2023 15:55:29 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Fri, 19 May 2023 15:55:28 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 1CEC Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGeb8H100QCYS4A8PdBqOQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1	43 B 766 B	137ms 137ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXB1zLyQPil6gIVKJsYTmj4EYWz9JIqGedG_NjGRdgVftRk0HJhzYQYLdCPKsjl-m2SkTIMm0AHipzgXOD4v46nJokNBA Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 19 May 2023 15:55:30 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=496 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Fri, 19 May 2023 15:55:29 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPOkovh37z4FSx12lkXN3k&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 1CEC Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEP-CSnhiT5fbRt_xuHGzvbM&google_cver=1	43 B 1 KB	349ms 147ms	Image image/gif	37.252.171.149 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEP-CSnhiT5fbRt_xuHGzvbM&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXB1zLyQPil6gIVKJsYTmj4EYWz9JIqGedG_NjGRdgVftRk0HJhzYQYLdCPKsjl-m2SkTIMm0AHipzgXOD4v46nJokNBA Protocol HTTP/1.1 Server 37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 19 May 2023 15:55:29 GMT AN-X-Request-Uuid 25be5697-9dd9-4a9b-86dc-4ba7652396b6 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 91.239.206.185; 91.239.206.185; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 19 May 2023 15:55:28 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEP-CSnhiT5fbRt_xuHGzvbM&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 1CEC Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D	170 B 232 B	145ms 145ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIufNRD89O6FAhi56qznATAB&v=APEucNXB1zLyQPil6gIVKJsYTmj4EYWz9JIqGedG_NjGRdgVftRk0HJhzYQYLdCPKsjl-m2SkTIMm0AHipzgXOD4v46nJokNBA Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:29 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 19 May 2023 15:55:29 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 91.239.206.185; 91.239.206.185; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 3f6a6785-dbec-419e-a7bd-08b747ba2849 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ1ODY1NzE5MTQ3MjYwNTI0OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame EB36	22 KB 8 KB	141ms 141ms	Document text/html	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 31449 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 19 May 2023 07:11:19 GMT expires Sat, 18 May 2024 07:11:19 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 3B62 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	144ms 143ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:55:28 GMT expires Fri, 19 May 2023 15:55:28 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:55:28 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 9B6D	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2bd72700b0d8a216d0f7e85992676f1f31240d2856fbd2963d72cff5ccf67e11 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 6500	0 10 B	144ms 143ms	Image text/plain	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?QxlFzA Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software / Resource Hash Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:28 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response pagead2.googlesyndication.com/bg/ Frame B12D	37 KB 14 KB	139ms 139ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:36:22 GMT content-encoding br x-content-type-options nosniff age 19146 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14664 x-xss-protection 0 last-modified Mon, 15 May 2023 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 18 May 2024 10:36:22 GMT
GET H2	200	css fonts.googleapis.com/ Frame C657	9 KB 1005 B	147ms 146ms	Stylesheet text/css	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software ESF / Resource Hash b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 19 May 2023 15:55:28 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 19 May 2023 15:04:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 19 May 2023 15:55:28 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame C657	2 KB 765 B	142ms 141ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:38:12 GMT content-encoding br x-content-type-options nosniff age 19036 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 10:38:12 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame C657	22 KB 9 KB	169ms 169ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:38:13 GMT content-encoding br x-content-type-options nosniff age 19035 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8780 x-xss-protection 0 server cafe etag 16540081610679671253 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 10:38:13 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4B37	143 B 166 B	134ms 132ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 214 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:51:54 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame C657	3 KB 1 KB	192ms 191ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:15:19 GMT content-encoding br x-content-type-options nosniff age 2409 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 15:15:19 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame C657	19 KB 8 KB	142ms 141ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:38:12 GMT content-encoding br x-content-type-options nosniff age 19036 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7953 x-xss-protection 0 server cafe etag 16153819885643670827 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 10:38:12 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame C657	170 KB 53 KB	293ms 293ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash 47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53893 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1684322484769956" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 19 May 2023 15:55:28 GMT
GET H3	200	a0d8c68f3de0718362c8759993c4ce7f.js Show response www.gstatic.com/mysidia/ Frame C657	32 KB 13 KB	139ms 139ms	Script text/javascript	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 May 2023 20:46:22 GMT content-encoding gzip x-content-type-options nosniff age 587346 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13639 x-xss-protection 0 last-modified Fri, 12 May 2023 20:16:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 10 Aug 2023 20:46:22 GMT
GET H3	200	x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response pagead2.googlesyndication.com/bg/ Frame EB36	37 KB 14 KB	141ms 141ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:36:22 GMT content-encoding br x-content-type-options nosniff age 19146 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14664 x-xss-protection 0 last-modified Mon, 15 May 2023 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 18 May 2024 10:36:22 GMT
POST H2	200	/ Show response collectcpmv3.mfilterit.net/ Frame 5ED4	0 221 B	937ms 325ms	XHR text/html	44.229.212.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://collectcpmv3.mfilterit.net/ Requested by Host: script.mfilterit.net URL: https://script.mfilterit.net/v3/i/client/web.prestigeconstructions.cpv-dv.js?mfpackagename=web.prestigeconstructions.cpv&ADSTXTADSYSTEMDOMAIN=google.com&ADSXTPUBLISHERID=pub-2536515702233288&AUCTIONID=ABAjH0jI5vKOVQbvIobSYHwBb-oZ&BUNDLEID=&CAMPAIGNID=19998000137&CREATIVEID=485176633&EXCHANGEID=1&INSERTIONORDERID=1011520848&INVENTORYSOURCEEXTERNALID=&PUBLISHERID=1&SOURCEURL=https://pastebin.pl/view/20b438ed&SOURCEURLENC=https://pastebin.pl/view/20b438ed&UNIVERSALSITEID=38837122840&CACHEBUSTER=1684511726165178&CLICKURL=https://googleads.g.doubleclick.net/aclk?sa=L&ai=CSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&sig=AOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w&client=ca-pub-2536515702233288&adurl=https://wafs.mfilterit.net/rdct/%3Fmf_package_name%3Dweb.prestigeconstructions.cpv%26url%3Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%26mf1%3D%24%7BCACHEBUSTER%7D%26mf2%3D%24%7BCLICK_URL%7D%26mf3%3D%24%7BCREATIVE_ID%7D%26mf4%3D%24%7BCAMPAIGN_ID%7D%26mf5%3D%24%7BSOURCE_URL%7D%26mf6%3D%24%7BPUBLISHER_ID%7D%26gclid%3DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&CLICKURLENC=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&CLICKPOINTROLL=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSKBk7ptnZLqKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0KfhgkDnPh8f1OTIuNOV05dkOWLI0ycAshSoP7OARkGFqVSNdnNTMEmbyLjG0fwcwcfH_NtedtJD4JykXNlmg0SA9kpHEyqa0yR-5BAfe3k0IYlq8Z_34ZgOS-soO--yA-I95vhV44OOOWCmrkLtRbLDN3MhQR6T9EbheDC_WrpZXkQ_YdQjtaS-j1lXM2uviMQxfbUUYNIJzCEbuFlw8RIPhmR10XcbbSAVvpO9zjOXqnoW6DI3OpRMCmUYoeJGhy3GGNpqwVJ_oXHZdkp4EwVK4vavd-eeEksJZqYoIpANMV5Nd7QmnXR0mhpDDBvxwASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3OU2HHOh52SSJ-Mq0iBmha2uM62w%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIurm7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgI7zfD_BwE&DCDBMTOKEN=AD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIiYjlv0qoAvz07oUCsALQqqriA0AB0gIqGAAiEwi6ubuY34H_AhU6gn8EHXlQC3EoATABOI7d3OujEUACSAFYiIEgELnqrOcB3Rp-rMMz58E8rcX6JY-BmQ&channel=dv360&IFDBM=${ifdyn:GDN}{ifpla:Shp123}{ifdbm:DiD} Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.229.212.135 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-229-212-135.us-west-2.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers Referer https://googleads.g.doubleclick.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 19 May 2023 15:55:29 GMT content-security-policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' strict-transport-security max-age=63072000; includeSubdomains; preload server awselb/2.0 content-length 0 content-type text/html
POST H2	200	/ Show response collectcpmv3.mfilterit.net/ Frame 4ED6	0 220 B	473ms 332ms	XHR text/html	44.229.212.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://collectcpmv3.mfilterit.net/ Requested by Host: script.mfilterit.net URL: https://script.mfilterit.net/v3/i/client/web.prestigeconstructions.cpv-dv.js?mfpackagename=web.prestigeconstructions.cpv&ADSTXTADSYSTEMDOMAIN=google.com&ADSXTPUBLISHERID=pub-2536515702233288&AUCTIONID=ABAjH0gq6Bk0XYYt2sawqlGIm7YS&BUNDLEID=&CAMPAIGNID=19998000137&CREATIVEID=485176633&EXCHANGEID=1&INSERTIONORDERID=1011520848&INVENTORYSOURCEEXTERNALID=&PUBLISHERID=1&SOURCEURL=https://pastebin.pl/view/20b438ed&SOURCEURLENC=https://pastebin.pl/view/20b438ed&UNIVERSALSITEID=38837122840&CACHEBUSTER=1684511726165179&CLICKURL=https://googleads.g.doubleclick.net/aclk?sa=L&ai=CdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&sig=AOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ&client=ca-pub-2536515702233288&adurl=https://wafs.mfilterit.net/rdct/%3Fmf_package_name%3Dweb.prestigeconstructions.cpv%26url%3Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%26mf1%3D%24%7BCACHEBUSTER%7D%26mf2%3D%24%7BCLICK_URL%7D%26mf3%3D%24%7BCREATIVE_ID%7D%26mf4%3D%24%7BCAMPAIGN_ID%7D%26mf5%3D%24%7BSOURCE_URL%7D%26mf6%3D%24%7BPUBLISHER_ID%7D%26gclid%3DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&CLICKURLENC=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&CLICKPOINTROLL=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdR-I7ptnZLuKCrqE_tMP-aCtiAe4hZrNcI7d3OujEZ-TnvPPOBABIPyvrpIBYI3y0gOgAeLIip0CyAECqQIFbo90NPpJPqgDAaoE8QFP0FO4F5ZCRVVGEZb6AREn4qOTyJPxeF1mJmMjL0dHIHwCcR-YgxN5ICeL7OCXW-CDJ7nAcwN0n2GELWhZ67E2ifqcUPso99GuOiHEHfrp4cQpQnOBRbFd_MM8KlfREPnJDjiPb9iBjS8qmDdejH_sTEMoZ36PH8i6RGWRP71XBBLgznpamsLLefD50dSOTe23Md4OH9-KKXKzHIoYA07caR1S7-SMTR-TWrb0QBHxm6lGqKrH9isESAIvlrz_6Btwai1TKsw1ZN3iJPaKevyWk6Ol2zMkaeUuk50G8W2herIZmU-39dDGSht2nWcY4Ff8wASc5fKaqATgBAOQBgGgBgKAB4a39eIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBORppAT2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB%26sig%3DAOD64_3QsHfQ6MvlbErr2xVaFMgtys_PoQ%26client%3Dca-pub-2536515702233288%26adurl%3Dhttps://wafs.mfilterit.net/rdct/%253Fmf_package_name%253Dweb.prestigeconstructions.cpv%2526url%253Dhttps://www.prestigeconstructions.com/the-prestige-city-yogihills-mumbai/bellanza%2526mf1%253D%2524%257BCACHEBUSTER%257D%2526mf2%253D%2524%257BCLICK_URL%257D%2526mf3%253D%2524%257BCREATIVE_ID%257D%2526mf4%253D%2524%257BCAMPAIGN_ID%257D%2526mf5%253D%2524%257BSOURCE_URL%257D%2526mf6%253D%2524%257BPUBLISHER_ID%257D%2526gclid%253DEAIaIQobChMIu7m7mN-B_wIVOoJ_BB15UAtxEAEYASAAEgK2MPD_BwE&DCDBMTOKEN=AD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIiYjlv0qoAvz07oUCsALQqqriA0AB0gIqGAAiEwi7ubuY34H_AhU6gn8EHXlQC3EoATABOI7d3OujEUACSAFYiIEgELnqrOcBjyBlbmotR1d0P8XPKyLC5A&channel=dv360&IFDBM=${ifdyn:GDN}{ifpla:Shp123}{ifdbm:DiD} Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.229.212.135 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-229-212-135.us-west-2.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers Referer https://googleads.g.doubleclick.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 19 May 2023 15:55:29 GMT content-security-policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' strict-transport-security max-age=63072000; includeSubdomains; preload server awselb/2.0 content-length 0 content-type text/html
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4B37 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	144ms 144ms	Document text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:55:30 GMT expires Fri, 19 May 2023 15:55:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 May 2023 15:55:29 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	px.gif fundingchoicesmessages.google.com/img/	43 B 68 B	152ms 152ms	Image image/gif	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.205034686252598 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-zym2tEekySdWkD67ppvWmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:30 GMT content-security-policy script-src 'report-sample' 'nonce-zym2tEekySdWkD67ppvWmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	px.gif fundingchoicesmessages.google.com/img/	43 B 68 B	153ms 153ms	Image image/gif	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.95888928295625 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce--XnVRaxIy5MDlxUd9TCoAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:30 GMT content-security-policy script-src 'report-sample' 'nonce--XnVRaxIy5MDlxUd9TCoAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	177ms 176ms	Image text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230515&jk=4105589473415225&bg=!vb6lvurNAAYldGN0BXQ7ADkAdvg8WvRxNmVDvNDv_yG9PltYYtZm1mS_a_9gG65MCrbewE7-E1utOI4kH5St73ii5kJEdabV1YQCAAAAf1IAAAACaAEHCgA5e5WKys5UTrRxovTNzEa1P7zJqBEqG18-8N1zTbaG9ZNyo4W0czDgoQPHsKtR9tleczdTvnYhrmKBmQKgEsIu9NcCrxbkphF9nxTiAawks8HvdtAFyCRvgS2ogWMPgcnwClkrVkoafMTpMhR1bi0hl4q37DJGvAPuASEyCRUzXnHqTeskH8Brcpv1jUMR3nSujxMkesU7sRcckT_YY0hOh8SkkBEElqmSxpYyJOxX800CV2rD-dHjK4vD4nkSljPtSISB4Lyfny62t5pB1rm6v9w_5e1yCCEst5rBgDhpfIHDLVcFGJzA68n4ObqV2-8qPsWF-hJRmpIcWia8WibB4I1vhhcQjHNsV4N8y_J7N97le9lvql9uGCRjYvKagGvyJgM_j-aDCn-rlKGOhrOkkfBwua68yg1PBeqkSKOx8QInT9-jxmcvwIxdJVv8urHPYY8AwhFoB9RVDWFN2pDe8xA18QirzQ2EL0246M1k6AnjvpYzQkwqTNhN2GQzVzsWudS3dMKpixpmwPTKCfB0Od2ol-Ox4Jc26XAv0Pz7zrjFYsqcOZjtWijMZiH4cFoVZdbWiSsZGr9WwNrlreCp8HTOR3q5zsNal5XYcK6Auj6nrxge69OLbkXrV7b7EJD6rd0Mz80z0W9bhj64YVopjdQY8Puoi9ptEN7pBmQYs_KBbn7wLESS76B0uYdCu9EoO1fAIt5ZVeVSbnAIqdkxjyKT3VWRT6BxZ8KfSg4x_4PJP3DJRirw-gNPr1WxFaZYHVG3nRFficJHrKOhiD7N4PZE05L67usRwpPZV3T4MbeZzmRS9jlREosrCTr2taWyVUXyXMEd8otqDOZgY07G3xicNRTDbRFPCksUahAurW7zw_MaeA0JL7s5yxN-XZSQpDQrBM8TighXkMg21DWhcaZp6-5bQfYp2wuxfAqSkSFawdlygH01E5I5qqe8Pd9663XW1EksVVLWHqNj Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	200	x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response pagead2.googlesyndication.com/bg/ Frame A6AC	37 KB 14 KB	141ms 141ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:36:22 GMT content-encoding br x-content-type-options nosniff age 19148 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14664 x-xss-protection 0 last-modified Mon, 15 May 2023 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 18 May 2024 10:36:22 GMT
POST H3	204	AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA== Show response fundingchoicesmessages.google.com/el/	0 28 B	436ms 152ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AIIHDXcyQn8tWxPypMxnjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 19 May 2023 15:55:30 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AIIHDXcyQn8tWxPypMxnjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://pastebin.pl access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response pagead2.googlesyndication.com/bg/ Frame 906D	37 KB 14 KB	139ms 138ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:36:22 GMT content-encoding br x-content-type-options nosniff age 19148 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14664 x-xss-protection 0 last-modified Mon, 15 May 2023 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 18 May 2024 10:36:22 GMT
GET DATA	200 OK	truncated / Frame 5ED4	207 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f5f20629142e2d76ba6b8e226b32346a3db3086724ec517a6141854d51353a1 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	view ad.doubleclick.net/pcs/ Frame 5ED4	0 0	484ms 178ms	Fetch image/gif	142.250.185.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjssEMic7Y7naRn2TaiYr1k8iVK7S-cTyUR0gnxueiibfgzH2Ef-jngEoVKQHPfBMbhMuq2W-bRwKggHoT9B8ayeoCRTP8mDmO1sLCA-vtnFW04MzrMgeb9RibMMqk_0KDYO9GX0RGXYafEfApiLrr12PCRxZo_a6FxLJGMesIhCoEY7aJq2RQJPnx2ZOyYv-1ydM2exFaJgS8jFgHpbFQAmfbmO2DJKbwXkSZdwmbDbNcKGA284O9Sr7XLjICtYJ_i9XBSl9cXsAnBiWbLrUVgvqiljaCAA8haVyVup47Jf7K4G8HfyJIf8S9mK8FGW0pSm9JSriNcGkasPOWR8YbiUZM2yF3qwOHdOgYslGICS-734DXviPgPU00uiZRw8bIb5iT8ScHwmEbOP1q5sbcru4dw5Bti4vqWU_d2ocquhpQo2BBYijjEGpTisUijlWRNXgNV8nHLhp_hxYlz95dLrtXgi3IMJ9erYlSAIQh4Mdxt8kyQ1QWmWhfHV3-M2cNLzbvypObG9Ww1T16wQcv8wDt6qG4U61vBqk8M0qZ-_BD1OY2YwCEAjMoNCa03bCmo0qDI_KBn2__8VBr4mE_gkc_yxQzLw7Dgvyy3PuaxFX18LWQsHPgaFThtYfIaTKqvMQJT7poCNxsRgdmSSidkYJij9xr_OvwgfAVHWZWj2TLFgNwc2oIvzNObvgSQmXsFkX4gnjOzTRiLrzAVQq7WNTMETi8hZOYRs9D1UAN9VinjgwHK0iz-mqfEs1TwzQyhxRK6Dq6GeXl7umIJcJeyh9PIcXs1nZZumYqIy1t7gw_Xgjcq1BOQL_s6M_Gynv1e1kJS9p0lJvmn3do9mC3DV97CPfoymFR4yh8oRf_crBXpRwanoyCXT0IuAl0J7Mloyz7Ki_kZb_wSvSIgab5xVQFL0VKnDJ1tHsnjX9WPYPrbbUgUXF8-YEABda5GesjBKdQ8TmOEIzGrAJga7EgGG9NXI8uD4TvyMoKT2Ua42HrG1lITMiOZbNAkZwMIKFSBxx8rTjOPPmp2E1Ex0Zy-Xg2GO2--u-UFS_mKOhgabJIlZspzxlvKCx3b6Aq-maz8UdHFOBn5-HAqn7Hg4909d0zg8lHaBqmZ4As1sVJhsUk8mh1hePmuKOuc-djcyJTlUJqBzoMAU22wSbIGlY85-MAgC0DUUNHuiw9vxthjC1Rbu0XI4NEIJ2MrQ&sai=AMfl-YThWGcjek6jLlU1JlFOBjY6wlTQtTcjtY5COmsPbAxAPU-CPmSiCRZmXwQa4ouzHsblOmArTZyIb4xjrYAfUZrkFB24flPybozMLwKyXmYll2X6mQgNWjkJhxmy8t2DExw1EzzeKk6HGvhZmvJARlSrGYBWIDLLDtv0j0VqYabfM4KP9-c2G-z1YuSgXLOFL-CSGlFmUjycuEk0GrS74j7U2VR3cuY424N-vxNVxy9bSaFJFOVZN_PoJw4&sig=Cg0ArKJSzISXJJE74HRhEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZmlsdGVyaXQubmV0&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2217&cbvp=2&dett=2&cstd=0&cisv=r20230517.26115&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 19 May 2023 15:55:30 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Fri, 19 May 2023 15:55:30 GMT
GET DATA	200 OK	truncated / Frame 4ED6	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c6b363becd4d87f9c5c9f6b7de719545d1d7e91c6d1982fccb7d670b6467baa2 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	view ad.doubleclick.net/pcs/ Frame 4ED6	0 0	455ms 178ms	Fetch image/gif	142.250.185.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjsvui271VDnZvOhZkclDEgLmUEkNRo-wYP3Oqv5IYWLq3BHZLTmEI26Twvhiu8odclI1r1zquJmUUvrq3Ft5FV6XYA3mRWB78CIigGE-bS6ITD7cJVCmMMyUPpGxGir0rucye1B0rwl9fB1z7cprGuze-oQ9RsWHjXilsKSGQ1iD_8HdiaAsxNzthOcsg6wZpGoXarhRf05AzOk51JVkfW0XhGmyQqoGpof5hhiIJ_1vVCd_oXw9cUp56TTi7Acy4jl2Osey5qrUG_0yjGx5WzxSYiKlLUIRHDL7YRAywgacI0srM7lpWeiw2FcoJLbbfE-0vyMdwi3GhXiyzVM-nrIVUcuHq7gWeWujJ9RDFv_4RIAUTrJJzbEpz54K-xONHXyGkKKywq8cuyHcwpjEhqBjlueIyYRCdi2aiSncbRvqq7__m2q2X2nntdy8eWlZK5jZB5FhuQIiZ3pnOwf2gE62xJtHF0UwIgAo-T4yreHZ00ffmL3-FMoCehj_E2g34HQ1dqCVqf4JyeBX-cx9DAByptby6tTvuTlRwBNeFPnTOH7K2RLvW_uyR-jAJJ_CXPpeSL3eE_6TyRf5vXacMUIIFYPXkJTG5cdzr21f-4VF6nsYOVIxryh3ApVr7HkR54t1DbW1l_pNJTR3On1MGypJJSPiUs0kH6Rq9-oxepKk4ptKfIHni-0h-ASBuQ6912uKCpv0UoNKagnc4v3StYVbMHRf_AvJxe4FIdp5OiuacQhSoGWdJb9kaFWOqoFTk8-JBLQL6fR0bp9twJ0-HwMdvJob_5fLgrWGOIpH8q9A2XbUrQzbxS-VgAZB40TKwp2rKx46cQbTHht0OGHyUmrKYy2PLg3pnHqerQRdgfbjRBXHYOt-UK6x-QL0nC_uZ1cmUfzk8tSaa1xMFfjQxuru-l78bzG1W8e470aAT6nezCeE6KNtAx6A15a4cZcZSDi7DV2qUkfiZXhi0Zy0_rX8YhUcg9CdbhZwV9N7yBpVzfvheWyKJoHOd1YKKJO-7gsXkdjVGt2hfjQgQ1Aq7qSkBtSXMGW0JP1vpBjgKhHDyD-3DyT8Pi3lCkGcW9npR0uj3Ycvog6t-eDLQYDrUvInTIiJgN48sxqkBccpnI7nUqE5AHIQviWTd1nnAzKWyNxK_J9Shz65h6ql694ZWNOtqUC4AekuPswKzFoywwhvUcYt1iIdF04-fLY&sai=AMfl-YSODeopaR9aFx140XqSW6vZTL5YBcm-qt6GGjz54Qm8hviXJbQbcThtO65a9h0UCd5Rf6cdD6sngzjhbJV-Pwpg30FzsU1X05trCFxK6Xt_qDwXJkWig-3bLzJOrztFAoobSupVn_frpwBugXM-1nDKl49FW1VRU_WVXq7t8DYGRlQtqfPTOWhlK4HYZ0vrOSiAuQW39fCByk4S1yToGIrdvOaRJ9YVl7_FmcncRxFz6WC6jikU0k21LqM&sig=Cg0ArKJSzFKHUwB3BC-aEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZmlsdGVyaXQubmV0&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2213&cbvp=2&dett=2&cstd=0&cisv=r20230517.08176&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: pastebin.pl URL: https://pastebin.pl/view/20b438ed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 19 May 2023 15:55:30 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Fri, 19 May 2023 15:55:30 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame EB36	0 20 B	182ms 181ms	Image image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Br7ab7ptnZLuKCrqE_tMP-aCtiAcAAAAAOAHgBAI&bg=!lpWllcHNAAZ8_aWmXP07ADkAdvg8WqWOfAeauSWgspOKt99yuTmLgd-ymn58AWZul4v-xthIs8n-OTu8XTkhPlqfkYLm6wOTnc0CAAAEClIAAAADaAEHCgAp4gngmrITl4lCGgxu5gRz1O-LlFNasShw1-5wX2GzXQzDegTXJdmolpSZAvulPpdPurEb9A_IkNkeCK6jx_gasGY4xEwB9M9eYB_59Ha4RiqtYyKBSGnM118LXPjUvNGXFSOFZwhRxpBOGSxYNArAISkCIU44aIF_c8zv6ELe0Asw_7VBZz8hcd95-_BoHZFZAh6zTrA2P5Njqli9BlMV3dhRkVFWjriiN9IcfDjjujzAnTZlaV9B3UbJh5l4CeMqW2b2iInrVJItI130ZAJ82i75PETvxeslWWE7G0nSqXvIEqLXa6rA8nPAgvRy6mlnEOJ86gQ5OaDWyfHIcPfvP8XYtl6S7z9Ipz73ZfKbV6-AdjYcnbPcz_FH3tgxi5AckZnTdEm_Lt83liDznLjmWBP4WM5Ycj2Oow0R4XEBa2k8_cPXRa72RlUzxlgEvP_r6VuU0LHSGJOIm7asyFkTIi-p0q-f19zj5FMAr5m0X4QmV-EghwDBzA9-Vmf_Vc40oVf55pw8-whzVZQo0BzZ2Ek5ncJ84kaTmp3wvCXFj0YtlYYMD-dmXpPhnTfwh9NEDNKel6p1CtIaO7bZu6UfN3f112YfSL4QjoOuZWgFPaoApNZIKQO9GC0j5yRSTS7PIkFGOkB5FeOUi-abiO7Te8aLdkpKnYkDKK6GFXkwcblt8oH7BvOCCtYOaTb4IIMrE46pkUKU6Epk-_qeYbR4ucPzNVc2m8quKnFBNrwkW6RlXyyDKa3dWTBzaekaTZ4r9SP-j0WaXwomUNBQjCx1m2cgswf-42NLyGJz0sIsGX0WcfS3LVzIAC3nCw2CW-BBIxiqWoTbFvAQynC1ftfFAcLBHvkRiVWbs2pfyqzJEELSTuLBuTGvAWadg3kuiuQRs8yfatfLFl_FEC6FxDPpYEDkZ8pnTQNGzcs2y3uHXpWPNBgOZaO9Ik_PZPLA4kwNxduNHiLrKpNkO0-01Uf-vB3iSeHJP_0rjQG5FwKRNFs_9jLImQoHLvfH08JkeA9GgOtfNXHAnTlJBLQYhOaAupm6YGJjPNzi21b6ffPiyFJWCIxzv2Dc Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B12D	0 20 B	177ms 177ms	Image image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCaLX7ptnZLqKCrqE_tMP-aCtiAcAAAAAOAHgBAI&bg=!-Pul-6_NAAZ8_aWmXP07ADkAdvg8WjPJJmnPlQbZes5GA4OTiun3R4EOn7cpx0xnfKT_Ahlw5768e2jJBQAAkg1eKh_vPzqmBWUCAAAE91IAAAADaAEHmQLvo8cs2pqo0GLoL9y8RIjgL-hT8YYZlXjl0URRUUb-t7llHlSZZ-8y_vJMozs85f8_5G61rcVp3qWHQ7Z9kkxWKKOWYoagjd6WTtXE4je3_rnbnnR6ads9cGcKABBHvh0A7cZKXsF26WAn9RbR18gtsYY6UvmyIK8J0oEx63hZT3q2DwIkTNtGWpwlUd1c2s9ybx715i0fxh1UEQuZmmXbzJg5T1rIBfFJqbVhwuWPFfUn47Uuatf6AVVOUEJsvrLwVRywI63fh1AyIgHSJKxcpZCVsMQcKyotyvAj-8R8lnRLZ2oz2K2Fq_J6h-Y1g212rhWw36VSho0gz0E7UWDpp2kJxVUVr6VR0pCLoSWQ9MT5y3CYcCh_Itfwcv463IuH9jicmbdjPKkuEEJ4TV9-E4M3rwYgxwWVa2eEdd576RO_W3mDGcDTPebzhOxYI18f895rfOvIB2oHceL7esShbejOGXxqjOvxsJfKrhXrZDN6KX_HgPc-gfPbicQ3YwWr3Sbk9V844Eeq3z1Fdsem67FCqtWbH1SSvOco-_B9Oz0J_7n-3b4Bmi_hvgrpbyBL9bi-rE9YyJ_K7ZOzcfPkbfIcC7ILgJLbx3iXMWbbs-oSiGt7BgQh-09Rmk3_jFiHPoH0RUOPNUJ3WCynglwNPFMIRzDegYrAljJV-QdIyol2QKh5_oVMyNxarYoeQuusPUR4c6P6a6Ut_raj8gxm1onuggTyTEB_3RIjktE0tvE8AML9W9hQW7rXjtKrlUMw8RJmB1GbCdNGiH6ccro10gZU-uYp88iD0CL1556XZ8cGU_WAFVrOxV4C5A0U08s05ugsLULMIqj2J_Ssbv3z1ei20luSKkH3zwpBPbR7vS2JCSTCaAODSwBieU9wxMuZqkMD8Kn39eIaYhrwHv32x9ruh6UdhR9tlZouPTj5dlFMF9alikMiFK5YqdixB9QSMYAFyV2EReAqk9-AjI0EH8POXJAnuVWfuO9lmoNiJw Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 9B6D	42 B 64 B	174ms 174ms	Fetch image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstO62mm5qJ313MG4W5PFwSDjkzjMsAZT5AASQ4OHocQ2X3RBbSPvsOZ2Izhu8kh63h5aFmQNguXLuugKQZ1y_rd-vRdRYFP7C_QeWkQPxLPiI_DNld69wlM2r4gJo57Qa0743U&sai=AMfl-YR2NFaJvuHb0ViT-wBKnerDwOGnkz8cfWLU4ja6WNCSA2CR9jjn_ythNRuT9pOJ6yDDbFkHQW54i-0V&sig=Cg0ArKJSzIpGffg57AWmEAE&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684511728025&rpt=1737&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:30 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads20. Show response fundingchoicesmessages.google.com/f/AGSKWxWOo3OO7WX07FX8xBKhsqK2o0aSZep3x88VBx9ZzyQqBgCHP-m67OrJIjchdUfTqetXwsWcBiMMeSNfMxXQsPLdlxbkjBL46lDSigYgjPQOAPjdLcG7G9Nkh3VZeA849_TgFZ6s6fuu2NE0Gk1Y81bHFf14H...	54 B 109 B	153ms 152ms	Script application/javascript	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWOo3OO7WX07FX8xBKhsqK2o0aSZep3x88VBx9ZzyQqBgCHP-m67OrJIjchdUfTqetXwsWcBiMMeSNfMxXQsPLdlxbkjBL46lDSigYgjPQOAPjdLcG7G9Nkh3VZeA849_TgFZ6s6fuu2NE0Gk1Y81bHFf14HFNrCaZw8JW5nscmvXU42dMHWkpLWSVH/_/directrev./www/ad_/24adscript./ad_box2./ads20. Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash a00f8b9a4a846cea2142da7e6dcc940b535fdf3a0ab1b21b7a0798a21e4e013e Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-oE4vj8kP-dF1FCTnwKOkQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:31 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-oE4vj8kP-dF1FCTnwKOkQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	google_top_exp.js Show response pagead2.googlesyndication.com/pagead/js/	47 B 67 B	144ms 143ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 10:45:04 GMT content-encoding br x-content-type-options nosniff age 18627 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 server cafe etag 13036835877489095579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Jun 2023 10:45:04 GMT
POST H3	204	AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA== Show response fundingchoicesmessages.google.com/el/	0 28 B	151ms 150ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IiFlglP7W4Rn7LpDBVmBiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 19 May 2023 15:55:31 GMT content-security-policy script-src 'report-sample' 'nonce-IiFlglP7W4Rn7LpDBVmBiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://pastebin.pl content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA== Show response fundingchoicesmessages.google.com/el/	0 28 B	158ms 157ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-dlvwKxdtN8s5qAhdKT6gIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 19 May 2023 15:55:31 GMT content-security-policy script-src 'report-sample' 'nonce-dlvwKxdtN8s5qAhdKT6gIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://pastebin.pl content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA== Show response fundingchoicesmessages.google.com/el/	0 28 B	165ms 164ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5eDPdi7wAJ83uByF6IskFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 19 May 2023 15:55:31 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5eDPdi7wAJ83uByF6IskFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://pastebin.pl content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA== Show response fundingchoicesmessages.google.com/el/	0 28 B	166ms 165ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVrMNwtzxfnqP-zvOZmd3BlV-Q0PGw8xZcWKHGECYKeXgHIr6iW3J9pJzcZfOFJ_bpQjxRU_DuEVeawqwMfzEb7aIYhZDKKci0S3gCoaN1NHob2dufzEw2ng6sCrhGI2gqG_5E1YA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UjmMMT2OGqI8jTGU0_SNyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 19 May 2023 15:55:31 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UjmMMT2OGqI8jTGU0_SNyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://pastebin.pl content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxU7YZa2U41I7-LyI9eWf7rX79YMGJsYl6rdC139HiBa33UXBvyN9vRkE3OqfkRE5L9Dk04pIkA9myFyIYkOQtMWeof-sFjnhQlF4BuZEYDYXchSc19Z5UVDr7iFX5qT8viynvJ12Q== Show response fundingchoicesmessages.google.com/f/	4 KB 2 KB	172ms 171ms	Script application/javascript	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxU7YZa2U41I7-LyI9eWf7rX79YMGJsYl6rdC139HiBa33UXBvyN9vRkE3OqfkRE5L9Dk04pIkA9myFyIYkOQtMWeof-sFjnhQlF4BuZEYDYXchSc19Z5UVDr7iFX5qT8viynvJ12Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0NTExNzMxLDE5ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwicGwiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wYXN0ZWJpbi5wbC92aWV3LzIwYjQzOGVkIixudWxsLFtbOCwiNDVCZ2dmZHpHaVUiXSxbOSwiZW4tVVMiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash 9646bba1c1f0c898dce473abafecd582b05d3975a4a428e21c6040da1b17a84d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-q7PUhwLFa4A-boAG3omCLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastebin.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 19 May 2023 15:55:31 GMT content-security-policy script-src 'report-sample' 'nonce-q7PUhwLFa4A-boAG3omCLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxV0VJ2PRfrIEdZpCZzUQjG5mMjauR3jHl-r96Fl1twouGSmmdaFSAyh43Hb-YKD2KDektRMeEcL9TP6F3-5PZ2V9BeaAW16M8PTuqYuTCKpy0734-HrPuHh_V1QdTd0GO5BTARB0g== Show response fundingchoicesmessages.google.com/el/	0 28 B	154ms 153ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxV0VJ2PRfrIEdZpCZzUQjG5mMjauR3jHl-r96Fl1twouGSmmdaFSAyh43Hb-YKD2KDektRMeEcL9TP6F3-5PZ2V9BeaAW16M8PTuqYuTCKpy0734-HrPuHh_V1QdTd0GO5BTARB0g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f6fcpy5Sbuw5irmVQuNxVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 19 May 2023 15:55:31 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f6fcpy5Sbuw5irmVQuNxVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://pastebin.pl content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVmJqi4vbgmt4fdY7My6k15zvvm0_AfUVw8tuvUzr3r5oChTOgf0XbbBcheagXrGnKtcWWuRSe0hE8XG0XF68s= Show response fundingchoicesmessages.google.com/el/	0 28 B	155ms 154ms	XHR text/html	142.250.186.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVmJqi4vbgmt4fdY7My6k15zvvm0_AfUVw8tuvUzr3r5oChTOgf0XbbBcheagXrGnKtcWWuRSe0hE8XG0XF68s= Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.45BggfdzGiU.es5.O/d=1/rs=AJlcJMyhO4jCjQ75EZ0hCu1d3uCTngChbg/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-zfnGcriKYfjA22Zn13fmzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pastebin.pl/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 19 May 2023 15:55:31 GMT content-security-policy script-src 'report-sample' 'nonce-zfnGcriKYfjA22Zn13fmzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://pastebin.pl content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5ED4	42 B 64 B	175ms 174ms	Fetch image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNpMwFaUvJixXk_PhoKUCLBxAIWdsh87CIPaXnOCw_OZ0Is-8hHhMFOJIX6V0--_UJP1cHb4wteBDbl0b0HjnwFNFn9uGKSIEv-YR2B1DGxNMZ9JrEaCvkivy09dnDMZ88zkA&sai=AMfl-YTO2D9qKF_bKQG8YtaqrwAAJUCd_0ktRNbthZ1BaB4ll-gg10t5ECeffVcw5zMyhVj9DHKgc6bTc8qU&sig=Cg0ArKJSzIXSdwVN4hx3EAE&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684511728190&rpt=2203&met=ie&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:31 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 4ED6	42 B 64 B	176ms 175ms	Fetch image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuL5YuDMmeX5XuK9iQplGxaCqCTpk2nQzJpcN0PW50D6BCdF5Cp-X3zIqUc7mj22FKRu_FrTp0yTXf991LHvBZm1Wel_2hzXRN1f2MlGh6U7CJNPVWR4eivgctYHlWFKdVgwxo&sai=AMfl-YQ1qfSwNbZJQHFVwlqHrklBL5N_EznZqIiDAPtPc_VNLQNVJTHing42HRAsm3jbH9fbfK5U9hJ4UN7i&sig=Cg0ArKJSzOIjoVtjvkyREAE&cid=CAQSGwBygQiDbTRHylSldaGy6UWdpNZPpo0b_kZR_hgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684511728225&rpt=2189&met=ie&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 19 May 2023 15:55:31 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT