xn-----6kccsaeozbsgoedln8v.xn--p1ai Open in urlscan Pro Puny
экзамен-пдд-онлайн.рф IDN
185.4.73.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Effective URL:
https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Submission Tags: falconsandbox
Submission: On February 19 via api (February 19th 2021, 11:09:41 am UTC) from US

Summary HTTP 100 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 14 domains to perform 100 HTTP transactions. The main IP is 185.4.73.64, located in Estonia and belongs to PAGM-AS, EE. The main domain is xn-----6kccsaeozbsgoedln8v.xn--p1ai.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 5th 2021. Valid for: a year.

This is the only time xn-----6kccsaeozbsgoedln8v.xn--p1ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	185.4.73.64 185.4.73.64	198068 (PAGM-AS) (PAGM-AS)
5	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
20	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 3	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
51	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
100	11

16 185.4.73.64 (Estonia) 1 redirects

ASN198068 (PAGM-AS, EE)
PTR: sc7e94c91.fastvps-server.com

xn-----6kccsaeozbsgoedln8v.xn--p1ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yandex.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
site.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	450 KB
16	1 redirects function sub() { [native code] }.	56 KB
9	doubleclick.net googleads.g.doubleclick.net	61 KB
7	ampproject.org cdn.ampproject.org	122 KB
3	google.com 1 redirects adservice.google.com www.google.com	461 B
3	yandex.net site.yandex.net	25 KB
3	yadro.ru 1 redirects counter.yadro.ru	2 KB
2	gstatic.com fonts.gstatic.com	24 KB
2	googletagservices.com www.googletagservices.com	61 KB
1	googleapis.com fonts.googleapis.com	522 B
1	google.de adservice.google.de	321 B
1	googleadservices.com partner.googleadservices.com	655 B
1	yastatic.net yastatic.net	28 KB
1	yandex.st yandex.st	30 KB
100	14

	Domain	Requested by
44	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org xn-----6kccsaeozbsgoedln8v.xn--p1ai tpc.googlesyndication.com pagead2.googlesyndication.com
16	xn-----6kccsaeozbsgoedln8v.xn--p1ai	1 redirects xn-----6kccsaeozbsgoedln8v.xn--p1ai
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net xn-----6kccsaeozbsgoedln8v.xn--p1ai
9	pagead2.googlesyndication.com	xn-----6kccsaeozbsgoedln8v.xn--p1ai pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
3	site.yandex.net	xn-----6kccsaeozbsgoedln8v.xn--p1ai site.yandex.net
3	counter.yadro.ru	1 redirects xn-----6kccsaeozbsgoedln8v.xn--p1ai
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	yastatic.net	site.yandex.net
1	yandex.st	xn-----6kccsaeozbsgoedln8v.xn--p1ai
100	16

This site contains no links.

Subject Issuer	Validity	Valid
xn-----6kccsaeozbsgoedln8v.xn--p1ai Sectigo RSA Domain Validation Secure Server CA	`2021-01-05` - `2022-01-05`	a year	crt.sh
*.yastatic.net Yandex CA	`2020-09-29` - `2021-03-30`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
counter.yadro.ru R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Frame ID: 35C21C6D98BADF78473C15ACDE2DA673
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: B305444B0993FC7E4C31381B1F917EB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
Frame ID: A50CEF668479C82D01C5489C04AA4303
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&adk=1812271804&adf=3025194257&lmt=1613732964&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613732964568&bpp=4&bdt=382&idt=104&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=110
Frame ID: FC580BE0A6F72CCF95F33AD1A4F15F76
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=280&adk=606731570&adf=2108262517&pi=t.aa~a.3256163129~rp.4&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x280&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=3&bdt=599&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BLSRkk3LMN&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=20
Frame ID: 83A661459B153D5DC7D43309AD7381FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
Frame ID: 73C963877280F81A1539F2F42554996C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 77FFB9A280D9B008396EBB081582F870
Requests: 42 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html
Frame ID: F843CB1D94FF214371E9E965EF7705FC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C-ON4ZJwvYKLhM_jV7_UPvIibkAax_IGpYZ6K-ZTODOLc6JnLARABIM_8yBJglYq4gsgHoAHwnbryA8gBCakC66DXSm5JtD6oAwHIA8iAgAKqBPUBT9AIFn4AhxqcDh4fETA6-97AJFzhpI-06al97no6Jk4cRrpK1w77CpGN9E3LbX2tSavp_nJaKdISwuTrgK3sJAaITrWf7g1-kY-1UjuER2IjNVCSsbvSxIKc3qjBbOWere8f5ckIa0KY0dpMPiGgAsXKErF5WTgXNyMElX3PsUTw7tAsgaSMH-ETVzMCCy1D5elntQWPFM1PhH9YYNvzN0bG9XaVWGPHNYmDd3FXQ7bkJ2I0tQcLdsG-0Z5GerlRL40KUvfaedSUxYJwHfdsOnuyuR8O-KAxScuJrLt-Yj-CfFiItSr57Qy-piERo7hHXsCfwoLABLaK1-94kgUECAQYAZIFBAgFGASgBi6AB_jhxQ2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQqI0L0ggJCIDhgBAQARgfgAoByAsB2BMCshcaChgIABIUcHViLTA5MjU2MjMzNzg2ODc0NzM&sigh=eJIZzlWerWg&template_id=419&tpd=AGWhJmuyf4Y5MSHNonQjJ8BbwrqMGQCsHhwdcyYMfO_6CKJorA
Frame ID: 30F0ADC35EF7BF08B6AFF363EF0A50BE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9A2C93A2DE4C041A6606051ED4106B88
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9A8A394C71549B6E2570BF99FA82C097
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://xn-----6kccsaeozbsgoedln8v.xn--p1ai/ HTTP 301
https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

100
Requests

100 %
HTTPS

70 %
IPv6

14
Domains

16
Subdomains

11
IPs

4
Countries

894 kB
Transfer

2038 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xn-----6kccsaeozbsgoedln8v.xn--p1ai/ HTTP 301
https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai/;0.2768109100637801 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai/;0.2768109100637801

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

100 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Redirect Chain

http://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

22 KB
7 KB

460ms
258ms

Document
text/html

185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 / PHP/5.2.17
Resource Hash: 03cbc98c6b792cd755f1b076fb602eb085eac955672aff0f56c562f81ef496d1

Request headers

Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.18.0
Date: Fri, 19 Feb 2021 11:09:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6440
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx/1.18.0
Date: Fri, 19 Feb 2021 11:09:23 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 353
Connection: keep-alive
Location: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

GET
H2 200 jquery.min.js Show response
yandex.st/jquery/1.7.2/ 93 KB
30 KB 124ms
41ms Script
application/x-javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.st/jquery/1.7.2/jquery.min.js

Requested by

Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:09:24 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 29787
x-nginx-request-id: be6fed7357058246
last-modified: Mon, 12 Nov 2018 13:13:59 GMT
server: nginx/1.17.9
etag: "4da6537eb025673e9c318bcdc3ed0c90"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Nov 2021 15:46:58 GMT

GET
H/1.1 200
OK nav.js Show response
xn-----6kccsaeozbsgoedln8v.xn--p1ai/js/ 380 B
603 B 100ms
99ms Script
application/javascript 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/js/nav.js
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 /
Resource Hash: cf2895748ff17647a8bf4b81347ce73b30747bdd9f8dd6687e839b86a0b17f85

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Apr 2017 21:23:01 GMT
Server: nginx/1.18.0
ETag: W/"58e40eb5-17c"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 21 Mar 2021 11:09:24 GMT

GET
H/1.1 200
OK scrolltopcontrol.js Show response
xn-----6kccsaeozbsgoedln8v.xn--p1ai/js/ 4 KB
2 KB 294ms
98ms Script
application/javascript 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/js/scrolltopcontrol.js
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 /
Resource Hash: 2a104fc5939b8a043033b67c74a68b3124f0a8e64a6fecc6f92821c69af79b14

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Apr 2017 20:03:05 GMT
Server: nginx/1.18.0
ETag: W/"58e69ef9-ece"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 21 Mar 2021 11:09:24 GMT

GET
H/1.1 200
OK jquery.arcticmodal-0.3.min.js Show response
xn-----6kccsaeozbsgoedln8v.xn--p1ai/js/ 6 KB
3 KB 294ms
98ms Script
application/javascript 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/js/jquery.arcticmodal-0.3.min.js
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 /
Resource Hash: 7cc8a11e39d99e0a6f5c34b48966e2fa9eecca0fa4896524b034ba2bb5d2110d

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Mar 2019 14:37:01 GMT
Server: nginx/1.18.0
ETag: W/"5c83cf8d-17d1"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 21 Mar 2021 11:09:24 GMT

GET
H/1.1 200
OK style.css
xn-----6kccsaeozbsgoedln8v.xn--p1ai/css/ 30 KB
7 KB 204ms
104ms Stylesheet
text/css 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/css/style.css
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 /
Resource Hash: 0d90b273aead33d6e0383ef37099018cfcb0797fedfff47a4eb9cb7d29429cd4

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Apr 2019 09:50:08 GMT
Server: nginx/1.18.0
ETag: W/"5ca87650-77a6"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 21 Mar 2021 11:09:24 GMT

GET
H/1.1 200
OK logo.png
xn-----6kccsaeozbsgoedln8v.xn--p1ai/i/ 7 KB
7 KB 98ms
98ms Image
image/png 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/i/logo.png
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 /
Resource Hash: d66b1d379dd4ab3f5d24e8cbf844b9e2d1080b41fd93e338e66157ffe902aad4

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Last-Modified: Fri, 09 Feb 2018 22:11:58 GMT
Server: nginx/1.18.0
ETag: "5a7e1cae-1c5f"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7263
Expires: Sun, 21 Mar 2021 11:09:24 GMT

GET
H/1.1 200
OK thumb.php
xn-----6kccsaeozbsgoedln8v.xn--p1ai/img/ 4 KB
5 KB 113ms
113ms Image
image/jpeg 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/img/thumb.php?id=art/148.jpg&w=150
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 / PHP/5.2.17
Resource Hash: 57690e5883e3cbd0acd0d1dd65d99566e8a219b21efff9430027e54fdbceba92

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Server: nginx/1.18.0
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK comm_icon.png
xn-----6kccsaeozbsgoedln8v.xn--p1ai/i/ 342 B
652 B 103ms
101ms Image
image/png 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/i/comm_icon.png
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 /
Resource Hash: bb74b8518b09f60ae1977c3b28985647819abde38b046b88915be301986eca2f

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Last-Modified: Tue, 04 Apr 2017 21:23:48 GMT
Server: nginx/1.18.0
ETag: "58e40ee4-156"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 342
Expires: Sun, 21 Mar 2021 11:09:24 GMT

GET
H/1.1 200
OK thumb.php
xn-----6kccsaeozbsgoedln8v.xn--p1ai/img/ 5 KB
5 KB 128ms
126ms Image
image/jpeg 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/img/thumb.php?id=art/147.jpg&w=150
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 / PHP/5.2.17
Resource Hash: dcc8bbfe360eff9a024f8ea9927683490b2e651d4349ed6011ef17d649818610

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Server: nginx/1.18.0
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK thumb.php
xn-----6kccsaeozbsgoedln8v.xn--p1ai/img/ 5 KB
5 KB 233ms
122ms Image
image/jpeg 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/img/thumb.php?id=art/146.jpg&w=150
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 / PHP/5.2.17
Resource Hash: 740d4116a0762799ef5e8f4f9c8c481f20f518651a804e70f451daaffdc0939f

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Server: nginx/1.18.0
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK thumb.php
xn-----6kccsaeozbsgoedln8v.xn--p1ai/img/ 6 KB
6 KB 247ms
119ms Image
image/jpeg 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/img/thumb.php?id=art/144.jpg&w=150
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 / PHP/5.2.17
Resource Hash: 37e1d8d6f8b576654ca89425b1b0e8b6b4446e3c4dc253af50ee1481b8aea3e8

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Server: nginx/1.18.0
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK thumb.php
xn-----6kccsaeozbsgoedln8v.xn--p1ai/img/ 5 KB
5 KB 186ms
120ms Image
image/jpeg 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/img/thumb.php?id=art/145.jpg&w=150
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 / PHP/5.2.17
Resource Hash: ccb45bbc81c9976a76bd399f53e9bbedf3f265b2174e28c09a93b684c2822c83

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Server: nginx/1.18.0
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK sml_11.gif
xn-----6kccsaeozbsgoedln8v.xn--p1ai/comments/im/ 698 B
1008 B 173ms
95ms Image
image/gif 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/comments/im/sml_11.gif
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 /
Resource Hash: f883a11da9aae3bc64c33b86b6864ece97d89a89b34f00d22c2e6c02d3fb07ee

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Last-Modified: Tue, 04 Apr 2017 21:22:29 GMT
Server: nginx/1.18.0
ETag: "58e40e95-2ba"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 698
Expires: Sun, 21 Mar 2021 11:09:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

557c7eff7e290be0c9ba43c9992a9a53511608560c9e1c23efc05851e186a2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48512
x-xss-protection: 0
server: cafe
etag: 8824829217438060229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 11:09:24 GMT

GET
H/1.1 200
OK logo
counter.yadro.ru/ 206 B
479 B 283ms
94ms Image
image/gif 88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/logo?17.1

Requested by

Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

b20f6a1220c08a22bb50dd2ef23849201afd9a22b29672f3853be8cd9d5b345f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 11:09:24 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Cache-control: no-cache
Connection: keep-alive
Content-Length: 206
Expires: Wed, 19 Feb 2020 21:00:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai/;0.2768109100637801
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai/;0.2768109100637801

43 B
496 B

109ms
106ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai/;0.2768109100637801

Requested by

Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 11:09:24 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 19 Feb 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 11:09:24 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai/;0.2768109100637801
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 19 Feb 2020 21:00:00 GMT

GET
H2 200 all.js Show response
site.yandex.net/v2.0/js/ 56 KB
15 KB 54ms
52ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/all.js

Requested by

Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:09:24 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15151
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "a144f832184afae15f82138151d89089"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Feb 2021 23:04:57 GMT

GET
H/1.1 200
OK to_up_2.png
xn-----6kccsaeozbsgoedln8v.xn--p1ai/i/ 1 KB
1 KB 120ms
105ms Image
image/png 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/i/to_up_2.png
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 /
Resource Hash: a8981909d9e1b70826e29e27ffdb6f4c96a76dbc9e4194cfc76b86478ad77992

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Last-Modified: Tue, 04 Apr 2017 21:23:59 GMT
Server: nginx/1.18.0
ETag: "58e40eef-4a2"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1186
Expires: Sun, 21 Mar 2021 11:09:24 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ 227 KB
86 KB 58ms
45ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ab0341f68cc06548e5b65a9660bf17584dd7a03bc68edf26a41a560789d1a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87060
x-xss-protection: 0
server: cafe
etag: 14406113461772004968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 11:09:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame B305 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Feb 2021 16:31:41 GMT
expires: Thu, 04 Mar 2021 16:31:41 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 67063
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jquery.min.js Show response
yastatic.net/jquery/1.6.2/ 89 KB
28 KB 53ms
52ms Script
application/x-javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/jquery/1.6.2/jquery.min.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:09:24 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 28368
x-nginx-request-id: 8e36c79662f4e1a3
last-modified: Mon, 12 Nov 2018 13:13:42 GMT
server: nginx/1.17.9
etag: "57f5e4ce99f95e1eb0f18d52b65b6769"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Nov 2021 15:44:07 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 225 B
655 B 180ms
80ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xn-----6kccsaeozbsgoedln8v.xn--p1ai&callback=_gfp_s_&client=ca-pub-0925623378687473

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c3ccd54025f8496cae0ea53302f89ca645b3f37c968a244826f12ab52ca772d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
321 B 18ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn-----6kccsaeozbsgoedln8v.xn--p1ai

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 11:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 18ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn-----6kccsaeozbsgoedln8v.xn--p1ai

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 11:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A50C 77 KB
13 KB 349ms
348ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6315fac5e9c655039a137f4bee6e75eea08d807ae41226d1425fecce929603dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Feb 2021 11:09:25 GMT
server: cafe
content-length: 13059
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 11:24:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 11:09:25 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565174175677"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Fri, 19 Feb 2021 11:09:24 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
39ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&tn=DIV&id=topcontrol&ign=false

Requested by

Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 11:09:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC58 11 KB
1 KB 79ms
78ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&adk=1812271804&adf=3025194257&lmt=1613732964&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613732964568&bpp=4&bdt=382&idt=104&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=110

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab4f68b0ce63681bf36ee07101b903ce1e520c2e18d6546d3d79aa0db577569e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&adk=1812271804&adf=3025194257&lmt=1613732964&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613732964568&bpp=4&bdt=382&idt=104&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Feb 2021 11:09:24 GMT
server: cafe
content-length: 1063
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 11:24:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 11:09:24 GMT
cache-control: private

GET
H2 200 suggest.js Show response
site.yandex.net/v2.0/js/ 8 KB
3 KB 42ms
42ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/suggest.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:09:24 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2610
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "5905bc95497a3dcdd5543e8af9bb2553"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Feb 2021 23:06:16 GMT

GET
H2 200 opensearch.js Show response
site.yandex.net/v2.0/js/ 22 KB
7 KB 44ms
44ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/opensearch.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:09:24 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6188
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "1df256fb3e065fdf3b47b6ac51380393"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Feb 2021 23:05:59 GMT

GET
H/1.1 200
OK search.png
xn-----6kccsaeozbsgoedln8v.xn--p1ai/i/ 421 B
731 B 101ms
100ms Image
image/png 185.4.73.64
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/i/search.png
Requested by: Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.4.73.64 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS: sc7e94c91.fastvps-server.com
Software: nginx/1.18.0 /
Resource Hash: 4565f6bd7391950f1dd43125dcf1fc564d75ee0306738833e4b16891cb7caf60

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 11:09:24 GMT
Last-Modified: Tue, 04 Apr 2017 21:23:57 GMT
Server: nginx/1.18.0
ETag: "58e40eed-1a5"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 421
Expires: Sun, 21 Mar 2021 11:09:24 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 83A6 405 B
414 B 701ms
701ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=280&adk=606731570&adf=2108262517&pi=t.aa~a.3256163129~rp.4&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x280&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=3&bdt=599&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BLSRkk3LMN&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7504eebe8bf7e65066956a677de31699b9069f167eb634345d9b3258bc28d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=280&adk=606731570&adf=2108262517&pi=t.aa~a.3256163129~rp.4&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x280&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=3&bdt=599&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BLSRkk3LMN&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Feb 2021 11:09:25 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: IDE=AHWqTUk_MeKD52GKlP8Lt4JPPfbRJDYXiD2D014hU92DrYZUPwE7n_7sVtDT4d74; expires=Wed, 16-Mar-2022 11:09:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 11:09:25 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 73C9 123 KB
40 KB 640ms
639ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06e4e05bc4030d99a47f8a9d32bce9c3068c0dec264baab3b80a29d7f1163d69

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKKjh-Hn9e4CFfjquwgdPMQGYg&gqi=ZJwvYNzZMrCM1fAPlIW9wAo&layout=/sadbundle/%24csp%253Der3%24/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKKjh-Hn9e4CFfjquwgdPMQGYg&gqi=ZJwvYNzZMrCM1fAPlIW9wAo&layout=/sadbundle/%24csp%253Der3%24/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Feb 2021 11:09:25 GMT
server: cafe
content-length: 40528
x-xss-protection: 0
set-cookie: IDE=AHWqTUlRcJC0rSkRUdbOL7Jo51OVEkbI3yUp9HzJwLK0D5fUZqnmaVriWzTiYwzM; expires=Wed, 16-Mar-2022 11:09:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 11:09:25 GMT
cache-control: private

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 77FF 180 KB
51 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 110278
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 18 Feb 2021 04:31:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 04:31:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 77FF 13 KB
5 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 131290
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 17 Feb 2021 22:41:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Feb 2022 22:41:15 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 77FF 90 KB
27 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 67076
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Thu, 18 Feb 2021 16:31:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 16:31:29 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 77FF 72 KB
16 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ed84e4aa1f7fe5f0907cb64ee40941cf5cf83395e98292472157d2be68dbdd7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22443
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16597
x-xss-protection: 0
server: sffe
date: Fri, 19 Feb 2021 04:55:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b07487c3da4c1d6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 04:55:22 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 77FF 3 KB
1 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 162281
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 17 Feb 2021 14:04:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Feb 2022 14:04:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 77FF 41 KB
13 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 162273
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 17 Feb 2021 14:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Feb 2022 14:04:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 77FF 1 KB
522 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium%20Web:400,600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3ed1830148e96c0bca6a83fdcc5b5144fd87b29464172af2d7369a37ee864e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 10:51:55 GMT
server: ESF
date: Fri, 19 Feb 2021 11:09:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 11:09:25 GMT

GET
DATA 200
OK truncated
/ Frame 77FF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5362c0308bc1fa7a5eb0e1290ac0360c8ea62d99727c58d36651eecedcf82e15

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 77FF 3 KB
3 KB 31ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 10:22:27 GMT
x-content-type-options: nosniff
server: cafe
age: 2818
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Sat, 20 Feb 2021 10:22:27 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 77FF 344 B
449 B 31ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 06:19:42 GMT
x-content-type-options: nosniff
server: cafe
age: 17383
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 20 Feb 2021 06:19:42 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 77FF 0
285 B 47ms
43ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cfa-6ZJwvYLDuKsORtgej0YmQBpO9orNh8Iubq8MNkJTFrMwEEAEgz_zIEmCViriCyAegAdyK4e0CyAEJqQLMcupSAEu0PqgDAcgDCKoE8QFP0JhE1uKz8jW-jgJcrabYv2BUQzfFsbjHDnxTJbBWGFb_oo0wZB9lnZ54v8ZpUVkZwOwPJBzf8JcXEQztxj0zZW0bpuTcXp6bgznJx23PEQzipm1SzdMx03ovRDh7-l5cvmdP0RUqMucf06MErCbIo3OkCASt9KClxSnPi9r2b6fS1WkVT0STGpR9pKwC-wSdBTvAy77qxqp0l6HqiIGXAjvcbbigZILc7nqNTlWlXF6SM3SD8sfh_UrhjFnGJg-irVQPMypxGuutypsAGfeDG3rDK4Exv9T5fcIm635jhsazc7TVJBS4hf2EalmCULYgwATc6vPJ9QGSBQQIBBgBkgUECAUYBKAGLoAHjPWekgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ648E0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTA5MjU2MjMzNzg2ODc0NzM&sigh=jpnIWlu15_A&template_id=419&tpd=AGWhJmu9bC-wyNMEyVdA-ebs2uejd_RJPWcVD9luym7fkH0-lA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Feb 2021 11:09:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Feb 2021 11:09:25 GMT

GET
H2 200 31d28b43ff46fcdbdb15c0ce52fd1fac.jpg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 30 KB
30 KB 32ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/31d28b43ff46fcdbdb15c0ce52fd1fac.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8be8654a4ed58a29423af4f3c13c714f1df777bf68c490f96d750fbb8d8f7d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 00:47:12 GMT
x-content-type-options: nosniff
age: 37333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30661
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 00:47:12 GMT

GET
H2 200 2e10cb2f64d8a786677661a1f694a124.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 362 B
348 B 32ms
8ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/2e10cb2f64d8a786677661a1f694a124.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

639d619998bff2299f93e2739d550df60e027e1cd18790ef7efb0dbccb67e48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 03:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 03:49:56 GMT

GET
H2 200 677524d2c4295886dbd8693343b29a55.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 5 KB
2 KB 30ms
7ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/677524d2c4295886dbd8693343b29a55.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbf6030de8a2848c85007439431e25ce9133e1521342234586e3fad06df6dd4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 01:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1879
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 01:58:55 GMT

GET
H2 200 89068cd570b2ef845a6a17f5308336ce.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 4 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/89068cd570b2ef845a6a17f5308336ce.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba5d1ae10204a5ae045052eaa12f230987f7ec4c8f145b3da22a1f7a138df062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 01:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1788
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 01:58:55 GMT

GET
H2 200 2e6b22b50cfada650921d8e0735e8276.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 495 B
412 B 15ms
14ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/2e6b22b50cfada650921d8e0735e8276.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

964d05bdb79ce1b9f714f06ab5df9c2f83f8f4ea777f280725fda3dbff80bd62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98157
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 320
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 07:53:28 GMT

GET
H2 200 268e2282edba8db6a10b906b64e448d1.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 1 KB
724 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/268e2282edba8db6a10b906b64e448d1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be248a555e3a2ebfab07b5abef16738dbb02049386676281d979816dbb121385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 01:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 659
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 01:58:55 GMT

GET
H2 200 b64bbfd1bb53bef9209540b044381a0a.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 522 B
426 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/b64bbfd1bb53bef9209540b044381a0a.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f5ebf004a850fddd2b38d5253e11a5d72078f78fbc33bebf2bd04d4980ce751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 01:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 361
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 01:58:55 GMT

GET
H2 200 4afae20e7cb22b1a62a0a177c0e374f3.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 522 B
451 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/4afae20e7cb22b1a62a0a177c0e374f3.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d19dce475761f9bf56ff2d15029fd126eae88c710646aaad465db81aaf9a926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 05:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 361
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 05:57:08 GMT

GET
H2 200 544e72dcc57f26b0baf46c39c20d1dd7.jpg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 36 KB
36 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/544e72dcc57f26b0baf46c39c20d1dd7.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2a5b772ae6b073d7431ba23c8caf1fb5e3001cb9c4d6bad855c97608672b546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 15:04:55 GMT
x-content-type-options: nosniff
age: 72270
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37095
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 15:04:55 GMT

GET
H2 200 3a775646f498ae03f84c2c12c7939182.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 5 KB
2 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/3a775646f498ae03f84c2c12c7939182.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3751be3e25a80c56fca56cd84f3a6255d779f34eab3192357e411072430420c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1878
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 07:37:28 GMT

GET
H2 200 228d59fd57dc15f694e8cb4a5bccb7a9.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 4 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/228d59fd57dc15f694e8cb4a5bccb7a9.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fc1b858f255d3ff8468f91a511fefc61cb294440711ef44502af54e68766252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 01:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 01:58:55 GMT

GET
H2 200 5848df98a8e6ac771ffb0545fa817a16.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 495 B
411 B 16ms
15ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/5848df98a8e6ac771ffb0545fa817a16.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

912efed4639813b4589757a2a534ff539ce7c89a9354645151567eb783702bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 04:31:31 GMT

GET
H2 200 881fd44975d7c26475e460d42756d296.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 1 KB
754 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/881fd44975d7c26475e460d42756d296.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f595511f12cb95e047b1e19dbcede813be6b4c7a6876515b5f330b481183068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 06:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101634
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 660
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 06:55:31 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2
fonts.gstatic.com/s/titilliumweb/v9/ Frame 77FF 12 KB
12 KB 11ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium%20Web:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Titillium%20Web:400,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:18:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:07:08 GMT
server: sffe
age: 93083
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12344
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:18:02 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v9/ Frame 77FF 12 KB
12 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzY5abuWI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium%20Web:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8658dcad983dacbb3bca7bc8217fd0b75f28df85bf9259bd0dccf69e58cb0ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Titillium%20Web:400,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 05:56:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:10:57 GMT
server: sffe
age: 191590
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12276
x-xss-protection: 0
expires: Thu, 17 Feb 2022 05:56:15 GMT

GET
H3-Q050 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012010270040000/ 20 KB
8 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437f0df93cfde16d277d61ba740d9a3f56fecde74a3de7d789ae02808590a9db

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138593
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7254
x-xss-protection: 0
server: sffe
date: Wed, 17 Feb 2021 20:39:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bb338742afe376d1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Feb 2022 20:39:32 GMT

GET
H3-Q050 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 77FF 3 KB
3 KB 36ms
21ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 10:22:27 GMT
x-content-type-options: nosniff
server: cafe
age: 2818
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Sat, 20 Feb 2021 10:22:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 77FF 344 B
798 B 35ms
20ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 06:19:42 GMT
x-content-type-options: nosniff
server: cafe
age: 17383
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 20 Feb 2021 06:19:42 GMT

GET
H3-Q050 200 31d28b43ff46fcdbdb15c0ce52fd1fac.jpg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 30 KB
30 KB 79ms
65ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/31d28b43ff46fcdbdb15c0ce52fd1fac.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8be8654a4ed58a29423af4f3c13c714f1df777bf68c490f96d750fbb8d8f7d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 00:47:12 GMT
x-content-type-options: nosniff
age: 37333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30661
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 00:47:12 GMT

GET
H3-Q050 200 2e10cb2f64d8a786677661a1f694a124.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 362 B
338 B 40ms
26ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/2e10cb2f64d8a786677661a1f694a124.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

639d619998bff2299f93e2739d550df60e027e1cd18790ef7efb0dbccb67e48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 03:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 03:49:56 GMT

GET
H3-Q050 200 677524d2c4295886dbd8693343b29a55.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 5 KB
2 KB 39ms
25ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/677524d2c4295886dbd8693343b29a55.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbf6030de8a2848c85007439431e25ce9133e1521342234586e3fad06df6dd4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 01:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1879
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 01:58:55 GMT

GET
H3-Q050 200 89068cd570b2ef845a6a17f5308336ce.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 4 KB
2 KB 76ms
63ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/89068cd570b2ef845a6a17f5308336ce.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba5d1ae10204a5ae045052eaa12f230987f7ec4c8f145b3da22a1f7a138df062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 01:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1788
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 01:58:55 GMT

GET
H3-Q050 200 2e6b22b50cfada650921d8e0735e8276.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 495 B
492 B 34ms
22ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/2e6b22b50cfada650921d8e0735e8276.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

964d05bdb79ce1b9f714f06ab5df9c2f83f8f4ea777f280725fda3dbff80bd62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98157
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 320
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 07:53:28 GMT

GET
H3-Q050 200 268e2282edba8db6a10b906b64e448d1.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 1 KB
742 B 34ms
22ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/268e2282edba8db6a10b906b64e448d1.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be248a555e3a2ebfab07b5abef16738dbb02049386676281d979816dbb121385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 01:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 659
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 01:58:55 GMT

GET
H3-Q050 200 b64bbfd1bb53bef9209540b044381a0a.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 522 B
389 B 77ms
64ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/b64bbfd1bb53bef9209540b044381a0a.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f5ebf004a850fddd2b38d5253e11a5d72078f78fbc33bebf2bd04d4980ce751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 01:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 361
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 01:58:55 GMT

GET
H3-Q050 200 4afae20e7cb22b1a62a0a177c0e374f3.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 522 B
445 B 36ms
25ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/4afae20e7cb22b1a62a0a177c0e374f3.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d19dce475761f9bf56ff2d15029fd126eae88c710646aaad465db81aaf9a926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 05:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 361
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 05:57:08 GMT

GET
H3-Q050 200 544e72dcc57f26b0baf46c39c20d1dd7.jpg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 36 KB
36 KB 34ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/544e72dcc57f26b0baf46c39c20d1dd7.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2a5b772ae6b073d7431ba23c8caf1fb5e3001cb9c4d6bad855c97608672b546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 15:04:55 GMT
x-content-type-options: nosniff
age: 72270
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37095
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 15:04:55 GMT

GET
H3-Q050 200 3a775646f498ae03f84c2c12c7939182.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 5 KB
2 KB 32ms
23ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/3a775646f498ae03f84c2c12c7939182.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3751be3e25a80c56fca56cd84f3a6255d779f34eab3192357e411072430420c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1878
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 07:37:28 GMT

GET
H3-Q050 200 228d59fd57dc15f694e8cb4a5bccb7a9.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 4 KB
2 KB 34ms
25ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/228d59fd57dc15f694e8cb4a5bccb7a9.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fc1b858f255d3ff8468f91a511fefc61cb294440711ef44502af54e68766252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 01:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 01:58:55 GMT

GET
H3-Q050 200 5848df98a8e6ac771ffb0545fa817a16.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 495 B
401 B 73ms
63ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/5848df98a8e6ac771ffb0545fa817a16.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

912efed4639813b4589757a2a534ff539ce7c89a9354645151567eb783702bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 04:31:31 GMT

GET
H3-Q050 200 881fd44975d7c26475e460d42756d296.svg
tpc.googlesyndication.com/sadbundle/9424153538305122354/media/ Frame 77FF 1 KB
744 B 73ms
64ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9424153538305122354/media/881fd44975d7c26475e460d42756d296.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f595511f12cb95e047b1e19dbcede813be6b4c7a6876515b5f330b481183068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 06:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101634
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 660
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 12:51:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 06:55:31 GMT

GET
H3-Q050 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 73C9 67 B
164 B 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 03:52:26 GMT
x-content-type-options: nosniff
server: cafe
age: 26219
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sat, 20 Feb 2021 03:52:26 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/ Frame F843 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html

Requested by

Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

082fe5a1450ab9a1bc0d5f619ed11e5b8ea66a9d7e49d09270200b3e51dd947a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3311
date: Sat, 13 Feb 2021 03:26:50 GMT
expires: Sun, 13 Feb 2022 03:26:50 GMT
last-modified: Thu, 01 Oct 2020 08:22:17 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 546155
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 30F0 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-ON4ZJwvYKLhM_jV7_UPvIibkAax_IGpYZ6K-ZTODOLc6JnLARABIM_8yBJglYq4gsgHoAHwnbryA8gBCakC66DXSm5JtD6oAwHIA8iAgAKqBPUBT9AIFn4AhxqcDh4fETA6-97AJFzhpI-06al97no6Jk4cRrpK1w77CpGN9E3LbX2tSavp_nJaKdISwuTrgK3sJAaITrWf7g1-kY-1UjuER2IjNVCSsbvSxIKc3qjBbOWere8f5ckIa0KY0dpMPiGgAsXKErF5WTgXNyMElX3PsUTw7tAsgaSMH-ETVzMCCy1D5elntQWPFM1PhH9YYNvzN0bG9XaVWGPHNYmDd3FXQ7bkJ2I0tQcLdsG-0Z5GerlRL40KUvfaedSUxYJwHfdsOnuyuR8O-KAxScuJrLt-Yj-CfFiItSr57Qy-piERo7hHXsCfwoLABLaK1-94kgUECAQYAZIFBAgFGASgBi6AB_jhxQ2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQqI0L0ggJCIDhgBAQARgfgAoByAsB2BMCshcaChgIABIUcHViLTA5MjU2MjMzNzg2ODc0NzM&sigh=eJIZzlWerWg&template_id=419&tpd=AGWhJmuyf4Y5MSHNonQjJ8BbwrqMGQCsHhwdcyYMfO_6CKJorA

Requested by

Host: xn-----6kccsaeozbsgoedln8v.xn--p1ai
URL: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Feb 2021 11:09:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 30F0 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 10:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 10:59:35 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 30F0 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 11:05:22 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30F0 107 KB
33 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565156040306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33368
x-xss-protection: 0
expires: Fri, 19 Feb 2021 11:09:25 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 30F0 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 10:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 10:59:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 30F0 0
0 14ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTI9dewWSrtQ4EML-3kmoRSVvq-tZKSf_Ste6ymXzzRLo_nHg1p2Hxx19VDtIDNhz_ShnuE8RmzF5VWDNDqY6w7prcIlw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A2C 143 B
216 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk_MeKD52GKlP8Lt4JPPfbRJDYXiD2D014hU92DrYZUPwE7n_7sVtDT4d74
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 19 Feb 2021 10:34:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2092
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 30F0 0
679 B 68ms
41ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKKjh-Hn9e4CFfjquwgdPMQGYg&gqi=ZJwvYNzZMrCM1fAPlIW9wAo&layout=/sadbundle/%24csp%253Der3%24/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 11:09:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F843 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Feb 2021 16:32:35 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F843 22 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 17:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Feb 2021 17:30:56 GMT

GET
H3-Q050 200 font.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/ Frame F843 46 KB
36 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/font.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da96a171a34b9a285b390a0420dce56df11ccc00944a462f334a7eadbf4e8c9c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 25833
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35363
x-xss-protection: 0
last-modified: Thu, 01 Oct 2020 08:22:17 GMT
server: sffe
date: Fri, 19 Feb 2021 03:58:52 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 03:58:52 GMT

GET
H3-Q050 200 logo_d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/ Frame F843 1 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/logo_d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 306185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1450
x-xss-protection: 0
last-modified: Thu, 01 Oct 2020 08:22:17 GMT
server: sffe
date: Mon, 15 Feb 2021 22:06:20 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 22:06:20 GMT

GET
H3-Q050 200 tyre.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/ Frame F843 15 KB
15 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/tyre.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be940ccffd1f5ebb226e4387dd233ef7233da8dc5311ba85720c97593be34b33

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 133722
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14949
x-xss-protection: 0
last-modified: Thu, 01 Oct 2020 08:22:17 GMT
server: sffe
date: Wed, 17 Feb 2021 22:00:43 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Feb 2022 22:00:43 GMT

GET
H3-Q050 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/ Frame F843 38 KB
38 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13930c0ecfae1462eb377f45f5f953eb3dca8d96044cd7b2440a4436e57f5626

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 3107
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38847
x-xss-protection: 0
last-modified: Thu, 01 Oct 2020 08:22:17 GMT
server: sffe
date: Fri, 19 Feb 2021 10:17:38 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 10:17:38 GMT

GET
H3-Q050 200 logo_l.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/ Frame F843 1 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/logo_l.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9393903214525106814/nt_a20-DE_728x90_find-nearest-dealer/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 336880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1497
x-xss-protection: 0
last-modified: Thu, 01 Oct 2020 08:22:17 GMT
server: sffe
date: Mon, 15 Feb 2021 13:34:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:34:45 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A2C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
496 B

39ms
39ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=90&adk=1128245277&adf=3752690873&pi=t.aa~a.1166087973~rp.1&w=832&fwrn=4&fwrnh=100&lmt=1613732964&rafmt=1&to=qs&pwprc=7705860590&psa=0&format=832x90&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1613732964784&bpp=1&bdt=599&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0%2C832x280&nras=1&correlator=8067429905853&frm=20&pv=1&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=516&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0dp9v4nW4x&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=26

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk_MeKD52GKlP8Lt4JPPfbRJDYXiD2D014hU92DrYZUPwE7n_7sVtDT4d74
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 19 Feb 2021 11:09:25 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 19-Feb-2021 12:09:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 11:09:25 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 19 Feb 2021 11:09:25 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F843 34 KB
34 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 30F0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9003068f645b2de8ec087ebecdd9458d44efbc2e4f2fd471175e3eb54226faa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

412dd45e5a7e86c11186a2b766e8de206ede29762071ae0c1a73f1de475cb9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 11:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6462
x-xss-protection: 0

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
pagead2.googlesyndication.com/bg/ Frame F843 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 17:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 62945
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Fri, 18 Feb 2022 17:40:20 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?bust=exp%3D21066650

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 11:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 19 Feb 2021 11:09:25 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9A8A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 19 Feb 2021 10:53:05 GMT
expires: Sat, 19 Feb 2022 10:53:05 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 980
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A8A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 17:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 62945
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Fri, 18 Feb 2022 17:40:20 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
180 B 40ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=1448709683167724&bg=!e3ileDvNAAXRs2QT0TsAKQB2-Dxav-ufIUlcKsKC2pBYhI8Qd3o2o05nFiMSk49L8SI_7zrPrcSRAgAAAHZSAAAAE2gBBwoATMR6LiWyaJwOFMFXHfo1TWPo6v5rHVbCHnQHWB-B0pbsGugA3kSU7GFCoV3rF96kMk_nTQ8fGqJg-zu4tBfDJGxm1Lf1AtN0krvxP-6ZAeL2_rQdDRtSZ_jgZ9w0JkIL4dwFe7EcqnJsemr5yEQfaim2nYE1SGr1k4QcUajj01tVV-ujlC4m8-tZqZwY0k2LjeeaNlAEHQbFfU-GS_iLg9iyFWQh5oZrnnQrP96KYkUgg8b4Q8MCqpQVLmciTtJ18rvf-lxiiOPixqt_CoSxxLEEkx7nMFwzg01sEYqQsUIVr8VFPiV8xjEXkE52fNDiG-AyC_stWyOCkDIgDVKWt7lNIqzc5s9GicLn8nujjsukAt_FJODvHHCcneZzg9IbmcVP4pofGyC-nHTDti2M9oIBi-zNi0WlLeq7yhsFiSOTsFVwRR5QToAGlgzELe5EnLlGv7PcdR7iQ8JhIdPrpKKoNELhpoUP7vWxWm37FG1M1tzFW2RxvQsTXwjfoO6KcOkypLoZ2cQNK6sVw44e0hdHrVtIXIo8-6E2u00DNqg1138VEDfxYhY632B9oy_221qxtSPuX_oqv9Up-6yHriZAnHMQS7_XW_erw98KFnqT0jpwcYO1RK0XCiq8c8e4Rzcra0R0wv__kvuNGVnAde66IdcmB1Km05AT9tCxTMbQLAOXyh5yRXS3Dzz-8dXxKwFetZqD8d98ez7O24zNBrhnABDH46tGLvAepTw3JJ3Otw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn-----6kccsaeozbsgoedln8v.xn--p1ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 11:09:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 77FF 42 B
94 B 42ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEDR0WWAGI2qskctZot39OUXxAL3vRUTaFwwd3mB4Vmb0nNy3IaZM0kgafSh70BPTGnA0-Fd1aK_NnFxKdpa16VJQKvfP944UFPWP844rw2neH-M9rP645nhcofA&sai=AMfl-YSxVQsCuraYBr7SGti__lqj6Iv53TMiPnjNTXl_3FtOeQKoJFmhhzwKZNkvflc0eWjgDOMMLtkdWE7s&sig=Cg0ArKJSzMKfSsFPcsVnEAE&id=ampim&o=253,126&d=200,400&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=99&tls=1099&g=100&h=100&tt=1099&r=v&avms=ampa&adk=281322601

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 11:09:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:15:36	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 01:37:08	Name: IDE Value: AHWqTUk_MeKD52GKlP8Lt4JPPfbRJDYXiD2D014hU92DrYZUPwE7n_7sVtDT4d74
.xn-----6kccsaeozbsgoedln8v.xn--p1ai/	1970-01-20 01:37:08	Name: __gads Value: ID=49f620ac932e61fd-226f487a8aba0029:T=1613732964:RT=1613732964:S=ALNI_Mbzix1AWZCB9oCWqf7qLf2wyMLa-g

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0925623378687473&output=html&h=400&slotname=4197228144&adk=281322601&adf=3027189916&pi=t.ma~as.4197228144&w=240&lmt=1613732964&psa=0&format=240x400&url=https%3A%2F%2Fxn-----6kccsaeozbsgoedln8v.xn--p1ai%2F&flash=0&wgl=1&dt=1613732964552&bpp=16&bdt=367&idt=87&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8067429905853&frm=20&pv=2&ga_vid=1451761584.1613732965&ga_sid=1613732965&ga_hid=2056461092&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=253&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066650%2C44731609%2C44736623%2C21068084%2C21068769%2C21068893&oid=3&pvsid=1448709683167724&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WMrXz1haQb&p=https%3A//xn-----6kccsaeozbsgoedln8v.xn--p1ai&dtd=112

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
site.yandex.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
xn-----6kccsaeozbsgoedln8v.xn--p1ai
yandex.st
yastatic.net
142.250.185.130
185.4.73.64
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a02:6b8:20::215
88.212.201.210
03cbc98c6b792cd755f1b076fb602eb085eac955672aff0f56c562f81ef496d1
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06e4e05bc4030d99a47f8a9d32bce9c3068c0dec264baab3b80a29d7f1163d69
082fe5a1450ab9a1bc0d5f619ed11e5b8ea66a9d7e49d09270200b3e51dd947a
0d90b273aead33d6e0383ef37099018cfcb0797fedfff47a4eb9cb7d29429cd4
1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d
13930c0ecfae1462eb377f45f5f953eb3dca8d96044cd7b2440a4436e57f5626
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d19dce475761f9bf56ff2d15029fd126eae88c710646aaad465db81aaf9a926
1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50
1ed84e4aa1f7fe5f0907cb64ee40941cf5cf83395e98292472157d2be68dbdd7
2a104fc5939b8a043033b67c74a68b3124f0a8e64a6fecc6f92821c69af79b14
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f5ebf004a850fddd2b38d5253e11a5d72078f78fbc33bebf2bd04d4980ce751
3751be3e25a80c56fca56cd84f3a6255d779f34eab3192357e411072430420c0
37e1d8d6f8b576654ca89425b1b0e8b6b4446e3c4dc253af50ee1481b8aea3e8
412dd45e5a7e86c11186a2b766e8de206ede29762071ae0c1a73f1de475cb9e6
437f0df93cfde16d277d61ba740d9a3f56fecde74a3de7d789ae02808590a9db
4565f6bd7391950f1dd43125dcf1fc564d75ee0306738833e4b16891cb7caf60
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
5362c0308bc1fa7a5eb0e1290ac0360c8ea62d99727c58d36651eecedcf82e15
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
557c7eff7e290be0c9ba43c9992a9a53511608560c9e1c23efc05851e186a2a7
57690e5883e3cbd0acd0d1dd65d99566e8a219b21efff9430027e54fdbceba92
6315fac5e9c655039a137f4bee6e75eea08d807ae41226d1425fecce929603dc
639d619998bff2299f93e2739d550df60e027e1cd18790ef7efb0dbccb67e48c
6fc1b858f255d3ff8468f91a511fefc61cb294440711ef44502af54e68766252
70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
740d4116a0762799ef5e8f4f9c8c481f20f518651a804e70f451daaffdc0939f
7ab0341f68cc06548e5b65a9660bf17584dd7a03bc68edf26a41a560789d1a84
7cc8a11e39d99e0a6f5c34b48966e2fa9eecca0fa4896524b034ba2bb5d2110d
7f595511f12cb95e047b1e19dbcede813be6b4c7a6876515b5f330b481183068
8658dcad983dacbb3bca7bc8217fd0b75f28df85bf9259bd0dccf69e58cb0ecd
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8be8654a4ed58a29423af4f3c13c714f1df777bf68c490f96d750fbb8d8f7d39
912efed4639813b4589757a2a534ff539ce7c89a9354645151567eb783702bca
964d05bdb79ce1b9f714f06ab5df9c2f83f8f4ea777f280725fda3dbff80bd62
9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a8981909d9e1b70826e29e27ffdb6f4c96a76dbc9e4194cfc76b86478ad77992
a9003068f645b2de8ec087ebecdd9458d44efbc2e4f2fd471175e3eb54226faa
ab4f68b0ce63681bf36ee07101b903ce1e520c2e18d6546d3d79aa0db577569e
ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73
b20f6a1220c08a22bb50dd2ef23849201afd9a22b29672f3853be8cd9d5b345f
b2a5b772ae6b073d7431ba23c8caf1fb5e3001cb9c4d6bad855c97608672b546
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b7504eebe8bf7e65066956a677de31699b9069f167eb634345d9b3258bc28d07
ba5d1ae10204a5ae045052eaa12f230987f7ec4c8f145b3da22a1f7a138df062
bb74b8518b09f60ae1977c3b28985647819abde38b046b88915be301986eca2f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be248a555e3a2ebfab07b5abef16738dbb02049386676281d979816dbb121385
be940ccffd1f5ebb226e4387dd233ef7233da8dc5311ba85720c97593be34b33
c3ccd54025f8496cae0ea53302f89ca645b3f37c968a244826f12ab52ca772d7
cbf6030de8a2848c85007439431e25ce9133e1521342234586e3fad06df6dd4f
ccb45bbc81c9976a76bd399f53e9bbedf3f265b2174e28c09a93b684c2822c83
cf2895748ff17647a8bf4b81347ce73b30747bdd9f8dd6687e839b86a0b17f85
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d66b1d379dd4ab3f5d24e8cbf844b9e2d1080b41fd93e338e66157ffe902aad4
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da96a171a34b9a285b390a0420dce56df11ccc00944a462f334a7eadbf4e8c9c
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
dcc8bbfe360eff9a024f8ea9927683490b2e651d4349ed6011ef17d649818610
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ed1830148e96c0bca6a83fdcc5b5144fd87b29464172af2d7369a37ee864e4
f883a11da9aae3bc64c33b86b6864ece97d89a89b34f00d22c2e6c02d3fb07ee
fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

xn-----6kccsaeozbsgoedln8v.xn--p1ai Open in urlscan Pro Puny экзамен-пдд-онлайн.рф IDN 185.4.73.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

100 %HTTPS

70 %IPv6

14 Domains

16 Subdomains

11 IPs

4 Countries

894 kBTransfer

2038 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xn-----6kccsaeozbsgoedln8v.xn--p1ai Open in urlscan Pro Puny
экзамен-пдд-онлайн.рф IDN
185.4.73.64 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

100 %
HTTPS

70 %
IPv6

14
Domains

16
Subdomains

11
IPs

4
Countries

894 kB
Transfer

2038 kB
Size

3
Cookies

100 HTTP transactions
3 data transactions