one-ipoteka.ru Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://one-ipoteka.ru/
Submission: On January 22 via api (January 22nd 2024, 7:08:04 am UTC) from RU — Scanned from NL

Summary HTTP 134 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 16 domains to perform 134 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is one-ipoteka.ru.

This is the only time one-ipoteka.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
3	2606:4700:20:... 2606:4700:20::681a:6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 13	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	108.128.8.111 108.128.8.111	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:5000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:1ac... 2600:1f18:1aca:4280:291a:9eb3:2346:5191	14618 (AMAZON-AES) (AMAZON-AES)
134	23

14 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

one-ipoteka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:6ba (United States)

ASN13335 (CLOUDFLARENET, US)

www.amcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.8.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-8-111.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:5000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:1aca:4280:291a:9eb3:2346:5191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	555 KB
19	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	178 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	286 KB
14	one-ipoteka.ru one-ipoteka.ru	276 KB
9	adsafeprotected.com fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com — Cisco Umbrella Rank: 719	105 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	114 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	48 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	261 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	amcharts.com www.amcharts.com — Cisco Umbrella Rank: 35571	85 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	14 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
134	16

	Domain	Requested by
23	pagead2.googlesyndication.com	one-ipoteka.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
21	tpc.googlesyndication.com	googleads.g.doubleclick.net one-ipoteka.ru tpc.googlesyndication.com pagead2.googlesyndication.com s0.2mdn.net
18	s0.2mdn.net	one-ipoteka.ru s0.2mdn.net
14	one-ipoteka.ru	one-ipoteka.ru
13	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com one-ipoteka.ru googleads.g.doubleclick.net
6	dt.adsafeprotected.com
6	cdnjs.cloudflare.com	one-ipoteka.ru s0.2mdn.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net one-ipoteka.ru
4	fonts.googleapis.com	one-ipoteka.ru googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.amcharts.com	one-ipoteka.ru
2	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	one-ipoteka.ru
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googleadservices.com	one-ipoteka.ru
1	fw.adsafeprotected.com	one-ipoteka.ru static.adsafeprotected.com
1	maxcdn.bootstrapcdn.com	one-ipoteka.ru
1	code.jquery.com	one-ipoteka.ru
134	22

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
amcharts.com E1	`2023-12-10` - `2024-03-09`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 21 frames:

Primary Page: http://one-ipoteka.ru/
Frame ID: 5F898F67E4E2CEC61CC79F87BC331B69
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: EC6198D78BF6DC98854EE84294BBF086
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1505097607752413&output=html&adk=1812271804&adf=3025194257&lmt=1680379816&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Fone-ipoteka.ru%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&dt=1705907280203&bpp=7&bdt=191&idt=166&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3636184784281&frm=20&pv=2&ga_vid=27086096.1705907280&ga_sid=1705907280&ga_hid=935319817&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080333%2C44809531%2C31080558%2C95320869%2C95320892%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=3424942105111508&tmod=1740259219&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=179
Frame ID: A9C8C7573F3BE41E0A5CA424520D1642
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1505097607752413&output=html&h=280&adk=3987640334&adf=4283947098&pi=t.aa~a.1043414356~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1680379816&rafmt=1&to=qs&pwprc=1031809105&format=1110x280&url=http%3A%2F%2Fone-ipoteka.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705907280210&bpp=1&bdt=198&idt=177&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3636184784281&frm=20&pv=1&ga_vid=27086096.1705907280&ga_sid=1705907280&ga_hid=935319817&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080333%2C44809531%2C31080558%2C95320869%2C95320892%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=3424942105111508&tmod=1740259219&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=179
Frame ID: EC50AAF101F2FD820095EADFF8F9FA07
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1505097607752413&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1680379816&rafmt=1&to=qs&pwprc=1031809105&format=1200x280&url=http%3A%2F%2Fone-ipoteka.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705907280963&bpp=1&bdt=951&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=3&correlator=3636184784281&frm=20&pv=1&ga_vid=27086096.1705907280&ga_sid=1705907280&ga_hid=935319817&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080333%2C44809531%2C31080558%2C95320869%2C95320892%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=3424942105111508&tmod=1740259219&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Frame ID: 425AA2449705D49E72275B01FA8B3EF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1505097607752413&output=html&h=280&adk=3088186576&adf=154517092&pi=t.aa~a.3419508083~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1680379816&rafmt=1&to=qs&pwprc=1031809105&format=1200x280&url=http%3A%2F%2Fone-ipoteka.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705907280963&bpp=1&bdt=951&idt=0&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1200x280&nras=4&correlator=3636184784281&frm=20&pv=1&ga_vid=27086096.1705907280&ga_sid=1705907280&ga_hid=935319817&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080333%2C44809531%2C31080558%2C95320869%2C95320892%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=3424942105111508&tmod=1740259219&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6
Frame ID: EC592918C663F65882470EE46D0DA792
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: EA17CECEA7FF2C194471CD8EE3D9D238
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1A95258F99FA33A288CB07876D2FB082
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: ED9EB6E1CC96F68F774023C90CF2FE11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfB-dsCENG7ud0CGKz2mOUBMAE&v=APEucNXTs93_Mu2ojYj5B1nVvY0VVAh19ITwR15zQQ3YR-cQR9Jrlknta9yo9yVt9jUrfymCyHbgR2j5c5XqopcgU0kpceHed1oFGxFP2d7jZ0qyi_aajavBoI0rfmIHkFls9J_2DVrcXqJkHATOxVIVM_DLiFx_8vxZlN0Qp41BUYYKNaAo6EI
Frame ID: 53D99EB07152E7D539D2464106611E87
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 633B3E55BB61ACE17E87EA98DB11992C
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B5AB3E3DF9ACCF663743B7CF49484169
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 0959179BA410FC91F0267118C621F33F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 008B37131610A0747A674E5811A21779
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 6471CE81A0120BDF5E8AA991C08C5350
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E7A25C80544BB785255DF61BD3DF8344
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
Frame ID: FC12E36D63AE299EF01A230746CB23C7
Requests: 20 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 65A1992628C22B69EFEBDD086E09A917
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D733667F19C6E617EF14A0E5E241076B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 026AE6C5EB50B26C407D46669610CE7F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 8A01E752DA847D0472C2B6BAECA38223
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ипотечный калькулятор - рассчитать ипотеку онлайн 2021 Сбербанк

Detected technologies

amCharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

amcharts.*\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

134
Requests

85 %
HTTPS

73 %
IPv6

16
Domains

22
Subdomains

23
IPs

4
Countries

1958 kB
Transfer

5083 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=CrRLWUBSuZbfRHcSHtdEP0sONoAWH6rK2dbeDsPa6EmQQASDZ19FQYJGEgID8F6AB5rSBxAHIAQmpAp2Ka-hlSLI-qAMByAPLBKoExQFP0IjvH9-gc44rpHoat7YX0coE_qlLDcC7y7eztq5VU4jEUoPMfnJUDkQbGf2yFlGsK76wsA17aTY1IVrII2NyW1ngaQTPbGSkwf_X7bF_t51bqGFDCE1BLVf2VAF9_NKYOfm1-Php7sTI_LdGafv-646K1x3mtoX9gUIIxM1PtlZYZrzP2zhijTXFUy1fmlcoHfR4n_tR8nGisX9Z8pZd7L7eSL8fg8L74Yr8D0meVH7UjMH4qi6Ik_0OeJA4CQIDMTAc-8AE-sS969EEiAXIy8nJTZIFBAgEGAGSBQQIBRgEoAYugAeCy_67AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEMLpFtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYhtLf67fwgwOaCX9odHRwczovL3d3dy5wZW9wbGVjZXJ0Lm9yZy9icm93c2UtY2VydGlmaWNhdGlvbnMvcHJvamVjdC1wcm9ncmFtbWUtYW5kLXBvcnRmb2xpby1tYW5hZ2VtZW50L1BSSU5DRTItMi9QUklOQ0UyLTctZm91bmRhdGlvbi0zNTc5gAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTE1MDUwOTc2MDc3NTI0MTMYAA&sigh=c7t2v_y7dEQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_qjRUOfufYbgVAvBunTwtSUQgwHuJBl70Ht051yI7BArt3lsKsPTHcn06uY8ANwKx75uzZJEo3NcRFzeJoveJleS7zgh4eBLxCSwYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222512771087807825039%22,%22debug_reporting%22:true,%22destination%22:%22https://peoplecert.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22411064934%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224354302734757944625%22}&andc=true

Request Chain 74

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOilHVlftxh6-qsAq7GOXPQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOilHVlftxh6-qsAq7GOXPQ&google_cver=1&C=1

Request Chain 76

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za4UUflm8Jy9iH2-noOyCwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFNpRBKkQLRseJ6xOib_M&google_cver=1

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMZhFTLInU5PMTX5bpTijSs&google_cver=1

Request Chain 78

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU2OTMxNTcxMjY4NDk4ODIzMg%3D%3D

134 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
one-ipoteka.ru/ 26 KB
5 KB 405ms
90ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33 PleskLin
Resource Hash: 0f172c675ebb6cb63ace7cdd0d508f15eae4ad277190fa0d8a42060ac2f4d8ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8495f6938838380a-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 22 Jan 2024 07:07:59 GMT
Last-Modified: Sat, 01 Apr 2023 20:10:16 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4cwdAKug0UdWZBpjeKy67CFRKWkmI9m8RRtZJSukj4lsnGP4EtR5It%2FnOOz0vQIqeMEAyyOjVS9pKuGC3xYvT8pc8JffclSgiWGYpDSIS5dMpoXK294dFkPpWWhjlCbljp1BXEPbWQ1gOQEzw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.33 PleskLin
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 150ms
102ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20248ead646be88526b349c756e3ed5b22451c0ae67f7d7cf15d6b3fd50ff23f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51419
x-xss-protection: 0
server: cafe
etag: 9524363407954876393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 22 Jan 2024 07:08:00 GMT

GET
H/1.1 200
OK bootstrap.min.css
one-ipoteka.ru/css/ 141 KB
21 KB 108ms
107ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://one-ipoteka.ru/css/bootstrap.min.css
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Wed, 26 Dec 2018 06:40:37 GMT
Server: cloudflare
Etag: W/"450fc463b8b1a349df717056fbb3e078"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9yYYWf3EYpYqZE7u61hw%2F2j4RzDXU9cMb7dw3unLEIx60HNyvsBTKi08EatYaDAlZL9kE5bntYvMVCM42TXm1Qm5yLB%2Fv%2BIbW2RRZknyEFadWT112ATX0WySCDTkRUEtVqZ6F9yxmESj6rW9A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=2592000
CF-RAY: 8495f69428a1380a-FRA

GET
H/1.1 200
OK comments.css
one-ipoteka.ru/css/ 46 KB
9 KB 61ms
37ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://one-ipoteka.ru/css/comments.css
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: cffcfb93817681351e19f7f0156118f4c8eb1b662f948d6e06a6882ce6ac3779

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 64059
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Wed, 26 Dec 2018 12:46:32 GMT
Server: cloudflare
Etag: W/"4a104b5b4749fd819c0f296a12c06816"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPUNTzRQPV1pIS0sX7hLzUrqxDFR0BPecGlgIGXNY38dMmHiOEITo0X8zr9qNaHSmf8Bxm4%2B1CjZPhiI8nImSkWTm%2BRHRDHVAKbtjAZtD%2FQ2QLxgDDUAdKAaHbymOvl3pDqVyK4ZSn%2B4hsvcnw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=2592000
CF-RAY: 8495f6944813f0e3-CDG

GET
H2 200 ion.rangeSlider.min.css
cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.2.0/css/ 2 KB
1 KB 67ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.2.0/css/ion.rangeSlider.min.css

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acbc6d5286e1a77e3916528a1798c6aa661ed74acf42aee8a1feae41b3386d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4757560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 506
last-modified: Mon, 04 May 2020 16:11:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea7-7ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLEDpuFd5P8cFOsVpe6tamVOwuZk0ZPKnkWax0hk3ffGaFlqGwiyuh7La22HjmSU1J26WDF4cqHdEXlxCwbZN3%2F%2BW69A%2FJ6EG8YozEDHtD5DcdNZ7Lfak1%2BBNjomSHZ6qiCGfHnYCo0uO02FS1ZCWiBX"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8495f6946f8d90f2-FRA
expires: Sat, 11 Jan 2025 07:08:00 GMT

GET
H/1.1 200
OK custom.css
one-ipoteka.ru/css/ 2 KB
1 KB 66ms
40ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://one-ipoteka.ru/css/custom.css
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: bf0d8a5f4135c57b15f211ee45e2299ae19e65a17caaf034e58108b4bf6a12fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4364
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Wed, 26 Dec 2018 11:45:50 GMT
Server: cloudflare
Etag: W/"47a689aedfbeb3e58a18e9ea49b8a766"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcTh8lC71Z%2F6iuag5CYyH3X%2Bu7Tseen30XSui1OGnI%2BebTNGjB9fyDN4%2BQBAUoDRgXyvqMjA5NUklyxdANrukFl513aUwUoiAk3Ydcc%2BnDaENpu8zRDoH241Uz3jbZMhBFL4rSToXUh9MU61ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=2592000
CF-RAY: 8495f6945c2422b1-CDG

GET
H2 200 css
fonts.googleapis.com/ 2 KB
979 B 75ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 07:04:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 07:08:00 GMT

GET
H2 200 ion.rangeSlider.skinHTML5.min.css
cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.2.0/css/ 2 KB
874 B 70ms
29ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.2.0/css/ion.rangeSlider.skinHTML5.min.css

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b135e37dfaf32624746cec10c75a569cf5dfca2e61b3188362d185ae764b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5955076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 559
last-modified: Mon, 04 May 2020 16:11:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea7-72a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouEKHu48985Mg%2BQymY70vb68NQv01P12lPH3wOf7JAp7NgATA5ZkyTQc3hH2eqOhtWBNMMPIl%2FAORGu4fStQE6mhtoY7Jf2YNHJEsMKyAtT2KJFda82W4RgyHMJO8SWt%2BWb16mOB58a3EDlI0hJDYMg3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8495f6946f8e90f2-FRA
expires: Sat, 11 Jan 2025 07:08:00 GMT

GET
H/1.1 200
OK logo.png
one-ipoteka.ru/images/ 139 KB
140 KB 72ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://one-ipoteka.ru/images/logo.png
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: a2a4bf0c6041176f439bbab0fbd22bcbadfe8377b9d3db10c0a834bd9b35b7e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 13527
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Wed, 26 Dec 2018 11:43:07 GMT
Server: cloudflare
Etag: "c41e5c684b4d71232489712b6bf7747c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FO238cXOnhSU9hSlpVgmT3%2BpKpPu4WkmTt1cLQR%2FrPUfLyETRzvZSRcpdHcBWJFs6f8B6ZwgrsxX647AvqlRqTpm06YwXhDe3Yu18u3mR3H8qjmS6UE8ViCjCjc%2BIZ%2FkPHvYwM7Q7zaZYhrzA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000
CF-RAY: 8495f694583cf128-CDG

GET
H/1.1 200
OK sberbank.gif
one-ipoteka.ru/images/ 1 KB
2 KB 71ms
44ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://one-ipoteka.ru/images/sberbank.gif
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: 084b22a9d20a62cc350d6d01ccd0e33f9a60ed6810fd988d98c6445ed1dced48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 117820
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Tue, 15 Jan 2019 07:49:48 GMT
Server: cloudflare
Etag: "82b3d8ee64b31640a49cbd92b2c8dc8d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klSVudY80CKNE3vYJUHZS79v4rPcMBII0ztclBCkSFr7o%2FxiyEZCaxMNLs5foCyMO9YacSBp1Bq8SDbY4aWQdmqFjWxdfoSnTsHQGwxl1%2BIX1k1QGceSDdRJ0vxz7mxii2%2F1PVr%2Bz6DTQjISXg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: public, max-age=2592000
CF-RAY: 8495f6945f7c3d04-CDG

GET
H/1.1 200
OK vtb.gif
one-ipoteka.ru/images/ 1002 B
2 KB 61ms
34ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://one-ipoteka.ru/images/vtb.gif
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: 2ed068409672dfa14329d9e54a2a9d2bc1ac6bb11f84e58d930b3ea75763d3e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2165831
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Tue, 15 Jan 2019 07:49:48 GMT
Server: cloudflare
Etag: "82bbe3cbd1fac837c34beab44cdea470"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjuboSkXkfN8QeVW%2FrcJOpVDTFEJMY%2BtfkAlOWJOsqC%2FPY5xECOgPVna1VjUflOQzvYsl4YU8OKZrqTeHulISVveYJfBSNbgUN1rP8YkBzdyKkqWWGKqV9juJYJRX1rhZ5yT9FqmzzESqEjHxg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: public, max-age=2592000
CF-RAY: 8495f6946853f128-CDG

GET
H/1.1 200
OK gazprombank.gif
one-ipoteka.ru/images/ 1 KB
2 KB 33ms
33ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://one-ipoteka.ru/images/gazprombank.gif
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: a0b9eef294cb41a3960402709cb26f9717cfe2f7bd1d9efe7a241d35872c7903

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2444637
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Tue, 15 Jan 2019 07:49:48 GMT
Server: cloudflare
Etag: "e8d6557d0ed6ba3b9319628c7bd51c38"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyqis6rg8qydxwjMSLYXZu1SELcatqy%2FTy8bTvDcTXNsSvHMfXOcGNWp5rJklVTeIvYH8e%2F%2FwTGskrgaHZlkI2%2FYprySCkzwt7n%2Ff4%2FYJcC%2Fbem5ezNDNvzuVtzgFMgv3uXTIAuYXOmtGWxNXg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: public, max-age=2592000
CF-RAY: 8495f694887bf0e3-CDG

GET
H/1.1 200
OK rshb.gif
one-ipoteka.ru/images/ 2 KB
3 KB 35ms
35ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://one-ipoteka.ru/images/rshb.gif
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: 660c6c020805a0e40ce22587bada2ae2de2ccdf08a43f85cb52c4a1134ce2825

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2444637
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Tue, 15 Jan 2019 07:49:48 GMT
Server: cloudflare
Etag: "28b77dd9cf80247c6946fb53235389e4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZyHN96P0SEQIcTsv5O14OKaQFZMEcd3Yf67qDcFvF4hoTg%2FCm0jN7CBaXMiSKWxjEF2EMGVpJ2qXeXchcDB3NKwEawh5WEH9Cx0EVfDF0MQzoPe5Q2mO0oI1SLkyrfvnpMvx2lRBBhyQY6ZJA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: public, max-age=2592000
CF-RAY: 8495f6949c7b22b1-CDG

GET
H/1.1 200
OK alfabank.gif
one-ipoteka.ru/images/ 707 B
1 KB 31ms
31ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://one-ipoteka.ru/images/alfabank.gif
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: de665a743e6e607120e267644205f56e96a887e455c6fd0fa5c05e53608027cf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 192691
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Tue, 15 Jan 2019 07:49:48 GMT
Server: cloudflare
Etag: "290d374f24690eac5dd98b12d72a33df"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzyeUeEP0F2w0xPG%2B3RU1xOJMMWxaAxkW%2FO0zDx%2FetCbYAzHtIngtE9sp3%2BU4FLxJMABABI6J6DETx6ohV51NLkX9PXErtSopxxLvLjpkij8rp%2F%2F7VxCssdIZUazibUmZ%2FIKDCZ%2Bxc7LD4YK2w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: public, max-age=2592000
CF-RAY: 8495f694dcc222b1-CDG

GET
H/1.1 200
OK fk_otkritie.gif
one-ipoteka.ru/images/ 1 KB
2 KB 36ms
36ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://one-ipoteka.ru/images/fk_otkritie.gif
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: 91537206e5c02c50ce40107186211119ca6a6fc710abe8e87acafac52932ed82

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 117820
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Tue, 15 Jan 2019 07:49:48 GMT
Server: cloudflare
Etag: "4ab29e07aec3163df42b35ced6959246"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LR8%2BX6HRh0bivUBKVgJhkXrN9JXA3GN2yCgiVGXlKO3CU7fmsoybf5wPJtdjVO3vAw%2F%2FWQkRYk1cp4VV0s4RGrSrk9I2dWOFcJpvQKbYxRMPdOfel0jERVMcnzmeKemzV3%2FAQyLR7dOij1vdjA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: public, max-age=2592000
CF-RAY: 8495f694d8393d04-CDG

GET
H/1.1 200
OK ipoteka_calc.png
one-ipoteka.ru/images/ 83 KB
83 KB 37ms
37ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://one-ipoteka.ru/images/ipoteka_calc.png
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: 0af0a56fcb107e446f7dae53ca9741a0ef7a9c84215fea2faa399644433705cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4364
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Wed, 26 Dec 2018 10:30:17 GMT
Server: cloudflare
Etag: "6a926decdee9f5f6aed6933605ec7cbc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCTzElbDKocljqeSES3MM0JbBP6FNjVy7dhj5kXJYIlGwwOILwUz22e96zGERhUb2TAoKyiOlmOEX%2FJLXuZLd%2BtCXVEMNWSxfS4eKXKCYcBwuvIvDz8jX0eGBViSjbpI6l35FgxHTQu%2BHS%2B8cg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: public, max-age=2592000
CF-RAY: 8495f694d95af128-CDG

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 46ms
15ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: http://one-ipoteka.ru/
Origin: http://one-ipoteka.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5865445
x-cache: HIT, HIT
content-length: 30288
x-served-by: cache-lga13622-LGA, cache-ams21033-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1705907280.067948,VS0,VE0
etag: W/"28feccc0-1538f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 50, 1082730

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 75ms
35ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://one-ipoteka.ru/
Origin: http://one-ipoteka.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 294678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjE2JQZJNuP6nKMqpuO31dV78w%2Fd4jmhEzVHawAD5Lgsq%2BTNQtfGgWu54Al7e971VfJBal1zl6INT0KiysHg3BvaiewVHq2KgdLipJG4EEh%2BF7SOBfhFlLgUkgwKJmDGi%2FVjB3q7sbxsvdN%2F0K%2FSdgCM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8495f6947e129b76-FRA
expires: Sat, 11 Jan 2025 07:08:00 GMT

GET
H2 200 cleave.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cleave.js/1.5.3/ 20 KB
6 KB 53ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cleave.js/1.5.3/cleave.min.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb1fd7d9d0fce9f5b3f4ec90fd99d01fc050692e536b83ae349202535eebc921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6056554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5410
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-4eb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90023F8s6fe9c2UOFdhjlEL%2FRFnF7fDZcyHziSmsjT5lMyhrFYzuZ6lTu2H0fjobYBluSTTSNwZdxbJ0SOp%2BcirXISvEc9R04IKAUQlHx0d5WOJse%2B7J39bXY1V2exDhzw7GSEGrKrWBrhja2F31rd6V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8495f6946f8f90f2-FRA
expires: Sat, 11 Jan 2025 07:08:00 GMT

GET
H2 200 amcharts.js Show response
www.amcharts.com/lib/3/ 206 KB
64 KB 94ms
37ms Script
application/x-javascript 2606:4700:20::681a:6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amcharts.com/lib/3/amcharts.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0849803185d99afcc2d6a3f513688f85b19ad4f554fd09befdafc03326e0f0ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 321723
cf-polished: origSize=211633
cf-bgj: minify
last-modified: Fri, 14 Oct 2022 11:52:41 GMT
server: cloudflare
etag: W/"33ab1-63494d89-95fb5a386d19d8fa;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7gx%2BzvL6xW%2F00AIDf4cTUS8%2BBPTdUx0SrbnflrXp2s3GGXFmzOYkJh40LfLoQv1bC1UwBz87HyVackh6kJw2thZaxlIrprZK9X7CSm1ZfIArETiGjYNMtDuwfsZNytiqbaoSXsK7k2s932DJjU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 8495f6949eaf1961-FRA
expires: Thu, 25 Jan 2024 13:45:57 GMT

GET
H/1.1 200
OK comments.js Show response
one-ipoteka.ru/js/ 869 B
1 KB 36ms
36ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://one-ipoteka.ru/js/comments.js
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: 90d437f4d9c5d24d3044f7215f631d787896bede46be88cac9c9fe64de2215c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4364
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Fri, 11 Jan 2019 11:25:07 GMT
Server: cloudflare
Etag: W/"6793de629316f5e432dfc842bfb91771"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hlu83b%2FbvXbS8q5mUa6PA%2FDtBXsyMWt9wMFsjO2OF2qcJkcnC2Ezf3dVp1I8seZ5Lhnvq4F%2Bl%2FaRIcfmdfsWzGKQLh3askTpsrIN6JALj7RzGGrqlO8Q6yijk24VAKNfY1HZoCYgPvO7E5pEog%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
CF-RAY: 8495f694a8e0f128-CDG

GET
H2 200 pie.js Show response
www.amcharts.com/lib/3/ 14 KB
6 KB 87ms
30ms Script
application/x-javascript 2606:4700:20::681a:6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amcharts.com/lib/3/pie.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61824575cf594f3e24a5f0063552631bf31e6a7d2c723b06d7aa8455541717dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 321723
cf-polished: origSize=14780
cf-bgj: minify
last-modified: Fri, 14 Oct 2022 11:52:59 GMT
server: cloudflare
etag: W/"39bc-63494d9b-acebff7377f6c271;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtyEBHIzZFI8QdzdvJNWCopE3cnd7dRKdrF4y603Fn96mUz5Xk3J1Cc0ameBlrcCpGmL9ZWlfA5BS3gjWzxyYbk3O6tXkYG1mNoxz2Qo7rAodtP4suQcBnYINH0L%2FIml7mPD2euxAgvNPIssugM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 8495f6949eac1961-FRA
expires: Thu, 25 Jan 2024 13:45:57 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 85ms
40ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://one-ipoteka.ru/
Origin: http://one-ipoteka.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 865
cdn-cachedat: 12/21/2023 20:03:03
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 845083d88af554b6449cf3972d0e3cae
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8495f6948935380d-FRA
cdn-requestpullsuccess: True

GET
H2 200 ion.rangeSlider.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.2.0/js/ 40 KB
8 KB 27ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.2.0/js/ion.rangeSlider.min.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b2ece6a3be35cccac5de58b6c08f49928afb409d2dff0e7372892f9cbd2b167

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4585515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7871
last-modified: Mon, 04 May 2020 16:11:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea7-9fc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FY%2F1TneFcVgYJ4Zy2eGtky3XBwRpavXh7Rv77TIJIErwTAf4JorlQdmyD124ndc3i2Dlp4MYEsoAy2qHOOupYxz1UNC61CfiPC7AADoCunfoqrDrUMr%2FPXIDxL%2ByEJw52JnVft%2BY%2B04ldcGTcG5kjA6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8495f6949fad90f2-FRA
expires: Sat, 11 Jan 2025 07:08:00 GMT

GET
H2 200 serial.js Show response
www.amcharts.com/lib/3/ 49 KB
16 KB 32ms
31ms Script
application/x-javascript 2606:4700:20::681a:6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amcharts.com/lib/3/serial.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18a4f910d5b90e2f84ab5abc56f0bedc6109ead9f4b811f1c0fcbecab2503de4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 321723
cf-polished: origSize=49938
cf-bgj: minify
last-modified: Fri, 14 Oct 2022 11:53:03 GMT
server: cloudflare
etag: W/"c312-63494d9f-eff0e4c1f8df2d99;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocYvYJi5s7EK7A66045Tqz%2BVCbBgfnkIio0noRbF6H9Ii5crtVT5Z1h7DfXkq%2BQ2adbTr4i6hGfZao5uonpSXrSXXQL0WcSwqpo7AOmJZ7FgJ5GX5sdfJeWkamYSaLq1mT%2FSXHUA93%2FNeGB8Gag%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 8495f6949ebd1961-FRA
expires: Thu, 25 Jan 2024 13:45:57 GMT

GET
H/1.1 200
OK script.js Show response
one-ipoteka.ru/js/ 4 KB
2 KB 32ms
32ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://one-ipoteka.ru/js/script.js?v=1
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: f81c2d25200f173d62ffd0befd238afae3a664d6c57047ee2f23f5584dbca10d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 07:08:00 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4364
X-Powered-By: PHP/7.4.33, PleskLin
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Mon, 14 Jan 2019 10:42:43 GMT
Server: cloudflare
Etag: W/"f66f14bfac6e8583cd20f4173d6ad4dc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXeUtkwl39CdfwpV7EbRgnNfoBML73YjbIpLfx2QZJ4yzy%2BofbnqOF3poX4h3Zkd3lD%2B%2F%2B6FZJeG8AbEKCZptLV9cnFsoI9pcqI7%2BFvRDiepvwgLhpFu%2B%2FKWrEl7DI8W0EdElPZwCoPvf7uA1g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
CF-RAY: 8495f694c8cef0e3-CDG

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 71ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://one-ipoteka.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:07:40 GMT
x-content-type-options: nosniff
age: 414020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 12:07:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 65ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://one-ipoteka.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:13:53 GMT
x-content-type-options: nosniff
age: 449647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:13:53 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 403 KB
137 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1505097607752413&plah=one-ipoteka.ru&bust=31080558

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f1b8022b1cfeb36b9e5b0a4adda7212c157dd08caa3e23e27c9874aab4b7a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139807
x-xss-protection: 0
server: cafe
etag: 6848375068031048743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 07:08:00 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame EC61 9 KB
4 KB 66ms
19ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://one-ipoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 51226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 16:54:14 GMT
etag: 9219409622527106327
expires: Sun, 04 Feb 2024 16:54:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9C8 382 KB
73 KB 524ms
523ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1505097607752413&output=html&adk=1812271804&adf=3025194257&lmt=1680379816&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=http%3A%2F%2Fone-ipoteka.ru%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&dt=1705907280203&bpp=7&bdt=191&idt=166&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3636184784281&frm=20&pv=2&ga_vid=27086096.1705907280&ga_sid=1705907280&ga_hid=935319817&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080333%2C44809531%2C31080558%2C95320869%2C95320892%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=3424942105111508&tmod=1740259219&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=179

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1505097607752413&plah=one-ipoteka.ru&bust=31080558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

490e975a24185da71a4687b00c6ea46db574c526922d0d30b11b3f746f2f01de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://one-ipoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 74360
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 07:08:00 GMT
expires: Mon, 22 Jan 2024 07:08:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC50 135 KB
44 KB 461ms
461ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1505097607752413&output=html&h=280&adk=3987640334&adf=4283947098&pi=t.aa~a.1043414356~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1680379816&rafmt=1&to=qs&pwprc=1031809105&format=1110x280&url=http%3A%2F%2Fone-ipoteka.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705907280210&bpp=1&bdt=198&idt=177&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3636184784281&frm=20&pv=1&ga_vid=27086096.1705907280&ga_sid=1705907280&ga_hid=935319817&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080333%2C44809531%2C31080558%2C95320869%2C95320892%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=3424942105111508&tmod=1740259219&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=179

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41419a9deb29d62455fa201779c50981040b2d6b08bcc73ccc4d49ba9eb3bc0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://one-ipoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44326
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 07:08:00 GMT
expires: Mon, 22 Jan 2024 07:08:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame EC50 14 KB
1 KB 29ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1505097607752413&output=html&h=280&adk=3987640334&adf=4283947098&pi=t.aa~a.1043414356~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1680379816&rafmt=1&to=qs&pwprc=1031809105&format=1110x280&url=http%3A%2F%2Fone-ipoteka.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705907280210&bpp=1&bdt=198&idt=177&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3636184784281&frm=20&pv=1&ga_vid=27086096.1705907280&ga_sid=1705907280&ga_hid=935319817&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080333%2C44809531%2C31080558%2C95320869%2C95320892%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=3424942105111508&tmod=1740259219&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=179

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:13:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 07:08:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame EC50 2 KB
875 B 85ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame EC50 23 KB
9 KB 66ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 01:19:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame EC50 3 KB
1 KB 70ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 01:19:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame EC50 20 KB
9 KB 63ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC50 206 KB
66 KB 133ms
87ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 07:08:00 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame EC50 37 KB
16 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 17:10:43 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10829212845906400524/ Frame EC50 32 KB
32 KB 81ms
39ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10829212845906400524/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

696a6b5a7f1816bf379489df25298beaac2f331f1b034e7bb0207292a9f17bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Mon, 20 Jan 2025 20:48:42 GMT
date: Sun, 21 Jan 2024 20:48:42 GMT
x-content-type-options: nosniff
age: 37158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32625
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 16:16:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame EC50 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EC50 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 163 KB
55 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/reactive_library_fy2021.js?bust=31080558

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523205a3f9692b39f0d8772addbe3d09372fd5a6023738a67c076d26e71f49d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56689
x-xss-protection: 0
server: cafe
etag: 10320905112030649989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 07:08:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 425A 723 B
382 B 289ms
288ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1505097607752413&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1680379816&rafmt=1&to=qs&pwprc=1031809105&format=1200x280&url=http%3A%2F%2Fone-ipoteka.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705907280963&bpp=1&bdt=951&idt=-M&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=3&correlator=3636184784281&frm=20&pv=1&ga_vid=27086096.1705907280&ga_sid=1705907280&ga_hid=935319817&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080333%2C44809531%2C31080558%2C95320869%2C95320892%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=3424942105111508&tmod=1740259219&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

088dda1af83ad1e5f9a808c285de2039333230a44048c8c879eefab932b879c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://one-ipoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 07:08:01 GMT
expires: Mon, 22 Jan 2024 07:08:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC59 723 B
382 B 254ms
254ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1505097607752413&output=html&h=280&adk=3088186576&adf=154517092&pi=t.aa~a.3419508083~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1680379816&rafmt=1&to=qs&pwprc=1031809105&format=1200x280&url=http%3A%2F%2Fone-ipoteka.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1705907280963&bpp=1&bdt=951&idt=0&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1200x280&nras=4&correlator=3636184784281&frm=20&pv=1&ga_vid=27086096.1705907280&ga_sid=1705907280&ga_hid=935319817&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080333%2C44809531%2C31080558%2C95320869%2C95320892%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=3424942105111508&tmod=1740259219&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47788782755d315f0a95d56481654293cf93e0375ceddd21bc2ed82852d772cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://one-ipoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 07:08:01 GMT
expires: Mon, 22 Jan 2024 07:08:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EC50 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6319d0d6682d7c858f91b569625e4c06b94466326df7fd2df31e86c43537e7ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame EA17 9 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://one-ipoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 22949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 00:45:32 GMT
etag: 9219409622527106327
expires: Mon, 05 Feb 2024 00:45:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 1A95 9 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://one-ipoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 22949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 00:45:32 GMT
etag: 9219409622527106327
expires: Mon, 05 Feb 2024 00:45:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame ED9E 9 KB
4 KB 23ms
23ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://one-ipoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 22949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 00:45:32 GMT
etag: 9219409622527106327
expires: Mon, 05 Feb 2024 00:45:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame EA17 9 KB
4 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 22:51:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 17:14:49 GMT

GET
H2 200 67b2cf2770e31c0fa9735c0b8b540980.js Show response
www.gstatic.com/mysidia/ Frame EA17 11 KB
5 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 18:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 18:38:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EA17 14 KB
1 KB 32ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 06:21:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 07:08:01 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame EA17 2 KB
856 B 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame EA17 23 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 01:19:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame EA17 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 01:19:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame EA17 20 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA17 206 KB
65 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 07:08:01 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame EA17 37 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 17:10:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1A95 4 KB
632 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 06:55:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 07:08:01 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 1A95 2 KB
856 B 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 1A95 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 01:19:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 1A95 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 01:19:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 1A95 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A95 206 KB
65 KB 118ms
118ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 07:08:01 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 1A95 37 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 17:10:43 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 53D9 624 B
246 B 57ms
57ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfB-dsCENG7ud0CGKz2mOUBMAE&v=APEucNXTs93_Mu2ojYj5B1nVvY0VVAh19ITwR15zQQ3YR-cQR9Jrlknta9yo9yVt9jUrfymCyHbgR2j5c5XqopcgU0kpceHed1oFGxFP2d7jZ0qyi_aajavBoI0rfmIHkFls9J_2DVrcXqJkHATOxVIVM_DLiFx_8vxZlN0Qp41BUYYKNaAo6EI

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 07:08:01 GMT
expires: Mon, 22 Jan 2024 07:08:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 633B 89 KB
31 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 07:08:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 633B 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 01:19:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 633B 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:29:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 633B 206 KB
65 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 07:08:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 633B 42 B
63 B 50ms
50ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-APjxN7yXjrXwxbuCUgiuYE3fYGxTEWd1tEfzRDT7V1WhLP_mXR0MOaWWElYmxZ8T9-MzsXamaGMlo3PZ39nrG39ThwzLqWxFZUcCzBSvM6svG70Dg

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EC50 33 KB
33 KB 23ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 00:19:37 GMT
x-content-type-options: nosniff
age: 542904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 00:19:37 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B5AB 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:38:20 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EC50
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CrRLWUBSuZbfRHcSHtdEP0sONoAWH6rK2dbeDsPa6EmQQASDZ19FQYJGEgID8F6AB5rSBxAHIAQmpAp2Ka-hlSLI-qAMByAPLBKoExQFP0IjvH9-gc44rpHoat7YX0coE_qlLDcC7y7eztq5...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222512771087807825039%22,%22debug_reporting%22:true,%22destination%22:%22https://peoplecert.org%22,%22event_report_window%22...

0
0

91ms
51ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222512771087807825039%22,%22debug_reporting%22:true,%22destination%22:%22https://peoplecert.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22411064934%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224354302734757944625%22}&andc=true

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2512771087807825039","debug_reporting":true,"destination":"https://peoplecert.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["411064934"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"4354302734757944625"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 07:08:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 07:08:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2512771087807825039","debug_reporting":true,"destination":"https://peoplecert.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["411064934"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"4354302734757944625"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame 0959 51 KB
19 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 15:22:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B5AB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
28ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 07:08:01 GMT
expires: Mon, 22 Jan 2024 07:08:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 07:08:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 53D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOilHVlftxh6-qsAq7GOXPQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOilHVlftxh6-qsAq7GOXPQ&google_cver=1&C=1

43 B
767 B

38ms
38ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOilHVlftxh6-qsAq7GOXPQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfB-dsCENG7ud0CGKz2mOUBMAE&v=APEucNXTs93_Mu2ojYj5B1nVvY0VVAh19ITwR15zQQ3YR-cQR9Jrlknta9yo9yVt9jUrfymCyHbgR2j5c5XqopcgU0kpceHed1oFGxFP2d7jZ0qyi_aajavBoI0rfmIHkFls9J_2DVrcXqJkHATOxVIVM_DLiFx_8vxZlN0Qp41BUYYKNaAo6EI
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYcqkhZvAw70GwwHvO%2Ftmvy%2BqusmdEus5tLXw9KRMi59vARANoSPXXXRN0mQ2FL4khJxGfCPz1xfuJNUEuvttf04mr9LIyjPNYcnTm5iNNY6CpZgegvH14YYiSGsPFjLvhmTx1ZFKZ3aRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8495f69ca82b4d25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEcppzh2OzWsCr0rsQk41MBPna2jErcAx5jS2rXjY%2BlGBrDHJ9SoNfqjKIzfTur0oksh0fVtW8LSBGfEOvJwvEGozCLZDN3GbFRy2LYqKLquwES2vCut7xNzu9giQBGj7kNM0HESj3iDvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEOilHVlftxh6-qsAq7GOXPQ&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8495f69c4c90697f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 53D9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za4UUflm8Jy9iH2-noOyCwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFNpRBKkQLRseJ6xOib_M&google_cver=1

43 B
737 B

35ms
35ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFNpRBKkQLRseJ6xOib_M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfB-dsCENG7ud0CGKz2mOUBMAE&v=APEucNXTs93_Mu2ojYj5B1nVvY0VVAh19ITwR15zQQ3YR-cQR9Jrlknta9yo9yVt9jUrfymCyHbgR2j5c5XqopcgU0kpceHed1oFGxFP2d7jZ0qyi_aajavBoI0rfmIHkFls9J_2DVrcXqJkHATOxVIVM_DLiFx_8vxZlN0Qp41BUYYKNaAo6EI
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGm8sRTYQgmQWIg7VR0XqMAFa%2BINM%2FdpKhi5sqTA9nY23NQuxfNYWgFGRw1GjNwez4GUYRpWlvKTYuMBVPplMv%2B%2Ffbsz9a0ug48HtR%2F%2FzRPs4jaVR9kMJ0EUm4W1uMafPYDyXv5CqoMovw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8495f69ce87d4d25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFNpRBKkQLRseJ6xOib_M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 53D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMZhFTLInU5PMTX5bpTijSs&google_cver=1

43 B
1 KB

21ms
20ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMZhFTLInU5PMTX5bpTijSs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfB-dsCENG7ud0CGKz2mOUBMAE&v=APEucNXTs93_Mu2ojYj5B1nVvY0VVAh19ITwR15zQQ3YR-cQR9Jrlknta9yo9yVt9jUrfymCyHbgR2j5c5XqopcgU0kpceHed1oFGxFP2d7jZ0qyi_aajavBoI0rfmIHkFls9J_2DVrcXqJkHATOxVIVM_DLiFx_8vxZlN0Qp41BUYYKNaAo6EI

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
an-x-request-uuid: ed962b1b-6cf0-4cc0-8b83-5435fddb8ec9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.79.98.49; 5.79.98.49; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMZhFTLInU5PMTX5bpTijSs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 53D9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU2OTMxNTcxMjY4NDk4ODIzMg%3D%3D

170 B
243 B

30ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU2OTMxNTcxMjY4NDk4ODIzMg%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
an-x-request-uuid: 6bc11ab1-9097-4439-8c6d-1d68a3eff42c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU2OTMxNTcxMjY4NDk4ODIzMg%3D%3D
x-proxy-origin: 5.79.98.49; 5.79.98.49; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 633B 0
20 B 50ms
49ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7809241000845&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 633B 0
20 B 50ms
49ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7809241000845&version=m202309260101&ct=76&x=1&cor=12160529828993432000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 633B 123 KB
43 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCyI3MPpr9RnYK6lswEeklzhn89Ql6ufXkKkRXcfaM3z2k_qTfPidZ0iW_RtzRRoQqqvWoASbHgic3mgz28BwF1VPoOtudPSm_mvNSGc91HM9LfE-up1h1iWYAXN1AAxc87x3w1TvY1Fjv5CEcjeWFppklD45a398fe41b20guNG7Jk_Q&dbm_d=AKAmf-AvWrA25pnaJeoZcd02VGWXO0T3-JG57RE1s4-_ovETMwY1lVUz-BmaOCbVsuYY02tY9UK55XySlxBmq772SM-zi-rRxRBw8HPQAmGzbPnK-Qk53ujk4SCK5G7oseV3pcSIP9cQi4S1JEq0aqQqTkhYWPIVJXdnGpg0OvLoD8OckxeoDd_oQQc7kkr5FaJsgNJT4bP-X0cK8zbdpGz2dU9qK1ac6TRFn-L2y3Z_diwvEHFt43_Lze2oxc4dBR8LtdpD85UFiCGbn4qDZp02KYC65akBDD24kXlVFWRCpKOdC05heRzuRx4HXpyAUBdUw2nw0LhuJQkMfDhZOh8J--3QNxWv3T5XRY-Brlz1sTfQ-ntly0CY2Fobl6IJ9iopaf7bfOo3dlfRR9HDT23g6y-9oIaMrH1Q_zlDUmPc7aB5DXdFkqwwS8T8L89kWz0AVIHJSksBD9t9p5tVxaHiThCLoBuI1o0Lxm05UFpz517gH4nEJn3mcGcYXcvvYTCCDXcLVfgT4gbIubdkO0NeD7nuonWmuTqXg5W6UaPeqHdkAHDj6uE72dRvm4hgexCM0ayh3GxpeUklc1ZVTwc7cRjI6v0cdqw5HNX_tNOkhmj-004JlafGaJSOA-XO5ZPeJFfi3xfUTyZ_LyDYZ1PHgv6eYJAb1a3ZK4GDDSx3i5qNEKx4eHXtc_e-Lw7y2g7Ms2qTyxaZ8aPsMQiURRZGJWSqDHJXd8O_oGbhqIFYopgZOMmbLPkYn6MkKkZYwZ29KmYiZYClGVd5F7JARc96Jgv5PziHW3-4b5VMVSqk_8In35RuL7j_CujkJb_mWCcQQWjzY2spF3kw8sHjPkFT7heXMZjzb1SLhxaF5wPXI09YXcX0Sdd5fqd0JiKCgiJAcN008tQwjUzNDnRyaTcXoObFeoOXO25MEe0_pMzbftESJPDi-hAGarGpVTx0lImbFcx2jMQYL4fY-C-nnPzv-zOIamw6EYv283cm0K16Dk8Dlk_xY3s2eLZ-xqSpkt8bs6hsYJBOTSCVulZVCcfk7O0trpDB84HvnArNmgLJyKcdXUp2L91g-wImozFjR-e0jA1q6LUN6U9zpZVW7EP6yr7REi-SK8E9HeC481wiNAWT_hxB3uvUiAlaouLSwo2jB4lx2gPDwAhz488wBhmVPRIzD9i53abGTDZWH_GwhRhloUmvuQJjhHV4X9pC-sHBRGKItJA_fwBSv87aNfwqqGDzJw4iSyMt2la0QOYjhNhZuc8XeZFSu0URmzEgrN7iNicDbYvMyxA6-Dt02_2NVXJq_nRqfABGgm1DnaotSuqr6paR_cRxoAJNOjGLGAU9pJvOJHbvZGkRhxravLsvqk1hzTR-uKSM5jawo8rf7A3zl0MwrHAZCxVmGXoQ4u_lkKLc7fZENzDFJNc4fHGE3UpUcPnjhyhUjtolCYgbdcHA6o11J58D0OLTP-VJdFdmlAqPGF-sNYNGnZBEQmoMiiXX3csGBILCw0ScVLENWgdl-HfpmOcuJRqVbPBuqIg6OzFENYDDBz6CAmJ2m7aec_nkmKq9KqvTvOQKoLF-3o2DrQTU2jjhgR2R16tg6VGDP7jZFDWzz9giynUNsg6EFsr0sRFSVIxkmb2WDkQQFw962eDaQuxeW15gX3aVE-8d5y2dscEv1d4xvZuWx1V5GCHnUQlSdvlGDYcTBSYY5zxRABaA8sXJj4cKmwqQFS-SjeUrpTgDsMqBwlsLakD4vtmiSvHjCVKJzPsvFeht0LqFF_Yjw6BJqxYlStPsBzCEssgRQwPugDtYlf3_3dAxS4P3ZtJrXCnR5OzwcLAvy6XseR7r6KRogtPGblLi84tJQ8AW0n7XehNyHGG33gYqzxeD4xg47VbdYHJelcWOesYlbOCfVI8Vp3CzcrJpZBvgUm-2UQJLL4Qhhs0vB4CYhPjqNIIiH2zynAmXPXaG0bARQ1ibHCZIt11z6VPZXVY84nDhyLen_aoUWBQSE4YMGm3zLG7-HHO5sS6Wsk7Wz9lcNht4HehFVN6MqfCzErmAPqEcif8DPQQM3win9UxJAyvQVjZrWC-Bo4cC1nFl6IOK7q6sMS3thiNnEf8VZR8rvbc2c5z2AzzRI31ZvRUkDJpznUdD6UMmK_ctMGfzTlZpvsRC7tqqsuPDpHUBzNIz32gAmp6coWYa9BRP9uZRNK1Pu4QMHBxBH25mljw89FwXIuu0wue47jlOw_Ym5arPUDGvIriL1lbx41kRl-WgN2klbEG5vH1cyRllt8815NSz6Q8all_jQIN3X4jiVu9NJjpsYe4tHT2m1DIexRxCayTdg9pfG9PiAA8cnjKWpg8sk516EXIARnvOLwGwm8S7oWL6SDzhoX70KJl71hnmoPZ-SIxlvoCq3jHHZ4zpQrpXH9VdwJSQ8VHoiyM7HvaPC6id9sDlIZFZ16vwTXWhULomOTuMpujAOOu6PgAAij2_pdOAK8F8JlzhdSECBgR5fQpcJl9e60LTWbJTmhAYM6rmF-46wbYD6_xQARmND_Y9b14lrey6psHeunxUaQcf7AzP-9Xr4M3eRFvVKZVL6wFnPRAjMyybwBTyeBy2i-YeS9WgvN69siqWxgu-vLsXJ0vLR4PbN4_vJCP5Pp5abQx_SG3MsB5_hkKqi-kU4WAlVXVo9aTnFv41im59kwAOgKZ-HyXb8Sn0yyaJPUZmSf-J2E0pgKq-48gI-kv5fYH0s4cd9NqzMSZO2O_pkHCmUOYmWEo9ZAdP8deQjSVZvxoyFpTVCqov60YBuOxt-rVYBU-KXeBN7Fo7dm7LCTxABsOSiE_sEGlBpBMGuGO_lnZUoVkGyxyDzEe3J7UhhPlcYpfue5RPwyna-3H-3i05iWePhnXWhVVWLkVZKctEVUCkg-aTteD6rBJUkeE0E1DdYPlouE7lxn3nnNzD6Iz9Y1oKDSLSP5PD_1vsH1dkaxAYPHWWQQZUyy2JujYhl-WTVmYWHX-j6VnpoV1plp2xO8KabxC281pV-wBrgeexv9B5Zs5skJVqr6XjFOzkYBiL4RrhuNX5WHKSkV5xBbp4FRq41Djpj3erundGV9DaqY-Q5ag7-MNtyjaP1fCWrVylmyXWYMEa4U-bHRqsI4Qnv9BTVGsiTUiAGSY23TwLzy-QgysgoioTO92D45OSGujOkHwTVvDZnUtHs80xeZ1WxVacn-sfsuwD2RVf-OUVC_f8ozgZdUESAGBdOZXvdCxmoqQL7KF7hm_psuh5hC5FZBV-yPPNfDz96063RnHV6XabPQjevXQMgRCeOoOkx7JujzGT54_5xCLsRTqKiOuvPo128wZF6bmP05qo9qj5LaNGKENVxQHepBoi08NHlTmFzgbhL-zpYXCXKDY-mZ3EQDcAXnDaGZnNEEm7L9RL5Y_e3pBEBWsTVYCmNUgOVhUF9juhkAunkH6SnPThqq87RBTa-89vXGa2lWO1De5psGJLoYZTkWzx20q5xBFV6eZFksR9A0eak0gZrqFptaX7cATSzD_T7gdO55RZeLBEcRnerybP5uL8zryVIJYjlZQTjRrjJGs&cid=CAQSTwAvHhf_Gw28q1KLCLXdBKhIRxlQlVjlv8jHNXl9fktqeO3GMpiMTlUaSYxu5PCcTe-OuqxquSwdgLVGW2sAJqPII3oc3-gVTXMJtOGsvgIYAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fone-ipoteka.ru%2F&ds=l&xdt=1&iif=1&cor=12160529828993432000&adk=1877897942&idt=85&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0169a6bf9568bf2d63108ee303b20344e9f18fd4d6c2a6793ad2fd07f78a8095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43789
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 129ms
61ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 07:08:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame 008B 51 KB
19 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 15:22:42 GMT

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame 6471 51 KB
19 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 15:22:42 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1410407/70367103/ Frame 633B 60 KB
15 KB 164ms
34ms Script
application/javascript 108.128.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1410407/70367103/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011187554&ias_pubId=&ias_chanId=1&ias_placementId=19937596711&bidurl=http://one-ipoteka.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iXqlPuRlUy6yZ0TGMK84F6
Requested by: Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.8.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-8-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2423aa56cdc0badca4af7dcd0458ea056eee806923dcbaa185940eb12b04d584

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 633B 172 KB
61 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 633B 12 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCyI3MPpr9RnYK6lswEeklzhn89Ql6ufXkKkRXcfaM3z2k_qTfPidZ0iW_RtzRRoQqqvWoASbHgic3mgz28BwF1VPoOtudPSm_mvNSGc91HM9LfE-up1h1iWYAXN1AAxc87x3w1TvY1Fjv5CEcjeWFppklD45a398fe41b20guNG7Jk_Q&dbm_d=AKAmf-AvWrA25pnaJeoZcd02VGWXO0T3-JG57RE1s4-_ovETMwY1lVUz-BmaOCbVsuYY02tY9UK55XySlxBmq772SM-zi-rRxRBw8HPQAmGzbPnK-Qk53ujk4SCK5G7oseV3pcSIP9cQi4S1JEq0aqQqTkhYWPIVJXdnGpg0OvLoD8OckxeoDd_oQQc7kkr5FaJsgNJT4bP-X0cK8zbdpGz2dU9qK1ac6TRFn-L2y3Z_diwvEHFt43_Lze2oxc4dBR8LtdpD85UFiCGbn4qDZp02KYC65akBDD24kXlVFWRCpKOdC05heRzuRx4HXpyAUBdUw2nw0LhuJQkMfDhZOh8J--3QNxWv3T5XRY-Brlz1sTfQ-ntly0CY2Fobl6IJ9iopaf7bfOo3dlfRR9HDT23g6y-9oIaMrH1Q_zlDUmPc7aB5DXdFkqwwS8T8L89kWz0AVIHJSksBD9t9p5tVxaHiThCLoBuI1o0Lxm05UFpz517gH4nEJn3mcGcYXcvvYTCCDXcLVfgT4gbIubdkO0NeD7nuonWmuTqXg5W6UaPeqHdkAHDj6uE72dRvm4hgexCM0ayh3GxpeUklc1ZVTwc7cRjI6v0cdqw5HNX_tNOkhmj-004JlafGaJSOA-XO5ZPeJFfi3xfUTyZ_LyDYZ1PHgv6eYJAb1a3ZK4GDDSx3i5qNEKx4eHXtc_e-Lw7y2g7Ms2qTyxaZ8aPsMQiURRZGJWSqDHJXd8O_oGbhqIFYopgZOMmbLPkYn6MkKkZYwZ29KmYiZYClGVd5F7JARc96Jgv5PziHW3-4b5VMVSqk_8In35RuL7j_CujkJb_mWCcQQWjzY2spF3kw8sHjPkFT7heXMZjzb1SLhxaF5wPXI09YXcX0Sdd5fqd0JiKCgiJAcN008tQwjUzNDnRyaTcXoObFeoOXO25MEe0_pMzbftESJPDi-hAGarGpVTx0lImbFcx2jMQYL4fY-C-nnPzv-zOIamw6EYv283cm0K16Dk8Dlk_xY3s2eLZ-xqSpkt8bs6hsYJBOTSCVulZVCcfk7O0trpDB84HvnArNmgLJyKcdXUp2L91g-wImozFjR-e0jA1q6LUN6U9zpZVW7EP6yr7REi-SK8E9HeC481wiNAWT_hxB3uvUiAlaouLSwo2jB4lx2gPDwAhz488wBhmVPRIzD9i53abGTDZWH_GwhRhloUmvuQJjhHV4X9pC-sHBRGKItJA_fwBSv87aNfwqqGDzJw4iSyMt2la0QOYjhNhZuc8XeZFSu0URmzEgrN7iNicDbYvMyxA6-Dt02_2NVXJq_nRqfABGgm1DnaotSuqr6paR_cRxoAJNOjGLGAU9pJvOJHbvZGkRhxravLsvqk1hzTR-uKSM5jawo8rf7A3zl0MwrHAZCxVmGXoQ4u_lkKLc7fZENzDFJNc4fHGE3UpUcPnjhyhUjtolCYgbdcHA6o11J58D0OLTP-VJdFdmlAqPGF-sNYNGnZBEQmoMiiXX3csGBILCw0ScVLENWgdl-HfpmOcuJRqVbPBuqIg6OzFENYDDBz6CAmJ2m7aec_nkmKq9KqvTvOQKoLF-3o2DrQTU2jjhgR2R16tg6VGDP7jZFDWzz9giynUNsg6EFsr0sRFSVIxkmb2WDkQQFw962eDaQuxeW15gX3aVE-8d5y2dscEv1d4xvZuWx1V5GCHnUQlSdvlGDYcTBSYY5zxRABaA8sXJj4cKmwqQFS-SjeUrpTgDsMqBwlsLakD4vtmiSvHjCVKJzPsvFeht0LqFF_Yjw6BJqxYlStPsBzCEssgRQwPugDtYlf3_3dAxS4P3ZtJrXCnR5OzwcLAvy6XseR7r6KRogtPGblLi84tJQ8AW0n7XehNyHGG33gYqzxeD4xg47VbdYHJelcWOesYlbOCfVI8Vp3CzcrJpZBvgUm-2UQJLL4Qhhs0vB4CYhPjqNIIiH2zynAmXPXaG0bARQ1ibHCZIt11z6VPZXVY84nDhyLen_aoUWBQSE4YMGm3zLG7-HHO5sS6Wsk7Wz9lcNht4HehFVN6MqfCzErmAPqEcif8DPQQM3win9UxJAyvQVjZrWC-Bo4cC1nFl6IOK7q6sMS3thiNnEf8VZR8rvbc2c5z2AzzRI31ZvRUkDJpznUdD6UMmK_ctMGfzTlZpvsRC7tqqsuPDpHUBzNIz32gAmp6coWYa9BRP9uZRNK1Pu4QMHBxBH25mljw89FwXIuu0wue47jlOw_Ym5arPUDGvIriL1lbx41kRl-WgN2klbEG5vH1cyRllt8815NSz6Q8all_jQIN3X4jiVu9NJjpsYe4tHT2m1DIexRxCayTdg9pfG9PiAA8cnjKWpg8sk516EXIARnvOLwGwm8S7oWL6SDzhoX70KJl71hnmoPZ-SIxlvoCq3jHHZ4zpQrpXH9VdwJSQ8VHoiyM7HvaPC6id9sDlIZFZ16vwTXWhULomOTuMpujAOOu6PgAAij2_pdOAK8F8JlzhdSECBgR5fQpcJl9e60LTWbJTmhAYM6rmF-46wbYD6_xQARmND_Y9b14lrey6psHeunxUaQcf7AzP-9Xr4M3eRFvVKZVL6wFnPRAjMyybwBTyeBy2i-YeS9WgvN69siqWxgu-vLsXJ0vLR4PbN4_vJCP5Pp5abQx_SG3MsB5_hkKqi-kU4WAlVXVo9aTnFv41im59kwAOgKZ-HyXb8Sn0yyaJPUZmSf-J2E0pgKq-48gI-kv5fYH0s4cd9NqzMSZO2O_pkHCmUOYmWEo9ZAdP8deQjSVZvxoyFpTVCqov60YBuOxt-rVYBU-KXeBN7Fo7dm7LCTxABsOSiE_sEGlBpBMGuGO_lnZUoVkGyxyDzEe3J7UhhPlcYpfue5RPwyna-3H-3i05iWePhnXWhVVWLkVZKctEVUCkg-aTteD6rBJUkeE0E1DdYPlouE7lxn3nnNzD6Iz9Y1oKDSLSP5PD_1vsH1dkaxAYPHWWQQZUyy2JujYhl-WTVmYWHX-j6VnpoV1plp2xO8KabxC281pV-wBrgeexv9B5Zs5skJVqr6XjFOzkYBiL4RrhuNX5WHKSkV5xBbp4FRq41Djpj3erundGV9DaqY-Q5ag7-MNtyjaP1fCWrVylmyXWYMEa4U-bHRqsI4Qnv9BTVGsiTUiAGSY23TwLzy-QgysgoioTO92D45OSGujOkHwTVvDZnUtHs80xeZ1WxVacn-sfsuwD2RVf-OUVC_f8ozgZdUESAGBdOZXvdCxmoqQL7KF7hm_psuh5hC5FZBV-yPPNfDz96063RnHV6XabPQjevXQMgRCeOoOkx7JujzGT54_5xCLsRTqKiOuvPo128wZF6bmP05qo9qj5LaNGKENVxQHepBoi08NHlTmFzgbhL-zpYXCXKDY-mZ3EQDcAXnDaGZnNEEm7L9RL5Y_e3pBEBWsTVYCmNUgOVhUF9juhkAunkH6SnPThqq87RBTa-89vXGa2lWO1De5psGJLoYZTkWzx20q5xBFV6eZFksR9A0eak0gZrqFptaX7cATSzD_T7gdO55RZeLBEcRnerybP5uL8zryVIJYjlZQTjRrjJGs&cid=CAQSTwAvHhf_Gw28q1KLCLXdBKhIRxlQlVjlv8jHNXl9fktqeO3GMpiMTlUaSYxu5PCcTe-OuqxquSwdgLVGW2sAJqPII3oc3-gVTXMJtOGsvgIYAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fone-ipoteka.ru%2F&ds=l&xdt=1&iif=1&cor=12160529828993432000&adk=1877897942&idt=85&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:30:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 633B 31 KB
12 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:30:09 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 633B 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 395593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:14:48 GMT

GET
DATA 200
OK truncated
/ Frame 633B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445956b5274159b53258fab3b82af78d18ca6f2767a257e87995ad231f5fd063

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E7A2 38 KB
13 KB 19ms
19ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 395593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 17:14:48 GMT
expires: Thu, 16 Jan 2025 17:14:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame E7A2 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 17:06:55 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 26 KB
3 KB 69ms
28ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a82822395a2908b72d8d3c84fa9037ca5d246842a2b744c76b95203d07d9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 07:08:01 GMT
expires: Tue, 21 Jan 2025 07:08:01 GMT
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 633B 0
0 121ms
59ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshPWW8T2EYvAzh_iVvIs4rS4MkeYfjh90Ceb-SVYqxJuYc19bj4BZY9rh0j39lHEsE2sndYImZZ1Xi4GbxPsOZcSuVga3tpgNJLGItlB9OEfR8Wjkxl4YWoewJtvQGBxS1w9IHkuQuJVAzeQ9KjYq-Dcqkep8DnyiHZKOpCjOMy8hef9zhIVx2H9YEVPuCtEqR_IEpAof7ZVo2dW-nVqD06IDr1vXh77YTsjhOF0xJl31H8WMxAKlkYKS78GuOujtPOeZE1FpKJFek2j_wAjpCXOncAM048c55MtsnxV9SBrw_QRAjgY-rFdgKOCC5DDeNRxBmCx3250H3TqIHIrrKXaNhCO8AnVR0IfPInMlhPk37lWXcEI2gt_e8Eg6X4OW_feyV04fe8ryHaoZFgDPSKDQ4xXZT-3RcONpgKYGBmKjUh4oSVgx7bdFTmKEeZRx2PROO8a2bgEYQ3LxL5zth83I525XcslwAriK7roReiO_PPXiN6j8NsAik7WuupEVygXyd4YVGiSFrxtCrojAHGmDher-J09fbPsabHKzyWx06eT4smNW3irXT02JaKndmckSzTgzjyEEUebB2oK_IdyukniJfnuUp1PlPaObmBD8qcvz8SZxs61LZn0v6eQcovOeJmswcGWYnml8esfl23DFq-uOeIOVEi3YXpmeB6-3RJf8hD1yNmutWy6-HpJwt5xjNuuGKIhGnN154_mCxjzCwcxQlIPKasQ4eDVfe7G4E8foMqYvzbtiv_LPGWCeLCqhk5L29FpA_v-H0uG6GK_0ws6FvqtaVwZQAMHUGYUNPEiv_uCrgWhkzepOBIB3PNXEZvJUWSf9drbFPHzw5WTcD2YA5DfkKS7ZbrmD4t7OydiWqBnEaYog5roxNbL6EqzJxyNLpvZvKTbzoWAcRR7hJuFh0ZyUglSmypsIELhkwXjZ0SdgcRqpHLed6ip403BleDGNEyDaEi8ICGg6CBOiLfhUpiNcgq5bAhAZ3LvILi9V0-RWtu5VXQLjSWi7_MrcmE7FTB0Mqt7mmR2N0DFRVDGW2_NGyCH-9ZsUn_O1TzfIQaaski3rz490gJ-2etgXuO7gIxvSaDJgTHQFB037dbQENZfo4bNGl4zuZAWzp-e9PEs_voAhnQoK2zdAmF3Gj9QYHSPrFLxeJmoGmVMVe1L_M3kH6eAdhTSYt3QjQ8aupiHBa4I53wyGnKKR4wBmhIAtjkEeEKZ1U5bZcbuJ_gtb3jafYW7b33KeiYW7dCjBrSjCw-yRqlgyDFQTRynItP2ure4oF4WPFeber2-NX-SxHUVgRjNFAMxhweFPeuRo&sai=AMfl-YTrFRO7rAjCnOxppMBquWyrVMJbJg9Sndq96cX6olLbgDTafzcJDTiGkP3BJjgTUumM33zQBkaI7uIUZOd3RPimk9agssXGHdTV655piiPJ44CcjsyIBlWxo6HwKOZvQbi-fb1EfJotgmZlPFzcb0qTQ2t72lQzdT-aUcSEHpK4HyFlZlB_L0pGcGneshoZKapiafDfSjcet5f_62VaNKE8VQzULQDu2gZkyRSUZZs1pksaNUxQCPDtSohj0gWmcPW2K6MAuPWmrEQwxvw64a75MwXirIxCMy8vjyYb5JpfQVTWl_1E9KMa-TKZSf-iwJRE&sig=Cg0ArKJSzNi8gRGP2O6qEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=110&cbvp=1&cstd=106&cisv=r20240118.69218&arae=0&ftch=1&adurl=

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 07:08:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7A2 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B68DVURSuZeDAEsS-juwPiquvuA4AAAAAOAHgBAI&bg=!GBulG1TNAAa8BdJLnAU7ADQBe5WfOEB78ftMWlkg_SRNrtgrT_YsAXnUrZZ8o1aUV7NWf7s_ObN6z2omsrvLv2LJr1OKAgAAADxSAAAAAWgBBwoAWuvUdvH3hkpPu68WINz9ceVSFFOJBJaBmYYN10llUYuE0jaIFr7dw3kQeaEAsGclD7ULMZtbgGkP16KbaWVEC_5fjnw8-rUwvkACfsgEJQbq5vt9H1hv2luSHJkDBX7rh37Eo4wxwl32X_jA_Rkwf2lUlOIKziwQuHFsinL5LFquvA7MhdnUHH92TqjiUUrOlSYE4bSeDX4lAdX9e0K51JkdgkKONl2ebzDiPtoxxguz65AZAAEGas_510ZEK4sDcLCx2LQGgDskXdqgHMns6uKnQq3XKGJ2ZaXCux-j5dgFZTSxhlc5OQTpoh-7fkYc6D7C04tEyMclTMmI_DR7pggYt5dr1wR_nMgOlxI94XSKmx6UQWx4ksFyIxOkxtSVyPHPYEH365Cwfi5htM31FstD-HMRF3CeCEnxilb-46o6MX7w-qzG-rwJId43Un3d2bj8dmpyd9aAKwhwoIQbf934_8iA1SUcQbC1YD3kXcaRDD4n9NDCO8wzF1VQeP6KiYBOm65Sxa5LdwX-myYObU-N-3_h0L9vdcBIuKdFmsJ8PDPanSBvOOlC2eVxgOZCyr5yMqFhTREZbEEIGlC2V-rAZqfIlVYmUnwqAJoqWAz95Hl6NVd4e2wLtT4PP7-Qh9H4jYFCbSphdqUKBFRz7g27xudDywXR3McYQ57x59tFXlxhbQ7viqBMVkhm2-mcINK-BaqULmPdWF2E7URcvnP77fxQP877ThuPX91mSTEdEykBjFovyzp3qITkL5QFH-Q6iq-jGRWr-WKLs34Tqb1VriWoouWvAQ17vdSl0bdrnYDdficylUCvTLvB6hJeC5-En-eA-PNzVJaw1GAeSh7MrrxLLCGaYiUBIdt4zutp7FMMyxUMsBsY97yamuMpo3QNYebIetf5ox5O_8GTdJtqctA1rT03Kv84pqSqJYn0lwucA5DkA-nxH-91gA7n5pTSsVhFKRPUfULry25r50N_mOrEKTkgk6g1vllIfnzaTOkHHUDRSLXML8smTSSOosGrn-tx0hRSSXJspz0b6x07KIkGSuHJPjS_uYUl1LEuEkPkNoExXEaF14pUcdrJsv9CPlfq_rVLCfNj7naWpbnKVEcv2-5QNzChmNoO2BpC76SbgS4NeTec8zW0S30NBw7f

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.css
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 11 KB
3 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbf2c54549624afa2905fd29b89c322699478856406cdc1db7758f933420fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 05:07:29 GMT
date: Wed, 17 Jan 2024 05:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2673
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame FC12 120 KB
41 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 11:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 11:17:24 GMT

GET
H3 200 empty.svg
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 89 B
126 B 36ms
36ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/empty.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3aaf5d3c05ef25bdb66dcc560a009f0728d172a44294eb2ec7852fb13ffc2e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 05:07:29 GMT
date: Wed, 17 Jan 2024 05:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 audio-muted.svg
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 349 B
260 B 22ms
21ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/audio-muted.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4f0ee27a2bd689131c91420625c7f28583cc5c7c282da7bd29a7f4628c0e51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 05:00:43 GMT
date: Fri, 19 Jan 2024 05:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 230
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 audio-unmuted.svg
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 221 B
211 B 26ms
25ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/audio-unmuted.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9db5a8ce92e9d1e64b4dc648fcb2a7988850ed5205ef2f7cc1621680ccb8542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 05:07:29 GMT
date: Wed, 17 Jan 2024 05:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logo-opel.svg
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 2 KB
1 KB 27ms
26ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/logo-opel.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

797db39ccf1b13e7aef4cf4e5475be2026eb603bf7b663ad0beb974bd06ac3a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 05:07:29 GMT
date: Wed, 17 Jan 2024 05:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1000
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logo-opel-small.svg
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/logo-opel-small.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

797db39ccf1b13e7aef4cf4e5475be2026eb603bf7b663ad0beb974bd06ac3a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 05:07:29 GMT
date: Wed, 17 Jan 2024 05:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1000
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logo-vauxhall.svg
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 5 KB
2 KB 24ms
23ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/logo-vauxhall.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c3a4f4caf2d0f2fad2998de43431e10093a661bc188c61fa5171f4d9ceea1b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 14:52:55 GMT
date: Tue, 16 Jan 2024 14:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490506
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2058
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logo-vauxhall-small.svg
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 4 KB
2 KB 23ms
22ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/logo-vauxhall-small.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c1a3b609b216f99061d9b36dce5915c8ca8e196efbd1c5b366e232846514e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 18:24:19 GMT
date: Tue, 16 Jan 2024 18:24:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1594
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/ Frame FC12 69 KB
25 KB 28ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/gsap.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4584328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25150
last-modified: Tue, 04 Oct 2022 19:36:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "633c8b2b-623e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqwiDMKiR0Qtki4LZy9eMG0Px3M2IYMmz0RYfU50thh7OzprBayizsz57oW2scldPpi%2BsLs0qMTfE4Qk2MZEuP0BU1istQT%2FDN7kdEmSZEcrtrj5hHX0OSf8Y7ime0scvmxNKu2nyn0ttJnRWEMEuZtc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8495f69dfcc21c13-FRA
expires: Sat, 11 Jan 2025 07:08:01 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 17 KB
5 KB 20ms
20ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ec7f9a7d3f4460805ab5dfbe0f74ea4b9ac8f84de776d29b97bb52456716794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 15:05:24 GMT
date: Wed, 17 Jan 2024 15:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5539
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 main.19.8.473.js Show response
static.adsafeprotected.com/ Frame 633B 214 KB
66 KB 69ms
22ms Script
application/javascript 2600:9000:223f:5000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.473.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1410407/70367103/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011187554&ias_pubId=&ias_chanId=1&ias_placementId=19937596711&bidurl=http://one-ipoteka.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iXqlPuRlUy6yZ0TGMK84F6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:05:29 GMT
x-amz-version-id: TozINgEWWkvQmqDfTCTq3yrdeWW.56xS
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 828153
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 11 Jan 2024 21:47:36 GMT
server: AmazonS3
etag: W/"38edfb290172e1aef8532f19eb4cbbe4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ewadz7eKnCSkefBEE32pbJKKWyAjsF4RiH-nRiO9D4nsPpbhowZrxQ==

GET
H3 200 close.svg
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 401 B
261 B 20ms
20ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/close.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc978c9056bf82bcdc7f8a2a71c0b26f1537aad1b09b049ffd0d62552b28f56a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 15:17:41 GMT
date: Tue, 16 Jan 2024 15:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489020
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 231
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 633B 0
0 55ms
55ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshPWW8T2EYvAzh_iVvIs4rS4MkeYfjh90Ceb-SVYqxJuYc19bj4BZY9rh0j39lHEsE2sndYImZZ1Xi4GbxPsOZcSuVga3tpgNJLGItlB9OEfR8Wjkxl4YWoewJtvQGBxS1w9IHkuQuJVAzeQ9KjYq-Dcqkep8DnyiHZKOpCjOMy8hef9zhIVx2H9YEVPuCtEqR_IEpAof7ZVo2dW-nVqD06IDr1vXh77YTsjhOF0xJl31H8WMxAKlkYKS78GuOujtPOeZE1FpKJFek2j_wAjpCXOncAM048c55MtsnxV9SBrw_QRAjgY-rFdgKOCC5DDeNRxBmCx3250H3TqIHIrrKXaNhCO8AnVR0IfPInMlhPk37lWXcEI2gt_e8Eg6X4OW_feyV04fe8ryHaoZFgDPSKDQ4xXZT-3RcONpgKYGBmKjUh4oSVgx7bdFTmKEeZRx2PROO8a2bgEYQ3LxL5zth83I525XcslwAriK7roReiO_PPXiN6j8NsAik7WuupEVygXyd4YVGiSFrxtCrojAHGmDher-J09fbPsabHKzyWx06eT4smNW3irXT02JaKndmckSzTgzjyEEUebB2oK_IdyukniJfnuUp1PlPaObmBD8qcvz8SZxs61LZn0v6eQcovOeJmswcGWYnml8esfl23DFq-uOeIOVEi3YXpmeB6-3RJf8hD1yNmutWy6-HpJwt5xjNuuGKIhGnN154_mCxjzCwcxQlIPKasQ4eDVfe7G4E8foMqYvzbtiv_LPGWCeLCqhk5L29FpA_v-H0uG6GK_0ws6FvqtaVwZQAMHUGYUNPEiv_uCrgWhkzepOBIB3PNXEZvJUWSf9drbFPHzw5WTcD2YA5DfkKS7ZbrmD4t7OydiWqBnEaYog5roxNbL6EqzJxyNLpvZvKTbzoWAcRR7hJuFh0ZyUglSmypsIELhkwXjZ0SdgcRqpHLed6ip403BleDGNEyDaEi8ICGg6CBOiLfhUpiNcgq5bAhAZ3LvILi9V0-RWtu5VXQLjSWi7_MrcmE7FTB0Mqt7mmR2N0DFRVDGW2_NGyCH-9ZsUn_O1TzfIQaaski3rz490gJ-2etgXuO7gIxvSaDJgTHQFB037dbQENZfo4bNGl4zuZAWzp-e9PEs_voAhnQoK2zdAmF3Gj9QYHSPrFLxeJmoGmVMVe1L_M3kH6eAdhTSYt3QjQ8aupiHBa4I53wyGnKKR4wBmhIAtjkEeEKZ1U5bZcbuJ_gtb3jafYW7b33KeiYW7dCjBrSjCw-yRqlgyDFQTRynItP2ure4oF4WPFeber2-NX-SxHUVgRjNFAMxhweFPeuRo&sai=AMfl-YTrFRO7rAjCnOxppMBquWyrVMJbJg9Sndq96cX6olLbgDTafzcJDTiGkP3BJjgTUumM33zQBkaI7uIUZOd3RPimk9agssXGHdTV655piiPJ44CcjsyIBlWxo6HwKOZvQbi-fb1EfJotgmZlPFzcb0qTQ2t72lQzdT-aUcSEHpK4HyFlZlB_L0pGcGneshoZKapiafDfSjcet5f_62VaNKE8VQzULQDu2gZkyRSUZZs1pksaNUxQCPDtSohj0gWmcPW2K6MAuPWmrEQwxvw64a75MwXirIxCMy8vjyYb5JpfQVTWl_1E9KMa-TKZSf-iwJRE&sig=Cg0ArKJSzNi8gRGP2O6qEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=259&vt=11&dtpt=149&dett=3&cstd=106&cisv=r20240118.69218&arae=0&ftch=1&adurl=

Requested by

Host: one-ipoteka.ru
URL: http://one-ipoteka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 104ms
63ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8589c87642c24922416cde7ec50efda7e9cd3cf4134413aac8c0f1332074c4c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12196
x-xss-protection: 0

GET skeleton.js
fw.adsafeprotected.com/rfw/st/1410407/70367103/ Frame 633B 0
0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 65A1 91 KB
23 KB 21ms
20ms Script
application/javascript 2600:9000:223f:5000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10652331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 5JrRc35c34zdWOUN-Dtq3kY9Ds7XSLHqQbG2TONXQDbBC9xme3urmg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 633B 43 B
215 B 415ms
167ms Image
image/gif 2600:1f18:1aca:4280:291a:9eb3:2346:5191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1410407&asId=3790725f-9075-736f-e698-67b2d0da5e46&tv=%7Bc:20LTQ6,pingTime:-3,time:138,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:121%7D,%7Bpiv:0,vs:o,r:l,t:138%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:139,n:138,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:121,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~1,0~0%5D,as:%5B28~728.90%5D%7D%7D,%7Bsl:o,t:138,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u24B6u4+11%7C12%7C131%7C14%7C15%7C161%7C162%7C171%7C181*.1410407-70367103%7C1811%7C1812%7C1813,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:123%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:291a:9eb3:2346:5191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:02 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 633B 43 B
216 B 411ms
165ms Image
image/gif 2600:1f18:1aca:4280:291a:9eb3:2346:5191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1410407&asId=3790725f-9075-736f-e698-67b2d0da5e46&tv=%7Bc:20LTQ7,pingTime:-6,time:139,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:139,n:138,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:121,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~1,0~0%5D,as:%5B28~728.90%5D%7D%7D,%7Bsl:o,t:138,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u24B6u4+11%7C12%7C131%7C14%7C15%7C161%7C162%7C171%7C181*.1410407-70367103%7C1811%7C1812%7C1813,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:123%7D&tpiLookup=ao:one-ipoteka.ru%2Cgoogleads.g.doubleclick.net*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:291a:9eb3:2346:5191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:02 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FC12 8 KB
6 KB 57ms
57ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28724feb4d5de33dcc8c419e8e1ef03dab1ec86b9f5ea98b8b4e476b12c2c83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5887
x-xss-protection: 0

GET
H3 200 OpelNextW01-Regular.woff2
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 16 KB
16 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/OpelNextW01-Regular.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ebdaf8c14e061acf2086dcf8848748d44eb586ac17a330c0c5d7b135c56672e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 05:07:30 GMT
date: Wed, 17 Jan 2024 05:07:30 GMT
x-content-type-options: nosniff
age: 439231
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16396
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 OpelNextW01-Light.woff2
s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/ Frame FC12 16 KB
16 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/OpelNextW01-Light.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69aa44ad6883f039652f58e34508268cf970fc5320107e869b2c56514c68df59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 05:07:30 GMT
date: Wed, 17 Jan 2024 05:07:30 GMT
x-content-type-options: nosniff
age: 439231
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 07:10:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 41554636_20230906034737134_opel-astra-campaign-728x90-cropped.jpg
s0.2mdn.net/ads/richmedia/studio/41554636/ Frame FC12 10 KB
10 KB 34ms
34ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/41554636/41554636_20230906034737134_opel-astra-campaign-728x90-cropped.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab7037c40efd8784ff563f8b97581da0a0d2284817ca287e011cb40d12463ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:48:23 GMT
x-content-type-options: nosniff
age: 65978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10339
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 10:47:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 12:48:23 GMT

GET
H3 200 41554636_20230216030728042_opel-astra-USP1-728x90.jpg
s0.2mdn.net/ads/richmedia/studio/41554636/ Frame FC12 49 KB
49 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/41554636/41554636_20230216030728042_opel-astra-USP1-728x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad2b1e1700b53974659fc6b067dbd3a1cc33355d4fe6ab5d4567abdcf52bbaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:16:09 GMT
x-content-type-options: nosniff
age: 3112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50316
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 11:07:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Jan 2024 06:16:09 GMT

GET
H3 200 41554636_20230217031038406_opel-astra-USP2-728x90.jpg
s0.2mdn.net/ads/richmedia/studio/41554636/ Frame FC12 75 KB
75 KB 30ms
30ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/41554636/41554636_20230217031038406_opel-astra-USP2-728x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

046ff1a826bdf94481128e71b9a6b8de080c0691d70b57e0f60b242185f3baef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17666042320994171650/cddco_lgglobal_tavarious_prfleet_dco_mbov_sz728x90_sona_ff_idcfidhere/dco_728x90_storyboard_brand_model_prod_iab_generic/index.html?e=69&leftOffset=0&topOffset=0&c=LARBIPi5Ev&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:16:09 GMT
x-content-type-options: nosniff
age: 3112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77077
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 11:10:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Jan 2024 06:16:09 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 633B 43 B
215 B 398ms
166ms Image
image/gif 2600:1f18:1aca:4280:291a:9eb3:2346:5191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1410407&asId=3790725f-9075-736f-e698-67b2d0da5e46&tv=%7Bc:20LTQm,pingTime:-2,time:154,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:435,beZ:436,mfA:542,cmA:543,inA:544,inZ:547,prA:548,prZ:552,si:557,poA:558,poZ:570,cmZ:570,mfZ:570,loA:574,loZ:575,ltA:589,ltZ:589,mdA:436,mdZ:526%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:121%7D,%7Bpiv:0,vs:o,r:l,t:138%7D,%7Bpiv:88,vs:i,r:,t:143%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:12,o:142,n:138,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:121,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~1,0~0%5D,as:%5B28~728.90%5D%7D%7D,%7Bsl:o,t:138,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5~0%5D,as:%5B5~728.90%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:88,obst:0,th:0,reas:,bkn:%7Bpiv:%5B11~75%5D,as:%5B11~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u24B6u4+11%7C12%7C131%7C14%7C15%7C161%7C162%7C171%7C181*.1410407-70367103%7C1811%7C1812%7C1813,idMap:181*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:123,sinceFw:31,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:291a:9eb3:2346:5191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:02 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 07:08:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FC12 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 07:08:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D733 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://one-ipoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 50466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 17:06:55 GMT
expires: Mon, 20 Jan 2025 17:06:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 026A 829 B
998 B 31ms
30ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

678a4fc4d0a730743d6a893fe2dbd74571cb9ff82297ca9c99d7b0e26b1ee9fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YziHHPrDjyw-l-xK29A78g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://one-ipoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YziHHPrDjyw-l-xK29A78g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 07:08:01 GMT
expires: Mon, 22 Jan 2024 07:08:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A01 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 17:06:55 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame D733 39 KB
15 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 17:06:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 026A 0
0 50ms
50ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=3424942105111508&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D733 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lN0lxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:08:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 633B 43 B
215 B 128ms
128ms Image
image/gif 2600:1f18:1aca:4280:291a:9eb3:2346:5191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1410407&asId=3790725f-9075-736f-e698-67b2d0da5e46&tv=%7Bc:20LTUK,pingTime:-10,time:426,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1705907282018%7C%7Cfabd2b7926ed4f80d7d836444c6c0854%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7Cd6f38e5347630fdac58dad44289f4c14%7C%7C883ba955bbef8835d428d28be8863482%7C%7Ccddbe3547ea9ea66a5dcd3c17b0c4a5f%7C%7C3e04230f3bdab736c10281634f4229fb%7C%7C2ed5d8331a9f767ee75221f401792dab%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:291a:9eb3:2346:5191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:02 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EC50 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuke9N33qCegNM_SEz_H4wlj_37CCcs2wTslEd6wG2za3aCD04xxlSOTkNMu-LUQCjqapCcQcSbA750jasccwtMcoThq8aqjy_KY5yAVODfyqX4KU_6tmwD2XgczXidm2Z1cWjNwuYKDnpIgvORxzNVc0ko&sai=AMfl-YTW6M4rK8yQZkYB1VFRLd9T-byDRljcA8B8dzEWOgWmPd7NW157mLwDOe8A_kvwT2OyEZnDupmH5dCRQsnT_nhryzu6z8rb4OhJwQe5_2WzNfrehYQSwZLmufoEnc0Idq7vKqd8o3AQKGHTMaQIWQ&sig=Cg0ArKJSzB9E5MfqGWjLEAE&cid=CAQSTwAvHhf_qjRUOfufYbgVAvBunTwtSUQgwHuJBl70Ht051yI7BArt3lsKsPTHcn06uY8ANwKx75uzZJEo3NcRFzeJoveJleS7zgh4eBLxCSwYAQ&id=lidar2&mcvt=1000&p=0,0,280,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3987640334&rs=2&la=1&cr=0&vs=4&r=v&rst=1705907280389&rpt=820&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
52ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=3424942105111508&bg=!TU6lTgHNAAa8BdJLnAU7ADQBe5WfOKc7Zu6gIIvu-J6lHKoFXDmp2wjJmtMcq-WI4fUh-3czB-G5sMlFxjSBjSLIGIwRAgAAACxSAAAAA2gBB5kCwZWo9hc4s8fIyKdX3N6WpnVBSQrvK6MSh2Tp_mHaaXTaELukISqRkBpjhKe2pJkQw_F2CDviN4kPDEVT7giPP-CyGaIDTDw7NoyPGrIvuteX-Ce4bT8kwzY_dZFLepSQarBMvViGvdu7q3XNdPnEDro1MpEPKe0nx5KnScxQfKC9TY_qNaDMzI3zE9Ez37a5VxS_QtKOGNgqw20ExnEeYlhVj6sN-y0ycJ4q-ja_7EXo6Mhj5HYkyPddQJoQdEamH1LddCCF2fLMH-qJtMdKeX2KO9FX8LYxh1ITIK_ragmT4HlU4xfEpxOgv5xgL45Pz603U0n13AW1Ke6C0NxS2jlUqo0Xw4WldUPDsgMRTfOSgU3WqZ0V87aCKf4pN1IV2ra0YZbDM7s2ZW9UjYmqqQF5GM5nU-cA3GzeAPHCZyeNvaR7i8pl0PGpQ4ddal6WCLv9_b0F3_ZUUVkXorNKPUr5hxbIWzNiRSOgehN7kTbYgziObryqZZQ21KlvJvrqe6WEBUAH-S5rWvbZkGo5_No6GzDA-83QWOl0EGLAnokK5PsdFR263vwIA3T6vy8n7-JJ9IC0wxjHa2tqOrMpl2h8gtrDYlP8RKviiDHPdI3esfnV7PyNBIgzOyMT18l10j-LSwvOZBhhJ9fHNGGha6qkxhrZXnJmOFyshG5AC3KPmwysyNTFOLCctNhLvRQ5pXhfXHa6zLIERkjcCRBU3rBXC9bQpeGxihOTJzOrZISXsg_PFL99SY-6AK4CeCn_9LQ0zqJnGz50FfLcgBhOZXZGqBOlXGlprM_Q9XudTYnbcpIW5A5nGo30g-JlH00Oe4YJ1f49a0jjWDzE83Yel6-J2g53WTnbT2Aa0N24O7bR2YqJOPbEJo8dXLTx_NrK_QeYClXjIhpMnnnQM8IogIWmfCJu12YUvUeweQdMj6_73g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://one-ipoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 633B 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0AzMeXTxCUng23pvrjn-uwVUDn1hHV9LtwoBvtCumctZmB604muqhwwDyy0qhxDFOa9vExQ7vjusmZG34UMvy3Jn223L1XRlfTD8YRS0hhbi4eFwXbUCI8XvKgRSGKogE8Sm_39bDGV4uxXwbwgzz43l-&sai=AMfl-YR023zHyiZDDIrG3nnReBJamSpIF1h8Rk7sb78C81qEWoDI__BY6Cu7rNfD4NqSV2-xFZhIm078GFxpYCK2_r9zGq-ruOoFnzV0kGZvwUQ721ASyq2HW7TmxVQtZ2vrycwsNmAYzdfu327lPT_K0g&sig=Cg0ArKJSzEvTPKFXQNDeEAE&cid=CAQSTwAvHhf_Gw28q1KLCLXdBKhIRxlQlVjlv8jHNXl9fktqeO3GMpiMTlUaSYxu5PCcTe-OuqxquSwdgLVGW2sAJqPII3oc3-gVTXMJtOGsvgIYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=417,917,1000,1000,1000&tos=417,500,83,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1705907281157&rpt=303&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 633B 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7809241000845&version=m202309260101&ct=76&x=1&cor=12160529828993432000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 633B 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4280:291a:9eb3:2346:5191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1410407&asId=3790725f-9075-736f-e698-67b2d0da5e46&tv=%7Bc:20LU6j,pingTime:1,time:1143,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:121%7D,%7Bpiv:0,vs:o,r:l,t:138%7D,%7Bpiv:88,vs:i,r:,t:143%7D,%7Bpiv:100,t:543%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:142,n:138,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:121,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~1,0~0%5D,as:%5B28~728.90%5D%7D%7D,%7Bsl:o,t:138,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5~0%5D,as:%5B5~728.90%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B400~75,600~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:223,fm:u24B6u4+11%7C12%7C131%7C14%7C15%7C161%7C162%7C171%7C181*.1410407-70367103%7C1811%7C1812%7C1813,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:123%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:291a:9eb3:2346:5191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:02 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 633B 43 B
215 B 97ms
97ms Image
image/gif 2600:1f18:1aca:4280:291a:9eb3:2346:5191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1410407&asId=3790725f-9075-736f-e698-67b2d0da5e46&tv=%7Bc:20LUcL,pingTime:1,time:1543,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:121%7D,%7Bpiv:0,vs:o,r:l,t:138%7D,%7Bpiv:88,vs:i,r:,t:143%7D,%7Bpiv:100,t:543%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1401,o:142,n:138,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:121,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~1,0~0%5D,as:%5B28~728.90%5D%7D%7D,%7Bsl:o,t:138,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5~0%5D,as:%5B5~728.90%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B400~75,1000~100%5D,as:%5B1400~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:101,fm:u24B6u4+11%7C12%7C131%7C14%7C15%7C161%7C162%7C171%7C181*.1410407-70367103%7C1811%7C1812%7C1813,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:123%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:291a:9eb3:2346:5191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 07:08:03 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/st/1410407/70367103/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011187554&ias_pubId=&ias_chanId=1&ias_placementId=19937596711&bidurl=http://one-ipoteka.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iXqlPuRlUy6yZ0TGMK84F6&adsafe_url=http%3A%2F%2Fone-ipoteka.ru&adsafe_type=g&adsafe_url=http%3A%2F%2Fone-ipoteka.ru%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240118%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240118%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-1505097607752413%26fa%3D1%26ifi%3D7%26uci%3Da!7%26btvi%3D5&adsafe_type=be&adsafe_jsinfo=,id:3790725f-9075-736f-e698-67b2d0da5e46,c:20LTPQ,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-ztfdt,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:106,mot:0,app:0,maw:0,fm:u24B6u4+11%7C12%7C131%7C14%7C15%7C161%7C162%7C171%7C181*.1410407-70367103%7C1811%7C1812%7C1813,idMap:181*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:122,oid:fadde0a6-b8f4-11ee-a45b-822781a4e575,v:19.8.473,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.one-ipoteka.ru/	1970-01-21 03:13:23	Name: __gads Value: ID=ff0a0dabb6159c6b:T=1705907280:RT=1705907280:S=ALNI_MZBemoQfmpbThN-lxhAJ72vlfFBXw
.one-ipoteka.ru/	1970-01-21 03:13:23	Name: __gpi Value: UID=00000d4768f0d808:T=1705907280:RT=1705907280:S=ALNI_MY9mEx18cS0VHKKHLMKkr1dVhP_hA
.doubleclick.net/	1970-01-21 03:13:23	Name: IDE Value: AHWqTUnlHNgB66xdryaPnKnKjCrNymDOJaRn33xIt7UQq4hdxPIFB85OKt1Tju3AH4g
.adnxs.com/	1970-01-20 20:01:23	Name: uuid2 Value: 6569315712684988232
.adnxs.com/	1970-01-20 20:01:23	Name: XANDR_PANID Value: gVqxnmZxl5ZUlVTvc36rmE-azMgIUESMuqQWen-dw0L2wyj9rp7ztFoGZKr_jmlqldxuxynv6GLXcmmYCxQFFeCccMm-2nzduJ85aEAtDZ4.
.doubleclick.net/	1970-01-20 17:51:50	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 20:01:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVOnjPe$!]tbPl1M>e)ZlrFUfJ+tGXxo]@2.Z8S*ZiyFs4.rOTAAQ<:psE_/#@s77cb23If)y3KL9D3I?+b4Hb6X
.adnxs.com/	1970-01-21 03:27:47	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-20 20:01:23	Name: CMPS Value: 3235
.casalemedia.com/	1970-01-21 02:37:23	Name: CMID Value: Za4UUflm8Jy9iH2-noOyCwAA
.casalemedia.com/	1970-01-20 20:01:23	Name: CMPRO Value: 2236
.doubleclick.net/	1970-01-20 22:10:59	Name: APC Value: AfxxVi775zua4sOdaIuktXcsi2lv6jzPI0mOIpgh0G8eZ-_gpA-pKQ
.googleadservices.com/	1970-01-20 20:01:23	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
maxcdn.bootstrapcdn.com
one-ipoteka.ru
pagead2.googlesyndication.com
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.amcharts.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
fw.adsafeprotected.com
104.18.36.155
108.128.8.111
142.250.185.130
172.217.18.2
216.58.206.34
2600:1f18:1aca:4280:291a:9eb3:2346:5191
2600:9000:223f:5000:8:48e:53c0:93a1
2606:4700:20::681a:6ba
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a04:4e42:200::649
2a06:98c1:3121::3
37.252.171.53
0169a6bf9568bf2d63108ee303b20344e9f18fd4d6c2a6793ad2fd07f78a8095
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
046ff1a826bdf94481128e71b9a6b8de080c0691d70b57e0f60b242185f3baef
0849803185d99afcc2d6a3f513688f85b19ad4f554fd09befdafc03326e0f0ce
084b22a9d20a62cc350d6d01ccd0e33f9a60ed6810fd988d98c6445ed1dced48
088dda1af83ad1e5f9a808c285de2039333230a44048c8c879eefab932b879c6
0af0a56fcb107e446f7dae53ca9741a0ef7a9c84215fea2faa399644433705cb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbf2c54549624afa2905fd29b89c322699478856406cdc1db7758f933420fda
0ec7f9a7d3f4460805ab5dfbe0f74ea4b9ac8f84de776d29b97bb52456716794
0f172c675ebb6cb63ace7cdd0d508f15eae4ad277190fa0d8a42060ac2f4d8ba
15a82822395a2908b72d8d3c84fa9037ca5d246842a2b744c76b95203d07d9e2
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a4f910d5b90e2f84ab5abc56f0bedc6109ead9f4b811f1c0fcbecab2503de4
20248ead646be88526b349c756e3ed5b22451c0ae67f7d7cf15d6b3fd50ff23f
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2423aa56cdc0badca4af7dcd0458ea056eee806923dcbaa185940eb12b04d584
28724feb4d5de33dcc8c419e8e1ef03dab1ec86b9f5ea98b8b4e476b12c2c83c
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2ed068409672dfa14329d9e54a2a9d2bc1ac6bb11f84e58d930b3ea75763d3e2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3ad2b1e1700b53974659fc6b067dbd3a1cc33355d4fe6ab5d4567abdcf52bbaf
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
41419a9deb29d62455fa201779c50981040b2d6b08bcc73ccc4d49ba9eb3bc0d
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
445956b5274159b53258fab3b82af78d18ca6f2767a257e87995ad231f5fd063
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
47788782755d315f0a95d56481654293cf93e0375ceddd21bc2ed82852d772cc
490e975a24185da71a4687b00c6ea46db574c526922d0d30b11b3f746f2f01de
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ebdaf8c14e061acf2086dcf8848748d44eb586ac17a330c0c5d7b135c56672e
523205a3f9692b39f0d8772addbe3d09372fd5a6023738a67c076d26e71f49d7
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61824575cf594f3e24a5f0063552631bf31e6a7d2c723b06d7aa8455541717dd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6319d0d6682d7c858f91b569625e4c06b94466326df7fd2df31e86c43537e7ef
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
660c6c020805a0e40ce22587bada2ae2de2ccdf08a43f85cb52c4a1134ce2825
678a4fc4d0a730743d6a893fe2dbd74571cb9ff82297ca9c99d7b0e26b1ee9fa
696a6b5a7f1816bf379489df25298beaac2f331f1b034e7bb0207292a9f17bf3
69aa44ad6883f039652f58e34508268cf970fc5320107e869b2c56514c68df59
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
797db39ccf1b13e7aef4cf4e5475be2026eb603bf7b663ad0beb974bd06ac3a9
7b2ece6a3be35cccac5de58b6c08f49928afb409d2dff0e7372892f9cbd2b167
8589c87642c24922416cde7ec50efda7e9cd3cf4134413aac8c0f1332074c4c0
8c3a4f4caf2d0f2fad2998de43431e10093a661bc188c61fa5171f4d9ceea1b0
8f1b8022b1cfeb36b9e5b0a4adda7212c157dd08caa3e23e27c9874aab4b7a21
90d437f4d9c5d24d3044f7215f631d787896bede46be88cac9c9fe64de2215c5
91537206e5c02c50ce40107186211119ca6a6fc710abe8e87acafac52932ed82
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
91b135e37dfaf32624746cec10c75a569cf5dfca2e61b3188362d185ae764b1c
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0b9eef294cb41a3960402709cb26f9717cfe2f7bd1d9efe7a241d35872c7903
a2a4bf0c6041176f439bbab0fbd22bcbadfe8377b9d3db10c0a834bd9b35b7e6
a4c1a3b609b216f99061d9b36dce5915c8ca8e196efbd1c5b366e232846514e6
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a9db5a8ce92e9d1e64b4dc648fcb2a7988850ed5205ef2f7cc1621680ccb8542
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab7037c40efd8784ff563f8b97581da0a0d2284817ca287e011cb40d12463ff7
acbc6d5286e1a77e3916528a1798c6aa661ed74acf42aee8a1feae41b3386d11
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc978c9056bf82bcdc7f8a2a71c0b26f1537aad1b09b049ffd0d62552b28f56a
bf0d8a5f4135c57b15f211ee45e2299ae19e65a17caaf034e58108b4bf6a12fc
cb1fd7d9d0fce9f5b3f4ec90fd99d01fc050692e536b83ae349202535eebc921
cffcfb93817681351e19f7f0156118f4c8eb1b662f948d6e06a6882ce6ac3779
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de665a743e6e607120e267644205f56e96a887e455c6fd0fa5c05e53608027cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3aaf5d3c05ef25bdb66dcc560a009f0728d172a44294eb2ec7852fb13ffc2e7
f4f0ee27a2bd689131c91420625c7f28583cc5c7c282da7bd29a7f4628c0e51e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d
f81c2d25200f173d62ffd0befd238afae3a664d6c57047ee2f23f5584dbca10d

one-ipoteka.ru Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

134 Requests

85 %HTTPS

73 %IPv6

16 Domains

22 Subdomains

23 IPs

4 Countries

1958 kBTransfer

5083 kBSize

13 Cookies

0 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

one-ipoteka.ru Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

85 %
HTTPS

73 %
IPv6

16
Domains

22
Subdomains

23
IPs

4
Countries

1958 kB
Transfer

5083 kB
Size

13
Cookies

134 HTTP transactions
4 data transactions