urlscan.io logo urlscan.io
SecurityTrails logo

orakul.com Open in urlscan Pro
212.42.83.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://orakul.com/
Effective URL: https://orakul.com/
Submission Tags: tranco_l324
Submission: On November 18 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 9 countries across 21 domains to perform 181 HTTP transactions. The main IP is 212.42.83.55, located in Ukraine and belongs to UKRNET Kiev, Ukraine, UA. The main domain is orakul.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 7th 2021. Valid for: a year.
This is the only time orakul.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37 212.42.83.55 8856 (UKRNET Kiev)
12 213.174.135.1 39572 (ADVANCEDH...)
2 193.200.65.2 6681 (GIVEME-CLOUD)
10 142.250.186.98 15169 (GOOGLE)
1 77.109.110.134 9031 (EDPNET)
6 2a00:1450:400... 15169 (GOOGLE)
1 195.214.195.100 8856 (UKRNET Kiev)
9 2a03:90c0:41:... 199524 (GCORE)
5 2a00:1450:400... 15169 (GOOGLE)
13 195.191.235.71 208566 (ROZETKA-AS)
1 193.200.64.15 6681 (GIVEME-CLOUD)
2 185.187.81.41 43332 (IDSTRATEG...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 146.0.227.110 20773 (GODADDY)
1 185.187.81.40 43332 (IDSTRATEG...)
3 2a0c:5c81:514... 55081 (24SHELLS)
25 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 1 162.55.6.212 24940 (HETZNER-AS)
1 2 62.149.0.72 15497 (COLOCALL ...)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 37.18.16.22 205675 (HYBRID-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 ()
181 35
37    212.42.83.55 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: orakul.ua
orakul.com
12    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.gravitec.net
player.adtelligent.com
2    193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com
trafmag.com
10    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    77.109.110.134 (Brussels, Belgium)

ASN9031 (EDPNET, BE)
PTR: adriver2.134.static.edpnet.net
content.adriver.ru
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    195.214.195.100 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
counter.ukr.net
9    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
5    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
encrypted-tbn2.gstatic.com
13    195.191.235.71 (Warsaw, Poland)

ASN208566 (ROZETKA-AS, PL)
PTR: cs03.trafmag.com
cs03.trafmag.com
1    193.200.64.15 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: affiliates.rozetka.com.ua
afl.rozetka.com.ua
2    185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.znctrack.net
5    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
1    185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
loadercdn.net
3    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
25    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
id.gravitec.net
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
2    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
14    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.181.226 (None, )

ASN- ()
ade.googlesyndication.com
Domain Requested by
37 orakul.com 1 redirects orakul.com
25 tpc.googlesyndication.com orakul.com
b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
14 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
13 cs03.trafmag.com trafmag.com
orakul.com
10 securepubads.g.doubleclick.net orakul.com
securepubads.g.doubleclick.net
9 cdn.admixer.net orakul.com
cdn.admixer.net
7 cdn.gravitec.net orakul.com
cdn.gravitec.net
6 s0.2mdn.net orakul.com
s0.2mdn.net
6 www.googletagservices.com orakul.com
b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
5 b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 player.adtelligent.com orakul.com
player.adtelligent.com
4 googleads.g.doubleclick.net b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
orakul.com
4 www.google.com 1 redirects b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 encrypted-tbn2.gstatic.com b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
3 www.gstatic.com b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
s0.2mdn.net
3 ghb.adtelligent.com player.adtelligent.com
2 googleads4.g.doubleclick.net orakul.com
2 encrypted-tbn0.gstatic.com b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
2 encrypted-tbn3.gstatic.com b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
2 encrypted-tbn1.gstatic.com b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
2 sync.adtelligent.com 1 redirects player.adtelligent.com
2 s.znctrack.net orakul.com
2 www.google-analytics.com orakul.com
www.google-analytics.com
2 trafmag.com orakul.com
1 ade.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com s0.2mdn.net
1 dm.hybrid.ai orakul.com
1 t.trafmag.com orakul.com
1 csync.loopme.me 1 redirects
1 id.gravitec.net cdn.gravitec.net
1 loadercdn.net orakul.com
1 inv-nets.admixer.net cdn.admixer.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 afl.rozetka.com.ua trafmag.com
1 counter.ukr.net orakul.com
1 content.adriver.ru orakul.com
0 pubads.g.doubleclick.net Failed securepubads.g.doubleclick.net
181 39

This site contains links to these domains. Also see Links.

Domain
testoteka.ukr.net
trafmag.com
Subject Issuer Validity Valid
orakul.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-07 -
2022-05-08		 a year crt.sh
*.gravitec.net
AlphaSSL CA - SHA256 - G2		 2021-03-04 -
2022-04-05		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
*.ukr.net
Thawte RSA CA 2018		 2021-03-31 -
2022-05-01		 a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
afl.rozetka.com.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-10-25 -
2022-11-25		 a year crt.sh
s.znctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2021-08-27 -
2022-09-05		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
loadercdn.net
R3		 2021-09-09 -
2021-12-08		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-09 -
2022-01-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-01 -
2021-12-30		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 19 frames:

Primary Page: https://orakul.com/
Frame ID: 8F13EEF414D576CDA6A177D1FF143F45
Requests: 99 HTTP requests in this frame

Frame: data://truncated
Frame ID: FA9F413FFFEF8C278B3CB7E843D5EE58
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: B5D995A700BC07886E65C73695842141
Requests: 1 HTTP requests in this frame

Frame: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0CD50C1C64CCA1BF717D38B7CB1F3765
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/c.html
Frame ID: 39AF192361B1F15C2C2D863DF52E9BCB
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 4352D5A4FBB2F1B7D6EA40D43A702B07
Requests: 1 HTTP requests in this frame

Frame: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 911AE8108163BD3CB3F90E366D24B725
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html
Frame ID: 90957CDF6829901694CB5046CBCA2B09
Requests: 9 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: E312D8216FA2A88FF5671E6D35A6B33C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 882FB96219B4D7C77C5D08766D28BB33
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=88dbd0a9-e2a8-43e0-9c43-e26c58017cb9
Frame ID: 818C3373C131A295CA2D17310F9216AE
Requests: 1 HTTP requests in this frame

Frame: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6C8A0D6553149CFDC60FDDA9AB1E4006
Requests: 16 HTTP requests in this frame

Frame: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E7BCEE9E99AD693CC9CB3A79B31FEE18
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 38D454DD1ED145A107C3B6E32D472754
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 75E347B937B8BF7CCA0F5EFC139D5233
Requests: 2 HTTP requests in this frame

Frame: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0BEE2323ED9083ABBAD37AD5D6AFBBB7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CImz_L0CEMatq_ACGNO9k7gBMAE&v=APEucNUbkEAdj7XURXnsAFflaPckeEai7Ljav6-kBEulsEIYeYzXHMV2wubSBxbJqH8bVwkRlHRSJXjcE1cZ0ktXqcYn4jpHrw
Frame ID: E39B42CF37077115FA31BC648D942657
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7EC4EF031B66CF81E925380AF81BF886
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=ErF93Ar76V&t=1&renderingType=2
Frame ID: 2333E62C7D152FD7841CCAD93D1A49FC
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Гороскопы: ежедневный, совместимости, любовный и восточный гороскоп

Page URL History Show full URLs

  1. http://orakul.com/ HTTP 301
    https://orakul.com/ Page URL

Page Statistics

181
Requests

99 %
HTTPS

51 %
IPv6

21
Domains

39
Subdomains

35
IPs

9
Countries

3454 kB
Transfer

6008 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://orakul.com/ HTTP 301
    https://orakul.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 110
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=88dbd0a9-e2a8-43e0-9c43-e26c58017cb9
Request Chain 111
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=8c2bd222bf220f3a

181 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
orakul.com/
Redirect Chain
  • http://orakul.com/
  • https://orakul.com/
35 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
7cd652c6ae22dc0ddee0fe581bde233119425ef94700d65d9f2d82bfa71d0cc8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 18 Nov 2021 04:51:42 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://m.orakul.com
access-control-allow-credentials
true
content-encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 18 Nov 2021 04:51:41 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://orakul.com/
main.css
orakul.com/css/ 		20 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orakul.com/css/main.css?v=1637211000
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
ab03ec12547341deedbf49b120ac9545397de30defeadb0a57eb5cde29be7740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 04:50:00 GMT
server
nginx
etag
W/"6195db78-4e47"
strict-transport-security
max-age=31536000
content-type
text/css
client.js
cdn.gravitec.net/storage/b35772f03a19377840256c95bdfcb041/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/storage/b35772f03a19377840256c95bdfcb041/client.js
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
01b66c134b8b5a23bf3683b03b4c0dc1975d42d8f2b45d7aaf80862d77a7df8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 09:56:03 GMT
server
nginx
etag
W/"60893133-100fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 28 Apr 2021 10:11:02 GMT
cache-control
max-age=10
x-proxy-cache
REVALIDATED
logo.png
orakul.com/img/new/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/logo.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
8eaa1fdb4991f4d428be6a72fb6abcf77b4c07f1ce3acc5bc15ef5365b2d83a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Thu, 26 Nov 2015 09:10:45 GMT
server
nginx
etag
"5656cc95-b73"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
2931
aries_m.png
orakul.com/img/new/signs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/aries_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
af5cc9d722681514c8d5eee2374054f3521a8516083b6eae712fef6ff6acdf19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-c96"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
3222
taurus_m.png
orakul.com/img/new/signs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/taurus_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
4603e3334675f00704a8e9e0cc89d61cc2c4c21c44feab5c1e170abf80376a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-ce1"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
3297
gemini_m.png
orakul.com/img/new/signs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/gemini_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
ce320f08de8d3e52704806521512a4a9db74c1503581ec5023c6ad58f2ff3706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-fbe"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
4030
cancer_m.png
orakul.com/img/new/signs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/cancer_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
25d2019e12d6b08ec89f465f08a39572bfdced1f02c845045ebdc26bd99a58b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-fc7"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
4039
lion_m.png
orakul.com/img/new/signs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/lion_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
b8c92c9fbc61102677c490a3bc73d35ae108d335e7181c7d7dd796cda2757d40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-f68"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
3944
virgo_m.png
orakul.com/img/new/signs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/virgo_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
a9c7e1f3a5ec72454b79178c4c837517e7679d3f2edf7873a78f3593c7ca8e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-dd9"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
3545
libra_m.png
orakul.com/img/new/signs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/libra_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
a6e880045b430cd33f6d08c8f3f9ac1d5f5edb964cc4cf109da1c3e10bc69bd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-d84"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
3460
scorpio_m.png
orakul.com/img/new/signs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/scorpio_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
42066156d2aa4ee3a42224d122d2db777bff32f2d6b2c72d4086ddf5a7e40400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-fc7"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
4039
sagittarius_m.png
orakul.com/img/new/signs/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/sagittarius_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
07fb66de9f1cc4079a12ec3fedcd127cc4a51a4f89012e98f9bde17153ab8076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-11ab"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
4523
capricorn_m.png
orakul.com/img/new/signs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/capricorn_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
a51c8efa67eb4cabbd219730d59b3312b5d8c8e27d47291d11c3a76ec2061f9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-c4b"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
3147
aquarius_m.png
orakul.com/img/new/signs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/aquarius_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
1f7ab645513317e31a719f3e0c9619f9b22595804543352f590d15a58a4c6ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-f05"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
3845
pisces_m.png
orakul.com/img/new/signs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/pisces_m.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
215b493385ae56358d58d1456fba4835e897490f61cd4b0838c76893199dd33e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-d84"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
3460
bannercode-2ab95d1d.js
trafmag.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trafmag.com/bannercode-2ab95d1d.js
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
trafmag.com
Software
nginx /
Resource Hash
e38d2d95ff33f47762abd8eddb99d1a1caad2c384130bf3b0d6da498f336e38e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
p3p
CP="NON DSP COR CURa TIA"
access-control-allow-origin
*
cache-control
no-cache
content-type
text/javascript; charset=utf-8;
content-length
3375
jquery.min.js
orakul.com/assets/96b52f14/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orakul.com/assets/96b52f14/jquery.min.js?v=1445590396
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Fri, 23 Oct 2015 08:53:16 GMT
server
nginx
etag
W/"5629f57c-176f8"
strict-transport-security
max-age=31536000
content-type
application/javascript
ru-RU.js
orakul.com/js/langs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orakul.com/js/langs/ru-RU.js?v=1447410442
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
e2436b01ba79eed5bec1f1c4f40cdae758cb89214aadf09f47ef4e2b7a778164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2015 10:27:22 GMT
server
nginx
etag
W/"5645bb0a-8ef"
strict-transport-security
max-age=31536000
content-type
application/javascript
carousel.js
orakul.com/js/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orakul.com/js/carousel.js?v=1444374134
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
099dbd77103a217b6c331679b1b6c70cd99e306b63dad0aeef2bd7101faf250b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Fri, 09 Oct 2015 07:02:14 GMT
server
nginx
etag
W/"56176676-a9f5"
strict-transport-security
max-age=31536000
content-type
application/javascript
main.js
orakul.com/js/ 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orakul.com/js/main.js?v=1614070442
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
acde1e1e0a830d1136c7b58c4fe953cf6d179e7d8e496fc516d8ab4a96ff4bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 08:54:02 GMT
server
nginx
etag
W/"6034c2aa-10922"
strict-transport-security
max-age=31536000
content-type
application/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
37e1c110c3ba863ef1c4280bcd6601a388ead4e9d1a6bbcc8622ad54f055cbf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1047 / 240 of 1000 / last-modified: 1637190439"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26823
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Nov 2021 04:51:42 GMT
truncated
/ Frame FA9F 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
main-styles.css
orakul.com/css/ 		96 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orakul.com/css/main-styles.css
Requested by
Host: orakul.com
URL: https://orakul.com/css/main.css?v=1637211000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
5ced651c3af635a16cb6fe8cffda0eceac54e10aeff9bc2d856c3bcfb6f548d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main.css?v=1637211000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 08:52:30 GMT
server
nginx
etag
W/"6041f14e-17e2a"
strict-transport-security
max-age=31536000
content-type
text/css
wrapper_hb_299755_4460.js
player.adtelligent.com/prebid/ 		736 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebid/wrapper_hb_299755_4460.js?cb=18949
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5de1f9437e0bc204f3b5536a6fa8433dea88a10b436823b6236685b49f8a7d48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 16:00:04 GMT
server
nginx/1.18.0
etag
W/"61952704-2e0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 18 Nov 2021 05:51:42 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
bg1-new.jpg
orakul.com/img/new/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/bg1-new.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
0d83e8c41f1b986435a6f2d4d279f5f26eb9a2a2e6483f6851c50dc2d0e7a65b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Thu, 26 Nov 2015 09:10:45 GMT
server
nginx
etag
"5656cc95-6493"
strict-transport-security
max-age=31536000
content-type
image/jpeg
accept-ranges
bytes
content-length
25747
bg-bot.jpg
orakul.com/img/new/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/bg-bot.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
319590c4c661a1defe64c3597a8406680ff10665bb5335e0f22c1cf7cbd70b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 10:56:20 GMT
server
nginx
etag
"5624cc54-b278"
strict-transport-security
max-age=31536000
content-type
image/jpeg
accept-ranges
bytes
content-length
45688
bg.png
orakul.com/img/new/ 		210 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/bg.png
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
9d0ef5c804d4308b77375258c3a700c57c31e939dc48772a620387fb98087a86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Thu, 26 Nov 2015 09:10:45 GMT
server
nginx
etag
"5656cc95-d2"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
210
bg-foot-x.png
orakul.com/img/new/ 		104 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/bg-foot-x.png
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
20dd496f956dbc57726701802053f77c8b0f281a6945ca311b7804b695a62da6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-68"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
104
bg-small-new.jpg
orakul.com/img/new/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/bg-small-new.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
e6cb29c9dc420039a9e9952f6a9608ddbede04f22bb75822fd85309d364c7659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Thu, 26 Nov 2015 09:10:45 GMT
server
nginx
etag
"5656cc95-1f3a"
strict-transport-security
max-age=31536000
content-type
image/jpeg
accept-ranges
bytes
content-length
7994
horo-types-act.png
orakul.com/img/new/ 		115 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/horo-types-act.png
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
9dc58c034ba5d1274f26643eb802aead9978712c1d315e6720e0968b204f7a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Thu, 26 Nov 2015 09:10:45 GMT
server
nginx
etag
"5656cc95-73"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
115
horo-types2.png
orakul.com/img/new/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/horo-types2.png
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
8885a26d7460df5f5e40e4071ea6571771f86530e82cc881646e19eed8856f4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Fri, 16 Oct 2015 11:40:28 GMT
server
nginx
etag
"5620e22c-112c3"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
70339
sign-back-85.jpg
orakul.com/img/new/signs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/signs/sign-back-85.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
a5ff5982aa6d566ab5d87e674d990339da20d71b24398c872bdd2718f646be4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 12:40:36 GMT
server
nginx
etag
"5624e4c4-b7d"
strict-transport-security
max-age=31536000
content-type
image/jpeg
accept-ranges
bytes
content-length
2941
OpenSans-Bold.woff2
orakul.com/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://orakul.com/font/OpenSans-Bold.woff2
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
7f855f6e437fb9ab5b2c65d457c912d33ddaadbc12f00c31d51f5f0992b2dfd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://orakul.com/css/main-styles.css
Origin
https://orakul.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 08:17:02 GMT
server
nginx
etag
"5624a6fe-556c"
strict-transport-security
max-age=31536000
content-type
application/octet-stream
accept-ranges
bytes
content-length
21868
OpenSans-Regular.woff2
orakul.com/font/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://orakul.com/font/OpenSans-Regular.woff2
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
0a58791af95cd6a2937b3bf6c809ba54c8ed57f1aad54fbdf419687a429a3490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://orakul.com/css/main-styles.css
Origin
https://orakul.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 08:17:02 GMT
server
nginx
etag
"5624a6fe-52ac"
strict-transport-security
max-age=31536000
content-type
application/octet-stream
accept-ranges
bytes
content-length
21164
taro-bg.jpg
orakul.com/img/new/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/taro-bg.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
3879e6688c69c2bcf5abd1db4272bfb33d5e1dfd69559b1e75455e68a7a6fe5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 03 Aug 2015 15:27:50 GMT
server
nginx
etag
"55bf8876-5f66"
strict-transport-security
max-age=31536000
content-type
image/jpeg
accept-ranges
bytes
content-length
24422
arrow.png
orakul.com/img/new/ 		194 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/arrow.png
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
be4290f00ebd88a47fc81bfcffe33456532e133bb04699de7f7b91637047aeda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 19 Oct 2015 10:56:20 GMT
server
nginx
etag
"5624cc54-c2"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
194
sonnik-bg.jpg
orakul.com/img/new/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/sonnik-bg.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
ade1328c2706f71fd8794b20e3340777e2fe49ac1875eb152fab375ea2eea68e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 03 Aug 2015 15:27:54 GMT
server
nginx
etag
"55bf887a-352c"
strict-transport-security
max-age=31536000
content-type
image/jpeg
accept-ranges
bytes
content-length
13612
maya-bg.jpg
orakul.com/img/new/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/maya-bg.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
7341ec7a3f4bfb6ca0ce05fca448cbea4a628e4fc4c02bf71bcab49254de574b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 03 Aug 2015 15:27:50 GMT
server
nginx
etag
"55bf8876-69de"
strict-transport-security
max-age=31536000
content-type
image/jpeg
accept-ranges
bytes
content-length
27102
bg-footer.jpg
orakul.com/img/new/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/bg-footer.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
e08c4b5171fde4ef14a17c9d124f9d48d9ccf0a47c14dc42e110f4781d387ff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 03 Aug 2015 15:27:50 GMT
server
nginx
etag
"55bf8876-bb2d"
strict-transport-security
max-age=31536000
content-type
image/jpeg
accept-ranges
bytes
content-length
47917
inf-bg.png
orakul.com/img/new/ 		377 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orakul.com/img/new/inf-bg.png
Requested by
Host: orakul.com
URL: https://orakul.com/css/main-styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.55 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
orakul.ua
Software
nginx /
Resource Hash
c4889dcd267c53d32e9a9d1d0c96992ad7abde128ee9ef4ad7805c72084ed97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/css/main-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 03 Aug 2015 15:28:02 GMT
server
nginx
etag
"55bf8882-179"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
377
autoUpdate.adriver.js
content.adriver.ru/plugins/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by
Host: orakul.com
URL: https://orakul.com/js/main.js?v=1614070442
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.109.110.134 Brussels, Belgium, ASN9031 (EDPNET, BE),
Reverse DNS
adriver2.134.static.edpnet.net
Software
nginx /
Resource Hash
e28bcfefad2c0f3f491619132330d80cd2d4b2e138d947cc93c673a326e70b1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Thu, 07 Oct 2021 10:58:26 GMT
server
nginx
etag
"615ed2d2-1337"
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
4919
expires
Thu, 18 Nov 2021 05:51:42 GMT
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: orakul.com
URL: https://orakul.com/js/main.js?v=1614070442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98885298c5a6463540ef901010d537e1110e979ac19b61a9960a326e69aa477d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1047 / 356 of 1000 / last-modified: 1637190384"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26822
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Nov 2021 04:51:42 GMT
cnt.php
counter.ukr.net/horo/ 		1 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.ukr.net/horo/cnt.php?rand=0.0871208672413799&r=&p=https%3A//orakul.com/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.100 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 04:51:42 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Thu, 18 Nov 2021 04:51:41 GMT
loader2.js
cdn.admixer.net/scripts3/ 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e31a7d34dbada1656df0c7464213d1e0f7c7f9fe3ec7f03099d866067cbc914a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 10:00:11 GMT
server
nginx
etag
W/"6194d2ab-2714d"
x-cached-since
2021-11-18T04:44:27+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Wed, 17 Nov 2021 10:11:15 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: orakul.com
URL: https://orakul.com/js/main.js?v=1614070442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6635
date
Thu, 18 Nov 2021 03:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 18 Nov 2021 05:01:07 GMT
style.css
cs03.trafmag.com/banners/rozetka300x250v4/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cs03.trafmag.com/banners/rozetka300x250v4/style.css?rnd=777
Requested by
Host: trafmag.com
URL: https://trafmag.com/bannercode-2ab95d1d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
b7c6c7a28fdf33b4d68bf7b74e73e30769b05a86f55c0c697b7c8dde3eec83f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Tue, 23 Feb 2021 12:36:02 GMT
server
nginx
etag
"6034f6b2-f15"
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
3861
expires
Thu, 25 Nov 2021 04:51:42 GMT
main.js
cs03.trafmag.com/banners/rozetka300x250v4/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs03.trafmag.com/banners/rozetka300x250v4/main.js?rnd=778
Requested by
Host: trafmag.com
URL: https://trafmag.com/bannercode-2ab95d1d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
f50035da88d5cf95c516b93a8e0f371e37e177c75f36416d700bf9c86ebd2b2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Tue, 23 Feb 2021 12:36:02 GMT
server
nginx
etag
"6034f6b2-1e98"
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
7832
expires
Thu, 25 Nov 2021 04:51:42 GMT
afclid
afl.rozetka.com.ua/ 		0
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://afl.rozetka.com.ua/afclid?rnd=0.5122291825436813
Requested by
Host: trafmag.com
URL: https://trafmag.com/bannercode-2ab95d1d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.15 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
affiliates.rozetka.com.ua
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' rozet.cc; script-src 'self' 'unsafe-inline' 'unsafe-eval' rozet.cc;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 04:51:42 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
P3P
CP="NON DSP COR CURa TIA"
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' rozet.cc; script-src 'self' 'unsafe-inline' 'unsafe-eval' rozet.cc;
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
0
logo.png
cs03.trafmag.com/banners/rozetka300x250v4/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/banners/rozetka300x250v4/logo.png?rnd=1
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
1aec2bdc267370ccba729825eb4699cba852cb311f4469dfaa209683c7e48e39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 22 Jun 2020 07:49:02 GMT
server
nginx
etag
"5ef0626e-13fd"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
5117
expires
Thu, 25 Nov 2021 04:51:42 GMT
b7310f1c859598547d50e80cb8fe2396.jpg
cs03.trafmag.com/images/posters/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/b7310f1c859598547d50e80cb8fe2396.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
8b405159a0695e43ac7f4d208ce78342ff14a4a8ac5b9342ec7a8f7410ca8120

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 30 Mar 2020 12:41:32 GMT
server
nginx
etag
"5e81e8fc-a486"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
42118
expires
Thu, 25 Nov 2021 04:51:42 GMT
c845c1417b1f16e1f1ac6e44b8e3cb6a.jpg
cs03.trafmag.com/images/posters/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/c845c1417b1f16e1f1ac6e44b8e3cb6a.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
d867cce01e0ce0cf2f9d9e0e3acec7ff2d3b1cc7027c8099a25a1c73e9e852d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Wed, 20 May 2020 07:53:32 GMT
server
nginx
etag
"5ec4e1fc-34c9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
13513
expires
Thu, 25 Nov 2021 04:51:42 GMT
40f62b0a133407969d77e46d0e5d7a07.jpg
cs03.trafmag.com/images/posters/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/40f62b0a133407969d77e46d0e5d7a07.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
ac38948118ce51a3ddbd555d2340617e7507c4d7e3c58586afba1b153aafd636

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Thu, 05 Nov 2020 14:42:32 GMT
server
nginx
etag
"5fa40f58-36fa"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
14074
expires
Thu, 25 Nov 2021 04:51:42 GMT
078485a7314a75a7a1ba41adb859793b.jpg
cs03.trafmag.com/images/posters/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/078485a7314a75a7a1ba41adb859793b.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
3c3536e8c227ce1db9c1a27923160492437026e060ec7d015f3a332af77bfb7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 18 Jan 2021 13:06:02 GMT
server
nginx
etag
"600587ba-1d87"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
7559
expires
Thu, 25 Nov 2021 04:51:42 GMT
2b1b3b3571133eed1498906e258ea607.jpg
cs03.trafmag.com/images/posters/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/2b1b3b3571133eed1498906e258ea607.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
49f83def4b5c96e8c0809d901276d70b449498798c2c4584c6de262785dd142c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 18 Jan 2021 13:06:02 GMT
server
nginx
etag
"600587ba-232d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
9005
expires
Thu, 25 Nov 2021 04:51:42 GMT
73e21a61e384da3235c7b002bfb75775.jpg
cs03.trafmag.com/images/posters/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/73e21a61e384da3235c7b002bfb75775.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
8f12a1a58c4d6078ba40590dbe963171f578851a02f1e9b507c518b27df8334d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 18 Jan 2021 13:06:02 GMT
server
nginx
etag
"600587ba-292e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
10542
expires
Thu, 25 Nov 2021 04:51:42 GMT
c0fd1d416799ad565d01a0fd6f67a78d.jpg
cs03.trafmag.com/images/posters/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/c0fd1d416799ad565d01a0fd6f67a78d.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
a03fec41cc29b8aea906d4e7c390b3d7d39f371243b0b7517cd1cdf24b0bc2f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Mon, 18 Jan 2021 13:06:02 GMT
server
nginx
etag
"600587ba-243b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
9275
expires
Thu, 25 Nov 2021 04:51:42 GMT
d36b95d53c3fc2352e6f9916ef8e10e7.jpg
cs03.trafmag.com/images/posters/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/images/posters/d36b95d53c3fc2352e6f9916ef8e10e7.jpg
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
7690bd90b726586b15c03511274b4d29ace4b99befd54d114a2247d40d35e932

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Wed, 30 Sep 2020 11:03:32 GMT
server
nginx
etag
"5f746604-2ed6"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
11990
expires
Thu, 25 Nov 2021 04:51:42 GMT
bstc7c219ec36f28cdf2e7d4292c2b0fa0c.gif
trafmag.com/ 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trafmag.com/bstc7c219ec36f28cdf2e7d4292c2b0fa0c.gif?site_id=1047&informer_id=0&rnd=163721110215244016
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
trafmag.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
cache-control
must-revalidate
content-type
image/gif
server
nginx
p3p
CP="NON DSP COR CURa TIA"
x-frame-options
SAMEORIGIN
expires
Wed, 01 Sep 2012 11:11:11 GMT
pubads_impl_2021111501.js
securepubads.g.doubleclick.net/gpt/ 		345 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118768
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:34:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Nov 2021 04:51:42 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		83 B
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=orakul.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
39624914f45f74d657c6a62dfde2e3ec9754b07fdd5c33ee620187c6e4202ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77
x-xss-protection
0
expires
Thu, 18 Nov 2021 04:51:42 GMT
configs
cdn.gravitec.net/sdk/web/ 		2 KB
1020 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/sdk/web/configs?appKey=b35772f03a19377840256c95bdfcb041
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/b35772f03a19377840256c95bdfcb041/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6a1c82399b84e2c52d73f9578b947312d6400d13a4b4c12fa1e473fa6bd02884

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
x-correlation-id
a491279d7a922d2fbcb1700ee38ac04b
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
content-encoding
gzip
x-proxy-cache
EXPIRED
link_dot.png
cs03.trafmag.com/banners/rozetka300x250v4/ 		95 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/banners/rozetka300x250v4/link_dot.png
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
c581cfab3bce30352233131a4cbc18385b63982e86a0d9c97172ea12b188b282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
last-modified
Tue, 18 Jun 2019 12:26:08 GMT
server
nginx
etag
"5d08d860-5f"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
95
expires
Thu, 25 Nov 2021 04:51:42 GMT
z
s.znctrack.net/ Frame B5D9 		50 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.znctrack.net/z
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
bfd4551464d142e6336482ee16579ff18161541f6f198035a085bcd4367dc53d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23383
expires
Thu, 01 Jan 1970 00:00:01 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=440574859&t=pageview&_s=1&dl=https%3A%2F%2Forakul.com%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF%D1%8B%3A%20%D0%B5%D0%B6%D0%B5%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D1%8B%D0%B9%2C%20%D1%81%D0%BE%D0%B2%D0%BC%D0%B5%D1%81%D1%82%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D0%BD%D1%8B%D0%B9%20%D0%B8%20%D0%B2%D0%BE%D1%81%D1%82%D0%BE%D1%87%D0%BD%D1%8B%D0%B9%20%D0%B3%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1978929830&gjid=1760762638&cid=1642257109.1637211102&tid=UA-1593277-4&_gid=1046787920.1637211102&_r=1&_slc=1&z=71043853
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://orakul.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://orakul.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=orakul.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=orakul.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		97 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057682893720302&correlator=4284830952380023&output=ldjh&impl=fifs&eid=31063783%2C31062931&vrg=2021111501&ptt=17&sc=1&sfv=1-0-38&ecs=20211118&iu_parts=43356090%2Corakul.ua_728x90_self&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1637211102&dt=1637211102277&dlt=1637211102032&idt=213&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=0&adks=770942202&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Forakul.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x2157&msz=1600x105&ga_vid=1642257109.1637211102&ga_sid=1637211102&ga_hid=440574859&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b1578ba5f94e1d3f6576a4aefd2e03182bd733df1260741492a4b709d15b755f
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJGttNGOofQCFRWndwodhosFwg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJGttNGOofQCFRWndwodhosFwg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32800
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Thu, 18 Nov 2021 04:51:42 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://orakul.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		444 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057682893720302&correlator=4284830952380023&output=ldjh&impl=fifs&eid=31063783%2C31062931&vrg=2021111501&ptt=17&sc=1&sfv=1-0-38&ecs=20211118&iu_parts=43356090%2Corakul.ua_brend&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1637211102&dt=1637211102286&dlt=1637211102032&idt=213&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=2156&adks=3040300466&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Forakul.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x2157&msz=1x-1&ga_vid=1642257109.1637211102&ga_sid=1637211102&ga_hid=440574859&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
6127bccb9effa3f98c976a3ca41f29da9b839c2684050e0caef160925d93aa0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://orakul.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057682893720302&correlator=4284830952380023&output=ldjh&impl=fifs&eid=31063783%2C31062931&vrg=2021111501&ptt=17&sc=1&sfv=1-0-38&ecs=20211118&iu_parts=43356090%2Corakul.ua_300x250_self&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1637211102&dt=1637211102287&dlt=1637211102032&idt=213&frm=20&biw=1600&bih=1200&oid=2&adxs=975&adys=342&adks=1569085847&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Forakul.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x2&msz=300x2&ga_vid=1642257109.1637211102&ga_sid=1637211102&ga_hid=440574859&ga_fc=true&fws=4&ohw=1000&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
190c1f7cecd6244f3e8f93d8bc7cfe1f91cbd191d580af5e9ecf9b0e3c9b24d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9527
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://orakul.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		190 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057682893720302&correlator=4284830952380023&output=ldjh&impl=fifs&eid=31063783%2C31062931&vrg=2021111501&ptt=17&sc=1&sfv=1-0-38&ecs=20211118&iu_parts=43356090%2Corakul_160x600_left_self%2Corakul_160x600_right_self&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=160x600%2C160x600&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1637211102&dt=1637211102288&dlt=1637211102032&idt=213&frm=20&biw=1600&bih=1200&oid=2&adxs=130%2C1310&adys=165%2C165&adks=3339105464%2C353626697&ucis=4%7C5&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Forakul.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C1600x0&msz=160x-1%7C160x-1&ga_vid=1642257109.1637211102&ga_sid=1637211102&ga_hid=440574859&ga_fc=true&fws=0%2C0&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
db8e600ed386c138d89fad0a8a5a9d179c6bda445a2d4c08712d6682fc576170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31164
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://orakul.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0CD5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 18 Nov 2021 04:51:42 GMT
expires
Fri, 18 Nov 2022 04:51:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c.html
cdn.admixer.net/scripts3/ Frame 39AF 		637 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/c.html
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/

Response headers

server
nginx
date
Thu, 18 Nov 2021 04:51:42 GMT
content-type
text/html
last-modified
Wed, 17 Nov 2021 10:00:04 GMT
vary
Accept-Encoding
etag
W/"6194d2a4-27d"
expires
Fri, 18 Nov 2022 10:01:15 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2021-11-17T10:01:15+00:00
x-id
fr5-up-gc31
content-encoding
gzip
ae85f19996d2e523ddd7.b.js
cdn.admixer.net/scripts3/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e97e4e1a626109cc68dd6c4d590bb9af6f32522664224e559e4f2e48d9c4da53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 10:00:03 GMT
server
nginx
etag
W/"6194d2a3-5d41"
vary
Accept-Encoding
x-cached-since
2021-11-17T10:01:15+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 18 Nov 2022 10:01:14 GMT
f70a8841ecd3d487588c.b.js
cdn.admixer.net/scripts3/ 		93 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/f70a8841ecd3d487588c.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
23c0b8d3b6f621ae5d9d2a5730282e8b125581db9ced15efea6cc021b9e6b6dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 10:00:10 GMT
server
nginx
etag
W/"6194d2aa-17590"
vary
Accept-Encoding
x-cached-since
2021-11-17T10:01:15+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 18 Nov 2022 10:01:15 GMT
dsp.aspx
inv-nets.admixer.net/ 		276 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1700516800041680.5&cpv=562f9929-be29-d987-df6e-e06ecb3aa154&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22f78d8d5f-a517-998b-b491-19ccb5b6eb48%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Forakul.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223a54e676-7853-11ef-2087-5ac5e9100963%22%2C%22tagid%22%3A%22d5cdafdd-1bd5-4e9b-8f97-6ae02111bf7b%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_d5cdafdd1bd54e9b8f976ae02111bf7b_zone_25928_sect_8029_site_6727%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/f70a8841ecd3d487588c.b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
4d5a195f8d3400af7a2e827167273371982f74863bea8e417fb578f1f95d16ed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 04:51:42 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript
Keep-Alive
timeout=25
Content-Length
238
X-Xss-Protection
0
/
loadercdn.net/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=b729a2fb2e8e5312&d=orakul.com
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 18 Nov 2021 04:51:42 GMT
server
openresty
366ee700b9c746906336.b.js
cdn.admixer.net/scripts3/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/366ee700b9c746906336.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a941be2318d79441ad1a966e6720e8129624611ee13198f78f7c2e59dbb2668b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 09:59:54 GMT
server
nginx
etag
W/"6194d29a-702f"
vary
Accept-Encoding
x-cached-since
2021-11-17T10:01:17+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 18 Nov 2022 10:01:17 GMT
96e75df30cb0c2960782.b.js
cdn.admixer.net/scripts3/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/96e75df30cb0c2960782.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ea3b3fccc80ec2367900c7b7fff7162a7ba2bff793b31df137ac8bfe1826a7e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 10:00:00 GMT
server
nginx
etag
W/"6194d2a0-a793"
vary
Accept-Encoding
x-cached-since
2021-11-17T10:01:17+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 18 Nov 2022 10:01:17 GMT
d7a232625e8b46740f32.b.js
cdn.admixer.net/scripts3/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/d7a232625e8b46740f32.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f71a2212eabcd2e75afe61c0fb04dd593b8ffdf48989c40877c30d7fdd54f25a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 10:00:07 GMT
server
nginx
etag
W/"6194d2a7-326c"
vary
Accept-Encoding
x-cached-since
2021-11-17T10:01:17+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 18 Nov 2022 10:01:17 GMT
c5269cdd87d00faac127.b.js
cdn.admixer.net/scripts3/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/c5269cdd87d00faac127.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
28333d75fe86f4d034f512efaea2e39f21f33e4cd8385ed715f931e16236821b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 10:00:05 GMT
server
nginx
etag
W/"6194d2a5-2a79"
vary
Accept-Encoding
x-cached-since
2021-11-17T10:01:17+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 18 Nov 2022 10:01:17 GMT
b399503c124742dbbd6e.b.js
cdn.admixer.net/scripts3/ 		214 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/b399503c124742dbbd6e.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
267af5a9d0c450f643fa97ce518f770ddf80663c589eca901b707391fa6ba9d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 10:00:03 GMT
server
nginx
etag
W/"6194d2a3-3574f"
vary
Accept-Encoding
x-cached-since
2021-11-17T10:01:17+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 18 Nov 2022 10:01:17 GMT
wrapper_hb_299755_4460.es6.js
player.adtelligent.com/prebidlink/454780/ 		72 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/454780/wrapper_hb_299755_4460.es6.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_299755_4460.js?cb=18949
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e91911587ba30775be3b17574c2fb86897dd00c2654673b4f786abee49c38e9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 16:00:03 GMT
server
nginx
etag
W/"61952703-12150"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 18 Nov 2021 05:51:42 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98885298c5a6463540ef901010d537e1110e979ac19b61a9960a326e69aa477d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1047 / 804 of 1000 / last-modified: 1637190384"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26822
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Nov 2021 04:51:42 GMT
z
s.znctrack.net/ Frame 4352 		102 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.znctrack.net/z
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
19f9423f76bc0ec0c2308b2bbe1e80416253e154f24bbcd51a3de78e58088722

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://orakul.com
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
hb_299755_4460.js
player.adtelligent.com/prebidlink/ex18949/ 		271 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex18949/hb_299755_4460.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454780/wrapper_hb_299755_4460.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6070791b5628669c71de351e7d1fc341098aaffef59675d60bc6c524250a81d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 12:48:42 GMT
server
nginx/1.18.0
etag
W/"618e62aa-43d3d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 18 Nov 2021 05:51:42 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
container.html
b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 911A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 18 Nov 2021 04:51:42 GMT
expires
Fri, 18 Nov 2022 04:51:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ghb.adtelligent.com/geo/ 		141 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454780/wrapper_hb_299755_4460.es6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
48048b6601e63749eb014a1dd5c31c6cc8272f633cb53849a224783e34569015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://orakul.com
Date
Thu, 18 Nov 2021 04:51:41 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
141
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/ 		43 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=299755&site_id=4460&full_page_url=https%3A%2F%2Forakul.com%2F&adid=4h7vru.i8&vpbv=N013&lifecycle_tte=719
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454780/wrapper_hb_299755_4460.es6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://orakul.com
Date
Thu, 18 Nov 2021 04:51:41 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/ Frame 9095 		70 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d5d4fe613a4f424515742eca7888b87c66788ba3377ba1f494d9e869dc7caba
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Wed, 17 Nov 2021 09:39:10 GMT
expires
Thu, 17 Nov 2022 09:39:10 GMT
last-modified
Wed, 15 Sep 2021 07:02:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
41753
age
69152
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 911A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtM463tuVYZHGE5XO3gOGl5aQDN6P97Vmtayej8MOtqTyjNMHEAEg4s7wKGCVgouCmAegAfCduvIDyAEJqQK7PEaVr_6yPuACAKgDAcgDCKoEzgFP0BzcTq9Fim3lwMuumWRFTJOc4rHE7wTyaO-q56joOLpkcgwHblfPo6qASc929JQh8DAQVJgSowKuaTPuNEnOaPzzRYf5jFMHxOsY3IYJdqYESPV4Ft3HIOjK9cRYUujLii2DdHMYHyNH-6nN2ZyIQiJhwStTFFDNwwc_tDLCEm0JhXZ2Xdg2or0VWjqLiFmBDHsqQaGhSTAbeetydNHpG7HDkKkGJja1_iqSwTNqIwJTyquc9VQpqswh_Mz9s2J7lZAtCAx3LxRUv2PnCMAEtoXX73jgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-OHFDagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIr7BtIICQiI4YAQEAEYHYAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi05NTk3Njg4ODUwMzAwNjI4GMKaIg&sigh=d0eebLiJ3sI&uach_m=[UACH]&template_id=419
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 911A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:48:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:48:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 911A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2696
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:06:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 911A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 18 Nov 2021 04:51:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 911A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:39:01 GMT
l
www.google.com/ads/measurement/ Frame 911A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnH5AHaCCEaF2tOzzjxqscdO0AJCEcVjmGKOgCE7CDp2r66e13b7iNTlACT4i0XW2eFI5rdMXk4afgMBcIr1OsntmQgA
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
config.json
player.adtelligent.com/exchange_rates/299738/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/299738/config.json?cb=https%3A%2F%2Forakul.com%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18949/hb_299755_4460.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d08469f82da2f8943f19c5d191e2c27cdd56d08677760da6cc75c556845e18d3

Request headers

Referer
https://orakul.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 00:02:12 GMT
server
nginx
etag
W/"61959804-19c1"
content-type
application/json
access-control-allow-origin
https://orakul.com
expires
Thu, 18 Nov 2021 05:51:42 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
/
id.gravitec.net/ Frame E312 		621 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://id.gravitec.net/
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/b35772f03a19377840256c95bdfcb041/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-type
text/html; charset=utf-8
last-modified
Mon, 13 Apr 2020 15:31:02 GMT
etag
W/"5e9485b6-26d"
access-control-allow-origin
*
x-accel-expires
@1904239108
server
CDN77-Turbo
x-77-nzt
AcO1rywkICf/2nzhAg==
x-77-nzt-ray
Qd4uLXsz3ZQ=
x-cache
HIT
x-age
48331994
x-77-pop
frankfurtDE
x-77-cache
HIT
content-encoding
br
s
googleads.g.doubleclick.net/pagead/drt/ Frame 882F 		143 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 18 Nov 2021 04:02:14 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 911A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1935f9318660c957ea4cc4faf915d69d79b1855379b3a0160c5f938236e3617d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
csyncs
ghb.adtelligent.com/ 		730 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=445864&aid2=445865&aid3=605039&aid4=607661&aid5=undefined
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454780/wrapper_hb_299755_4460.es6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
bc0f94089cc7a6a1bee2676b63ca84880e97e69d6b6fd5d67b872876ffca5d21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 04:51:41 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://orakul.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
350
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9095 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 13:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 18 Nov 2021 13:42:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9095 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 14:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 18 Nov 2021 14:22:06 GMT
logo_d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/ Frame 9095 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/logo_d.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
128730
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1450
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 07:02:31 GMT
server
sffe
date
Tue, 16 Nov 2021 17:06:12 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 16 Nov 2022 17:06:12 GMT
tyre.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/ Frame 9095 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/tyre.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e746c385ab6f4ff90951bf1b6abb87ce52b68528a6856cd95edfd439c51c18d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
200374
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24250
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 07:02:31 GMT
server
sffe
date
Mon, 15 Nov 2021 21:12:08 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 15 Nov 2022 21:12:08 GMT
bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/ Frame 9095 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/bg.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21a6a09b1d1c3d875dde86cc384ebf25898a1d5c4b041b9541bd64964c9b9eb5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
200374
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48514
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 07:02:31 GMT
server
sffe
date
Mon, 15 Nov 2021 21:12:08 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 15 Nov 2022 21:12:08 GMT
logo_l.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/ Frame 9095 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/logo_l.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
93726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1497
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 07:02:31 GMT
server
sffe
date
Wed, 17 Nov 2021 02:49:36 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 17 Nov 2022 02:49:36 GMT
logo_3pmsf_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/ Frame 9095 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/logo_3pmsf_white.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12884262773757603642/nt_w21-DE_728x90_tire-guarantee/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1da46754ab097219c68cc82cd9cf943248d15c5fe9c45f2116d28e778cd81f52
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
487576
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2674
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 07:02:31 GMT
server
sffe
date
Fri, 12 Nov 2021 13:25:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Nov 2022 13:25:26 GMT
0.bundle.js
cdn.gravitec.net/modules/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/0.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/b35772f03a19377840256c95bdfcb041/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 09:53:50 GMT
server
nginx
etag
W/"608930ae-2550"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 28 Apr 2021 10:08:07 GMT
cache-control
max-age=10
x-proxy-cache
HIT
1.bundle.js
cdn.gravitec.net/modules/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/1.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/b35772f03a19377840256c95bdfcb041/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:42 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 09:53:50 GMT
server
nginx
etag
W/"608930ae-8092"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 28 Apr 2021 10:08:07 GMT
cache-control
max-age=10
x-proxy-cache
HIT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 882F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 18 Nov 2021 04:51:42 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 18 Nov 2021 04:51:42 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 18 Nov 2021 04:51:42 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csync
sync.adtelligent.com/ Frame 818C
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=88dbd0a9-e2a8-43e0-9c43-e26c58017cb9
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=88dbd0a9-e2a8-43e0-9c43-e26c58017cb9
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454780/wrapper_hb_299755_4460.es6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/

Response headers

Server
VertaMedia 1.0
Date
Thu, 18 Nov 2021 04:51:43 GMT
Content-Length
0
Etag
8c2bd222bf220f3a

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=88dbd0a9-e2a8-43e0-9c43-e26c58017cb9
content-length
0
date
Thu, 18 Nov 2021 04:51:42 GMT
server
_
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=8c2bd222bf220f3a
35 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=8c2bd222bf220f3a
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:43 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=8c2bd222bf220f3a
Date
Thu, 18 Nov 2021 04:51:42 GMT
Server
VertaMedia 1.0
Etag
8c2bd222bf220f3a
Content-Length
0
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:43 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
102
x-xss-protection
1; mode=block
expires
-1
truncated
/ Frame 9095 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50

Request headers

Referer
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
container.html
b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C8A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 18 Nov 2021 04:51:42 GMT
expires
Fri, 18 Nov 2022 04:51:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E7BC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 18 Nov 2021 04:51:42 GMT
expires
Fri, 18 Nov 2022 04:51:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6C8A 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:43:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6C8A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5WF63tuVYb6FJNOtrATP1JyYAZ37srRm6p2-8eMO_4uW3qArEAEg4s7wKGCVgouCmAegAYTAl94DyAEJqQK7PEaVr_6yPuACAKgDAcgDmwSqBNYBT9Arj3KCI7KDsC8xTQs8lUmAREtuBNszWYAwVtB9MItH3P_4cv4nVeKZQPQ_Tq-6Q--UJPRBY6UYKXg5MmipEgqXNNLy42Dz4L0bizjDrfeGlJNA1omobneA7FcZw0GFt2sV68DTCBGxx-8IwnUxeO3_nIXcaOJQr-hcD7Y0cPOWZWttFMJCwkv7fqjnJm-5lYo0NUNiNtLAlZ9763c1iX2jet2N91OJo5QnUHYCxYAPcllxpwGg9V0ZjO25cUFtTGVcvKadJltqZhlvHCLpl3ICcF2bEMAEib2_sNMD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6XfzfICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEIjvHNIICQiI4YAQEAEYHYAKA8gLAdgTDtAVAYAXAbIXHgocCAASFHB1Yi05NTk3Njg4ODUwMzAwNjI4GMKaIg&sigh=le4bDgs6MBE&uach_m=[UACH]&template_id=494
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 6C8A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:48:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:48:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6C8A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:06:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C8A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 18 Nov 2021 04:51:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6C8A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:39:01 GMT
l
www.google.com/ads/measurement/ Frame 6C8A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-Yy2xkL2443P-sGM4_rLlZZun_GDk6_6dknaFLzYtVW2XyoZ37ZiC6nJo4ER7LHnFf_6LVVboQNNcjhvKmjyItmJTgA
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame 6C8A 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:40:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 03:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 04:40:46 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E7BC 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:43:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E7BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYhMK3tuVYb-FJNOtrATP1JyYAZ37srRm6p2-8eMO_4uW3qArEAEg4s7wKGCVgouCmAegAYTAl94DyAEJqQK7PEaVr_6yPuACAKgDAcgDmwSqBNkBT9BjCGorPB5XTj5OZrYswz_jpyVsWh-s6p1np2nvaDsdxSDdrZ-pVDQKMZSUKRURgYZWoCmBuFE7MLlbnXZ2qtBAavxm1XjmU5jkkXD-Mo6xMEFSjBZ6WVujnek0yrIAJ4E37bxQgKkOKZROtyJDBli25-tNlZMxEOFZKpcDvkXnNzlhjdhHfnPufNxM5-Qs0SXRubeyvm-fYYCaBpJirhCfyuWAxx-Je7SqWmxM6FTOKzi7gc8UoCp9aRwct0OdL6OHhPI3VIJgpLL5lvIGkDHBsLiNQg_d9MAEib2_sNMD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6XfzfICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEM-xF9IICQiI4YAQEAEYHYAKA8gLAdgTDtAVAYAXAbIXHgocCAASFHB1Yi05NTk3Njg4ODUwMzAwNjI4GMKaIg&sigh=LU20qkO0iK8&uach_m=[UACH]&template_id=494
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame E7BC 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:48:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:48:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E7BC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:06:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E7BC 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 18 Nov 2021 04:51:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E7BC 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:39:01 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame E7BC 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:40:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 03:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 04:40:46 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 6C8A 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRKuH3rJfZgp6gRdGxe8J-9W9QCnQyK4FB-t0ZwQrOk32ndJs4&usqp=CAI
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d4063941a8461606790ff081c584fb607f1c7e1ffb5f4eafe4fd5840d7af185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:49:39 GMT
x-content-type-options
nosniff
age
486124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25459
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 01:34:23 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 12 Nov 2022 13:49:39 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 6C8A 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSwqQP2jMq7sQGjvGc1kYL1VXEh5ddBGB5e0HS8eQwig7pt6B8_-B4xbCiort8&usqp=CAI
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f2b928380f527986730b8010fcaf32a7848a643ee86977d2b008ede5eee5bb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 09:59:51 GMT
x-content-type-options
nosniff
age
67912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17512
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 01:18:36 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 17 Nov 2022 09:59:51 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 6C8A 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSlIJl6xrGLoMZ5MnwitW2jKwLLl0zJHCShnrxwG4OX3Nw_t2I&usqp=CAI
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ee683bc3fce4c181aa44c82078f61975235f1bf0ed7924da4d39254149aa7ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 06:59:44 GMT
x-content-type-options
nosniff
age
510719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22712
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 03:35:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 12 Nov 2022 06:59:44 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 6C8A 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSfjvWyhAtF4VcNuGrZdophWVfGy1tiqAcg5x6z0H0rQ7LeqEIQwjHQGK9Gpe8&usqp=CAI
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17e1d5f52bad4cbb281ba3602c05b20f0fd554bfdf7bae45f9860ffd0bd2dbc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 21:20:33 GMT
x-content-type-options
nosniff
age
199870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35112
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 13:34:19 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 15 Nov 2022 21:20:33 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 6C8A 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS3S7acXPGPsdBF7t7eoymiYNe1hNFWhT00F9eCa6QU9IHWv2Q&usqp=CAI
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad95ed5a09e3273139e8b6eb0e12385f917141cae83437047c436b9ffdba09aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:10:47 GMT
x-content-type-options
nosniff
age
520856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27759
x-xss-protection
0
last-modified
Wed, 06 Sep 2017 11:00:48 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 12 Nov 2022 04:10:47 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame E7BC 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRKuH3rJfZgp6gRdGxe8J-9W9QCnQyK4FB-t0ZwQrOk32ndJs4&usqp=CAI
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d4063941a8461606790ff081c584fb607f1c7e1ffb5f4eafe4fd5840d7af185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:49:39 GMT
x-content-type-options
nosniff
age
486124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25459
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 01:34:23 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 12 Nov 2022 13:49:39 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame E7BC 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSwqQP2jMq7sQGjvGc1kYL1VXEh5ddBGB5e0HS8eQwig7pt6B8_-B4xbCiort8&usqp=CAI
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f2b928380f527986730b8010fcaf32a7848a643ee86977d2b008ede5eee5bb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 09:59:51 GMT
x-content-type-options
nosniff
age
67912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17512
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 01:18:36 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 17 Nov 2022 09:59:51 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame E7BC 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSlIJl6xrGLoMZ5MnwitW2jKwLLl0zJHCShnrxwG4OX3Nw_t2I&usqp=CAI
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ee683bc3fce4c181aa44c82078f61975235f1bf0ed7924da4d39254149aa7ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 06:59:44 GMT
x-content-type-options
nosniff
age
510719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22712
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 03:35:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 12 Nov 2022 06:59:44 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame E7BC 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS3S7acXPGPsdBF7t7eoymiYNe1hNFWhT00F9eCa6QU9IHWv2Q&usqp=CAI
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad95ed5a09e3273139e8b6eb0e12385f917141cae83437047c436b9ffdba09aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:10:47 GMT
x-content-type-options
nosniff
age
520856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27759
x-xss-protection
0
last-modified
Wed, 06 Sep 2017 11:00:48 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 12 Nov 2022 04:10:47 GMT
truncated
/ Frame 6C8A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1a534fb185c36e26a0c4d9f0867f9ad243365f6c3cdba69d5e361743bbf9fff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E7BC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a8e19581ac1aec1c3ea4d5a4736d029944179db83a6fbbff1af1ba097c066e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1a5e82df25a880c12bfa9c4e87a56962bba1c205893b3404fb8b11f5a8067d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 04:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9266
x-xss-protection
0
lato.woff2
cdn.gravitec.net/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/fonts/lato.woff2
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer
https://orakul.com/
Origin
https://orakul.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:43 GMT
last-modified
Wed, 28 Apr 2021 09:53:50 GMT
server
nginx
etag
"608930ae-36dc"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
expires
Wed, 28 Apr 2021 10:14:57 GMT
cache-control
max-age=10
accept-ranges
bytes
content-length
14044
x-proxy-cache
HIT
sourcesanspro.woff2
cdn.gravitec.net/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer
https://orakul.com/
Origin
https://orakul.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:43 GMT
last-modified
Wed, 28 Apr 2021 09:53:50 GMT
server
nginx
etag
"608930ae-1e44"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
expires
Wed, 28 Apr 2021 10:14:57 GMT
cache-control
max-age=10
accept-ranges
bytes
content-length
7748
x-proxy-cache
HIT
360164871.png
cdn.gravitec.net/images/users/1605134069071347712/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gravitec.net/images/users/1605134069071347712/360164871.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
7b3f9ded26b95bd37f0ce1f04cc6370346458bbb28abe8dc55d8f64cd85de8f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Thu, 18 Nov 2021 04:51:43 GMT
last-modified
Wed, 26 Sep 2018 10:40:57 GMT
server
nginx
etag
"5bab6239-c17c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
49532
x-proxy-cache
HIT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 18 Nov 2021 04:51:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 38D4 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 18 Nov 2021 02:53:42 GMT
expires
Fri, 18 Nov 2022 02:53:42 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7081
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 75E3 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d5d6b9d3b4f8f1ebaf8ba3a1e2a3122e93aff00cd9409c0fa569cde0eb8b1643
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vwJcvXgK0gcN9eZQETUJGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 18 Nov 2021 04:51:43 GMT
date
Thu, 18 Nov 2021 04:51:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vwJcvXgK0gcN9eZQETUJGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sts
pubads.g.doubleclick.net/td/ 		0
0
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 38D4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 12:23:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
59322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Nov 2022 12:23:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 75E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111501&jk=3057682893720302&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_td_sts_rpc_error&pvsid=3057682893720302&vrg=2021111501&nw_id=43356090&nslots=5&eid=31063783%2C31062931&pub_url=https%3A%2F%2Forakul.com%2F&timeout_ms=1000&duration_ms=77&url_count=39
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0BEE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 18 Nov 2021 04:51:42 GMT
expires
Fri, 18 Nov 2022 04:51:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 911A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskKnew4kKkN4DUDjS7jauQ9fnDwqzVJUTQSB-fqLJoe-LaFGeCbesFb1CrI0OQu8P0VnGkARgQQfhkTsjM0kVU1JDLXruGcV95KE3gLAbVWYemEl7Y6DBnCP29g0Wv826gA_twnEf8drdn&sai=AMfl-YT5EeVKTqY_SYx0D_IwKLUqwLybkHXZw6XIc8DsBdXPIWp7PfH79kN2xDUn197fyjCOX1QNo9WX7CJnRXqRxAxTFJL5tG3ciwoZheGqP3rDPnQ7oT-Hgw2WwFgUqF0&sig=Cg0ArKJSzGoSptw2L7T5EAE&id=lidar2&mcvt=1007&p=0,436,90,1164&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=770942202&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637211102632&rpt=160&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E39B 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CImz_L0CEMatq_ACGNO9k7gBMAE&v=APEucNUbkEAdj7XURXnsAFflaPckeEai7Ljav6-kBEulsEIYeYzXHMV2wubSBxbJqH8bVwkRlHRSJXjcE1cZ0ktXqcYn4jpHrw
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 18 Nov 2021 04:51:43 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 18 Nov 2021 04:51:43 GMT
cache-control
private
ad
googleads.g.doubleclick.net/dbm/ Frame 0BEE 		79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPcDENPkM-1gad9ohCBOESs2rfckqYmSpT0uUGkIGeASb_8XYeIaLB9VXilCMlQSXwU78L-Olmfy1JQelFvEJJIixslCSk4KVxrwCZn0Jq9VzUwTS-Xr3S9w9yONmcCDDNt1P1gNeajyKfHLihpIjQ_VbQOg&dbm_d=AKAmf-D_xttg_LKQylslkrGMGo8vOIyNomX58MniKaLdsxP6MOzRdrdaZmlxh5Sx5qrbQIy7jhfzkwV-haP0-6NqIRy7qdWvSj9J5zP65-iDIaiglZDPxPcuaarbf2AiXVxsmxiv1uRPztKd6gY5SfVdpl3C3wtd9cpShNN4QiSkAKhLhcKEV-omNAk1faF8dHOjjEPdBEYfC-QfbVjmJJoWT7zo1oBM-CH5zOgOlxtslFwM_muAGN1fmOA5Hjk2DWr8WtXvQjUo6bpQtwhW-I0a00Q3fRxgD2rQBnCQyaW_0sy72LxwEVBJw46WL6FDA_bqMcFxksYv8FvsyAXMGQ-XG1bEY27E6wZFlDl5mO4kwVbTmXSkzA8X3r_mfjmmNvZMR6O8PfA63VRjxnMpiKWZkUkwFKwQrjrfC6jIfqXjRxqq4whJZXsW9t6c2pzZhH7EP3shNnCjryZdl-3BX6fSQOTPAPbrR2u9SSZuOsMrzyq-6rqP7Qen7yiQk8KR5f-7AZ8ygVH3cx5O6fARoOOIwBnnSlCs04r5KMkbj4KHWYqErVXVSCKdhF-E8MAyPdP3PpfjIDSxnTPgnXY0sVWUZN-fe9gaIMca7djkCVlHHYnX7qG5JNd0DHwteDAkLNLXlANxBZDM_8TacWmdCDUWVRqK6e3BSiLdGqH9F8ZpFm5Zlg5AS8jweQWID3jlsniL1kzpTz09xFndl3tkNo2iV08q1-wRWfohve6546ifL6OB38HzalcMvtCvsuOYOXAfT7b409zhDR6l8NPr3vTjCJeALTC4hf-HlF-lBcIFBz51EKpOvHlr1YU1xg0K21fEjWuo1QFmErdlN693VxJYrTdRTX912W1TZY_vAXHN7fNwgslD5Zjm55dTN_MUkrAaDNn5RIkNZkEvvPoJnlPJ-agPfMc1Ws2yM9b9l9og8ScSum7UNnYJmsOy1wMd01GAZqCDaUBHiTA7ux-G7Rt4Mkty1wB80oRkcIe1DCJ_aVzG9s6vckVIIJfsmefZrHZI4EgfjgpI1FD-hf1bWXN7MF3wER3fcgEsbHWcKRFrmzoBMCkq6pFgUwn9Mx-q7OKfifBvQeyLVeTVgIUKBaWvDzFdZN0pGTdCV4fQhxeXRtGH1ffd6m67-wIORP4Rkn6A2rqrD8pImsGkiKGnAc1MRM9UE_TkdP1bDExGcS0pxbandV2if9O5hxdjK_Bmo9maxPTJ25IG8-0f28LK_CTUeL39ibxRp9u8C1VU7NrAqPLPCWbf1-EV4ERBQVG3AqeMpppnZMMpxOBWRSEL2dOpV76gYHy8LGzejbXYWs0nSKKZXu5R1dAli-ak0OXhJos_LP1Q7as-kblXEig2egKqmvUIV-xyvsOTtjY7a41XF3uE51UH3L1i8u71ffk_KeeyrZnBj5Y1MIUlj_bJySVNj-eePGMFf0w9pJEijTYqq0K6V0GiuJXk93yyjCi9gvQ0wC9t2voeD_fsnnZDcvOeLDwNioYXTj-d8NTDu73tp2DJbhZWfCQw9Kd6vrACW419u0IUmILF3RXi7BTX7tgj9rLgTJyjoe4CwbWfJaczC2ttKSWu4Wu2buG86stBxaMldsjg5AC0SbOrSINeJ0N_6c2GGr_-D_M4Bwmy4hkhUZnJ7H-BHymmHLwlXYxXi_wa5WIy7tzCqRxXrv55xn41lA0zxMnsTGRVfslIBWSyD8bK6S_QxWOVYOGNFkysmamNeaRqWlSURkLL6RLNubaEWL2C2WLaIYaA6rsu0TN1EmvlwCJpWpzztKjtCpTyuz1JiMAenLaXZCeuro9bun3bjpS9gjPKQEvdeDJdvJ3hGQo5qfBXP1m2Fg8FTKyItNV_QxG7eZ3T12Fdh2d4wwX2AOsWXRQq4Mfx4hMUUTiow0GDbhxKvZ4GuYZK0V0oI3w1EbSx9fjMvILQ7moR3VvUFUNm_dBP2dA-gpZlvnngxKpfEid9z6JYQqn7LBB78b7mONtGMlEeRk35lF136gW3um7gA1NUQsLO8ajjCKnR1xI0e8IGYl97bOR-Ovpg7pM5CJW2aNtW0446iYrzkyFFiPiS98b074d1BMT7xluf4ascSlkX1PGLkTzgdce1BrBnYQE16eo79o-jT3s605sqXzaycQ1DeSuX2dTI4OCUwMYBw0ogvpjgkq68P3mWzaoH9UdAiDiXDNRVkVE9kJ2mdCWY7aO5r345VhFq3gMjSrLjkv_xsh3-cJEjCPryictwxkWHioEAm1rLnKsfzh2p539Y_o26rql6u2Wmh9QQfWKgmLZU3EOUbs9Rwi1R9zK5KkzwLGX49v9Ibw_ZTm29-Kl_K5s_aOJrgOd0j67qhfxobiW12B_NMP3LD54h-XHiSKpCHVJz_JyUFjnIW_umlNo5oXgf61WbDw1In_xj6oNQjRo7s9_8BjQJ8hSMiO2SDX4nG1C7pr0DyxpNWRKpit0jO5qTNbYGUr7kYGxyy-kuWOXD-WQ8bc7XXXq_zrrk7hL1MnIoCkb8cwncGaZzJCU2c22lSeq7_gKhyFhp0OlFJvPbP6POftGVkYCm6hYMhThGb3Kux8FsKPwcMXPGt_uTLRaZBOnG2PDErMkZ0bYzOko7E2upCIyvNzwxOyvOxEwzO9Mf63uX5Jo_nqEYjbX_xSDeBXKB8CBzy9vTPH8-VY6cxYuKs9TD9QOhTiBFXIWUaCopGCRHhTApQzHXA4zpx0BOQXklwcTBkZJshuzCHOqnGrKn6cENeaIg3L8k2Bl89DDk8S6ZZnCF3tPKYN1J0iJIxgBh7gEgwNekVFXQarJy7dFwEBJiZ5X1CV8HyO3zerl9S9j2zvJ37wlTlJIGEG8q_-a6kW75uYJg92sPijZ3qSLzKi6esxmf4QkyNvmiFB9LqFCcXwXTDgcnl-OL5U1IhkHVd3rHrmwwV0VDnvlVkAJZ2bosG5AaIr8Pg70lMPpZ2lpKtBfrqrlHIteADGDiy4JIFws7QZP_XeeOExJYJmGFr1eBTnfd2BZ_DDdxiYpTypT85qpsATl3ekDjdCWzz4E-UkhhMUANUSZthnqMAAHrcmH9l5F7VEAngo23xHyytiW-VxjVt94y46qZcYKg3swdZgvjYfXvVgJTeUK_ufqWrmcsGlsFMj5nXh3EyYb1zbe2fKFEgP6cPylLS0imTbyKNt-_47_EAphTyo-JMZKFV4rY-cO43TT-_P6r72K0ybiiQcZuvTuNGhAjQEOuqJuc8UmzdLudsRbTCSuH_8O5xZAeg8kw2hBMSw5l60eCy5mYEe2ccIVFQNOhMsYfJr9xNRoBs8HFRbruMm05638&cid=CAASFeRoX7_SskYYUudQ3PjO8knl7aFF8Q&rfl=1%2Chttps%253A%252F%252Forakul.com%252F%240
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e92076ce9b16bc36f5fc094a6e19fa9dcd9fce5badd133a23be988362dea039b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31598
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BEE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DaS-GThfTbKg7tWvyZF-rQlV-rS0m6gOM8aoUHHsGlqvkSVNwavekhZ54ZKA_Odsq8xGnNISt1LznuoFIIq9MMtCFXVEFsiRR5s80lpWCPA141Hyw
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0BEE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:06:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BEE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 18 Nov 2021 04:51:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0BEE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:39:01 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 0BEE 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
Origin
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 11:03:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Nov 2021 11:03:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 0BEE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPcDENPkM-1gad9ohCBOESs2rfckqYmSpT0uUGkIGeASb_8XYeIaLB9VXilCMlQSXwU78L-Olmfy1JQelFvEJJIixslCSk4KVxrwCZn0Jq9VzUwTS-Xr3S9w9yONmcCDDNt1P1gNeajyKfHLihpIjQ_VbQOg&dbm_d=AKAmf-D_xttg_LKQylslkrGMGo8vOIyNomX58MniKaLdsxP6MOzRdrdaZmlxh5Sx5qrbQIy7jhfzkwV-haP0-6NqIRy7qdWvSj9J5zP65-iDIaiglZDPxPcuaarbf2AiXVxsmxiv1uRPztKd6gY5SfVdpl3C3wtd9cpShNN4QiSkAKhLhcKEV-omNAk1faF8dHOjjEPdBEYfC-QfbVjmJJoWT7zo1oBM-CH5zOgOlxtslFwM_muAGN1fmOA5Hjk2DWr8WtXvQjUo6bpQtwhW-I0a00Q3fRxgD2rQBnCQyaW_0sy72LxwEVBJw46WL6FDA_bqMcFxksYv8FvsyAXMGQ-XG1bEY27E6wZFlDl5mO4kwVbTmXSkzA8X3r_mfjmmNvZMR6O8PfA63VRjxnMpiKWZkUkwFKwQrjrfC6jIfqXjRxqq4whJZXsW9t6c2pzZhH7EP3shNnCjryZdl-3BX6fSQOTPAPbrR2u9SSZuOsMrzyq-6rqP7Qen7yiQk8KR5f-7AZ8ygVH3cx5O6fARoOOIwBnnSlCs04r5KMkbj4KHWYqErVXVSCKdhF-E8MAyPdP3PpfjIDSxnTPgnXY0sVWUZN-fe9gaIMca7djkCVlHHYnX7qG5JNd0DHwteDAkLNLXlANxBZDM_8TacWmdCDUWVRqK6e3BSiLdGqH9F8ZpFm5Zlg5AS8jweQWID3jlsniL1kzpTz09xFndl3tkNo2iV08q1-wRWfohve6546ifL6OB38HzalcMvtCvsuOYOXAfT7b409zhDR6l8NPr3vTjCJeALTC4hf-HlF-lBcIFBz51EKpOvHlr1YU1xg0K21fEjWuo1QFmErdlN693VxJYrTdRTX912W1TZY_vAXHN7fNwgslD5Zjm55dTN_MUkrAaDNn5RIkNZkEvvPoJnlPJ-agPfMc1Ws2yM9b9l9og8ScSum7UNnYJmsOy1wMd01GAZqCDaUBHiTA7ux-G7Rt4Mkty1wB80oRkcIe1DCJ_aVzG9s6vckVIIJfsmefZrHZI4EgfjgpI1FD-hf1bWXN7MF3wER3fcgEsbHWcKRFrmzoBMCkq6pFgUwn9Mx-q7OKfifBvQeyLVeTVgIUKBaWvDzFdZN0pGTdCV4fQhxeXRtGH1ffd6m67-wIORP4Rkn6A2rqrD8pImsGkiKGnAc1MRM9UE_TkdP1bDExGcS0pxbandV2if9O5hxdjK_Bmo9maxPTJ25IG8-0f28LK_CTUeL39ibxRp9u8C1VU7NrAqPLPCWbf1-EV4ERBQVG3AqeMpppnZMMpxOBWRSEL2dOpV76gYHy8LGzejbXYWs0nSKKZXu5R1dAli-ak0OXhJos_LP1Q7as-kblXEig2egKqmvUIV-xyvsOTtjY7a41XF3uE51UH3L1i8u71ffk_KeeyrZnBj5Y1MIUlj_bJySVNj-eePGMFf0w9pJEijTYqq0K6V0GiuJXk93yyjCi9gvQ0wC9t2voeD_fsnnZDcvOeLDwNioYXTj-d8NTDu73tp2DJbhZWfCQw9Kd6vrACW419u0IUmILF3RXi7BTX7tgj9rLgTJyjoe4CwbWfJaczC2ttKSWu4Wu2buG86stBxaMldsjg5AC0SbOrSINeJ0N_6c2GGr_-D_M4Bwmy4hkhUZnJ7H-BHymmHLwlXYxXi_wa5WIy7tzCqRxXrv55xn41lA0zxMnsTGRVfslIBWSyD8bK6S_QxWOVYOGNFkysmamNeaRqWlSURkLL6RLNubaEWL2C2WLaIYaA6rsu0TN1EmvlwCJpWpzztKjtCpTyuz1JiMAenLaXZCeuro9bun3bjpS9gjPKQEvdeDJdvJ3hGQo5qfBXP1m2Fg8FTKyItNV_QxG7eZ3T12Fdh2d4wwX2AOsWXRQq4Mfx4hMUUTiow0GDbhxKvZ4GuYZK0V0oI3w1EbSx9fjMvILQ7moR3VvUFUNm_dBP2dA-gpZlvnngxKpfEid9z6JYQqn7LBB78b7mONtGMlEeRk35lF136gW3um7gA1NUQsLO8ajjCKnR1xI0e8IGYl97bOR-Ovpg7pM5CJW2aNtW0446iYrzkyFFiPiS98b074d1BMT7xluf4ascSlkX1PGLkTzgdce1BrBnYQE16eo79o-jT3s605sqXzaycQ1DeSuX2dTI4OCUwMYBw0ogvpjgkq68P3mWzaoH9UdAiDiXDNRVkVE9kJ2mdCWY7aO5r345VhFq3gMjSrLjkv_xsh3-cJEjCPryictwxkWHioEAm1rLnKsfzh2p539Y_o26rql6u2Wmh9QQfWKgmLZU3EOUbs9Rwi1R9zK5KkzwLGX49v9Ibw_ZTm29-Kl_K5s_aOJrgOd0j67qhfxobiW12B_NMP3LD54h-XHiSKpCHVJz_JyUFjnIW_umlNo5oXgf61WbDw1In_xj6oNQjRo7s9_8BjQJ8hSMiO2SDX4nG1C7pr0DyxpNWRKpit0jO5qTNbYGUr7kYGxyy-kuWOXD-WQ8bc7XXXq_zrrk7hL1MnIoCkb8cwncGaZzJCU2c22lSeq7_gKhyFhp0OlFJvPbP6POftGVkYCm6hYMhThGb3Kux8FsKPwcMXPGt_uTLRaZBOnG2PDErMkZ0bYzOko7E2upCIyvNzwxOyvOxEwzO9Mf63uX5Jo_nqEYjbX_xSDeBXKB8CBzy9vTPH8-VY6cxYuKs9TD9QOhTiBFXIWUaCopGCRHhTApQzHXA4zpx0BOQXklwcTBkZJshuzCHOqnGrKn6cENeaIg3L8k2Bl89DDk8S6ZZnCF3tPKYN1J0iJIxgBh7gEgwNekVFXQarJy7dFwEBJiZ5X1CV8HyO3zerl9S9j2zvJ37wlTlJIGEG8q_-a6kW75uYJg92sPijZ3qSLzKi6esxmf4QkyNvmiFB9LqFCcXwXTDgcnl-OL5U1IhkHVd3rHrmwwV0VDnvlVkAJZ2bosG5AaIr8Pg70lMPpZ2lpKtBfrqrlHIteADGDiy4JIFws7QZP_XeeOExJYJmGFr1eBTnfd2BZ_DDdxiYpTypT85qpsATl3ekDjdCWzz4E-UkhhMUANUSZthnqMAAHrcmH9l5F7VEAngo23xHyytiW-VxjVt94y46qZcYKg3swdZgvjYfXvVgJTeUK_ufqWrmcsGlsFMj5nXh3EyYb1zbe2fKFEgP6cPylLS0imTbyKNt-_47_EAphTyo-JMZKFV4rY-cO43TT-_P6r72K0ybiiQcZuvTuNGhAjQEOuqJuc8UmzdLudsRbTCSuH_8O5xZAeg8kw2hBMSw5l60eCy5mYEe2ccIVFQNOhMsYfJr9xNRoBs8HFRbruMm05638&cid=CAASFeRoX7_SskYYUudQ3PjO8knl7aFF8Q&rfl=1%2Chttps%253A%252F%252Forakul.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 03:40:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4277
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 03:40:26 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 0BEE 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPcDENPkM-1gad9ohCBOESs2rfckqYmSpT0uUGkIGeASb_8XYeIaLB9VXilCMlQSXwU78L-Olmfy1JQelFvEJJIixslCSk4KVxrwCZn0Jq9VzUwTS-Xr3S9w9yONmcCDDNt1P1gNeajyKfHLihpIjQ_VbQOg&dbm_d=AKAmf-D_xttg_LKQylslkrGMGo8vOIyNomX58MniKaLdsxP6MOzRdrdaZmlxh5Sx5qrbQIy7jhfzkwV-haP0-6NqIRy7qdWvSj9J5zP65-iDIaiglZDPxPcuaarbf2AiXVxsmxiv1uRPztKd6gY5SfVdpl3C3wtd9cpShNN4QiSkAKhLhcKEV-omNAk1faF8dHOjjEPdBEYfC-QfbVjmJJoWT7zo1oBM-CH5zOgOlxtslFwM_muAGN1fmOA5Hjk2DWr8WtXvQjUo6bpQtwhW-I0a00Q3fRxgD2rQBnCQyaW_0sy72LxwEVBJw46WL6FDA_bqMcFxksYv8FvsyAXMGQ-XG1bEY27E6wZFlDl5mO4kwVbTmXSkzA8X3r_mfjmmNvZMR6O8PfA63VRjxnMpiKWZkUkwFKwQrjrfC6jIfqXjRxqq4whJZXsW9t6c2pzZhH7EP3shNnCjryZdl-3BX6fSQOTPAPbrR2u9SSZuOsMrzyq-6rqP7Qen7yiQk8KR5f-7AZ8ygVH3cx5O6fARoOOIwBnnSlCs04r5KMkbj4KHWYqErVXVSCKdhF-E8MAyPdP3PpfjIDSxnTPgnXY0sVWUZN-fe9gaIMca7djkCVlHHYnX7qG5JNd0DHwteDAkLNLXlANxBZDM_8TacWmdCDUWVRqK6e3BSiLdGqH9F8ZpFm5Zlg5AS8jweQWID3jlsniL1kzpTz09xFndl3tkNo2iV08q1-wRWfohve6546ifL6OB38HzalcMvtCvsuOYOXAfT7b409zhDR6l8NPr3vTjCJeALTC4hf-HlF-lBcIFBz51EKpOvHlr1YU1xg0K21fEjWuo1QFmErdlN693VxJYrTdRTX912W1TZY_vAXHN7fNwgslD5Zjm55dTN_MUkrAaDNn5RIkNZkEvvPoJnlPJ-agPfMc1Ws2yM9b9l9og8ScSum7UNnYJmsOy1wMd01GAZqCDaUBHiTA7ux-G7Rt4Mkty1wB80oRkcIe1DCJ_aVzG9s6vckVIIJfsmefZrHZI4EgfjgpI1FD-hf1bWXN7MF3wER3fcgEsbHWcKRFrmzoBMCkq6pFgUwn9Mx-q7OKfifBvQeyLVeTVgIUKBaWvDzFdZN0pGTdCV4fQhxeXRtGH1ffd6m67-wIORP4Rkn6A2rqrD8pImsGkiKGnAc1MRM9UE_TkdP1bDExGcS0pxbandV2if9O5hxdjK_Bmo9maxPTJ25IG8-0f28LK_CTUeL39ibxRp9u8C1VU7NrAqPLPCWbf1-EV4ERBQVG3AqeMpppnZMMpxOBWRSEL2dOpV76gYHy8LGzejbXYWs0nSKKZXu5R1dAli-ak0OXhJos_LP1Q7as-kblXEig2egKqmvUIV-xyvsOTtjY7a41XF3uE51UH3L1i8u71ffk_KeeyrZnBj5Y1MIUlj_bJySVNj-eePGMFf0w9pJEijTYqq0K6V0GiuJXk93yyjCi9gvQ0wC9t2voeD_fsnnZDcvOeLDwNioYXTj-d8NTDu73tp2DJbhZWfCQw9Kd6vrACW419u0IUmILF3RXi7BTX7tgj9rLgTJyjoe4CwbWfJaczC2ttKSWu4Wu2buG86stBxaMldsjg5AC0SbOrSINeJ0N_6c2GGr_-D_M4Bwmy4hkhUZnJ7H-BHymmHLwlXYxXi_wa5WIy7tzCqRxXrv55xn41lA0zxMnsTGRVfslIBWSyD8bK6S_QxWOVYOGNFkysmamNeaRqWlSURkLL6RLNubaEWL2C2WLaIYaA6rsu0TN1EmvlwCJpWpzztKjtCpTyuz1JiMAenLaXZCeuro9bun3bjpS9gjPKQEvdeDJdvJ3hGQo5qfBXP1m2Fg8FTKyItNV_QxG7eZ3T12Fdh2d4wwX2AOsWXRQq4Mfx4hMUUTiow0GDbhxKvZ4GuYZK0V0oI3w1EbSx9fjMvILQ7moR3VvUFUNm_dBP2dA-gpZlvnngxKpfEid9z6JYQqn7LBB78b7mONtGMlEeRk35lF136gW3um7gA1NUQsLO8ajjCKnR1xI0e8IGYl97bOR-Ovpg7pM5CJW2aNtW0446iYrzkyFFiPiS98b074d1BMT7xluf4ascSlkX1PGLkTzgdce1BrBnYQE16eo79o-jT3s605sqXzaycQ1DeSuX2dTI4OCUwMYBw0ogvpjgkq68P3mWzaoH9UdAiDiXDNRVkVE9kJ2mdCWY7aO5r345VhFq3gMjSrLjkv_xsh3-cJEjCPryictwxkWHioEAm1rLnKsfzh2p539Y_o26rql6u2Wmh9QQfWKgmLZU3EOUbs9Rwi1R9zK5KkzwLGX49v9Ibw_ZTm29-Kl_K5s_aOJrgOd0j67qhfxobiW12B_NMP3LD54h-XHiSKpCHVJz_JyUFjnIW_umlNo5oXgf61WbDw1In_xj6oNQjRo7s9_8BjQJ8hSMiO2SDX4nG1C7pr0DyxpNWRKpit0jO5qTNbYGUr7kYGxyy-kuWOXD-WQ8bc7XXXq_zrrk7hL1MnIoCkb8cwncGaZzJCU2c22lSeq7_gKhyFhp0OlFJvPbP6POftGVkYCm6hYMhThGb3Kux8FsKPwcMXPGt_uTLRaZBOnG2PDErMkZ0bYzOko7E2upCIyvNzwxOyvOxEwzO9Mf63uX5Jo_nqEYjbX_xSDeBXKB8CBzy9vTPH8-VY6cxYuKs9TD9QOhTiBFXIWUaCopGCRHhTApQzHXA4zpx0BOQXklwcTBkZJshuzCHOqnGrKn6cENeaIg3L8k2Bl89DDk8S6ZZnCF3tPKYN1J0iJIxgBh7gEgwNekVFXQarJy7dFwEBJiZ5X1CV8HyO3zerl9S9j2zvJ37wlTlJIGEG8q_-a6kW75uYJg92sPijZ3qSLzKi6esxmf4QkyNvmiFB9LqFCcXwXTDgcnl-OL5U1IhkHVd3rHrmwwV0VDnvlVkAJZ2bosG5AaIr8Pg70lMPpZ2lpKtBfrqrlHIteADGDiy4JIFws7QZP_XeeOExJYJmGFr1eBTnfd2BZ_DDdxiYpTypT85qpsATl3ekDjdCWzz4E-UkhhMUANUSZthnqMAAHrcmH9l5F7VEAngo23xHyytiW-VxjVt94y46qZcYKg3swdZgvjYfXvVgJTeUK_ufqWrmcsGlsFMj5nXh3EyYb1zbe2fKFEgP6cPylLS0imTbyKNt-_47_EAphTyo-JMZKFV4rY-cO43TT-_P6r72K0ybiiQcZuvTuNGhAjQEOuqJuc8UmzdLudsRbTCSuH_8O5xZAeg8kw2hBMSw5l60eCy5mYEe2ccIVFQNOhMsYfJr9xNRoBs8HFRbruMm05638&cid=CAASFeRoX7_SskYYUudQ3PjO8knl7aFF8Q&rfl=1%2Chttps%253A%252F%252Forakul.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9475
x-xss-protection
0
server
cafe
etag
15988442915344899701
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 04:46:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0BEE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
URL: https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 17 Nov 2022 17:49:55 GMT
truncated
/ Frame 0BEE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9475f646cc1df14dbc475918d79db26490268b49d8e1a72cca0a0ed22194ff49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111501&jk=3057682893720302&bg=!mZqlmt7NAAZQLpa_UC47ACkAdvg8WraCnFEwLaN75xIiIGidWal2J19z9w2fSc3dLjDtFtAQcUGJ2AIAAABvUgAAAB1oAQcKAEU1oX7nvjmW735tNWB9a8hml0_vBl8s8fpiBRIrWIhDWOK6HfFW15oetOrRN0vqvc0jEgsanAh1pQ0yjxtCRsAqZn6ko0KZApwcl0NigIiFtNZGecuNhABvF4G82p7786Mv3Vynv62siNjHfIzLYAMtgEKoTe9jBl46x_y7DAbimHAq2v3WmPyHzd3ePjZdm24R13fl-lisb0j7WtlLnnQjZrAoFA00roWnCj3oxYbdNJkGlv4J6Xz3mkktor6Qme5Emk9M-vlaCp3HTOGkpIBW-ESjnUxpeOQ-3zF_n_2xQQTnKLMOi1aKVgjm3RDtQiIUgE-FA77-6YIOyeTV_jWqrEmf2b7Lz1MuNDz3sMD6LjMyrZfKR0t3w3Xk9_JWJaBg5sq5-Wq9CiCVE0AL52ySilkE9aj8mZFA3nT14ZCy-NX3Oa4DvVrb0q746YBFcDXt6KwySyTYb00LJpmU2jPE031uZcmru-OJfSI9sH0qNN87poVB4vPZO5TpYFbP9hRG32NNzQka4O7xMfkdpUikkLGcFAcfwZIkp0yA2N27LNwNgxeu4jrHOBRcCWcmjraZP9GcvHwDsGsTECLNkB-Mh7hDDQrdwQ530rLosbNCqXkjjcq7l2ewrXuwCzhd4la9GVO8Q1uTxmXYi1rlaWrX7-ggKi_IYcQbtQ2e5FwmL6dQFCEb_HwWaI0vwITPhsFHAWmpkRGiBSOGwLC58pi347C8k00egoQpKUvT6VzcohDYn0qHV82CkoSVhwhBBhidoq9Y2d4UlQa_v9vOTT-XJo9CrDLA-W_L0jSq6lI19BH0HaaGFJmTIWM4ntMfsMdqkT_wNQAc6OWpRG3QF5kUHHWI1WyfKpjf2bIZhk97ujx-9KgrmLhuudMDtuB-5Ep2DpfYUbDFn0QPwSsJgn-6DzDyXgeWX37U9FlHJg0qkdB-o08Uec4znNS4oKyV4ks3gkuxDWp8Dn6us_fJz8X-cDkynA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7EC4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 17 Nov 2021 17:49:55 GMT
expires
Thu, 17 Nov 2022 17:49:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
39708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 7EC4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 12:23:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
59322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Nov 2022 12:23:01 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/ Frame 2333 		62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=ErF93Ar76V&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3085aac649fa0d732e9fd1e54e0ce46f115238e1c115a7f7ce9de4bc416ab551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-richmedia-studio-eng"
report-to
{"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
timing-allow-origin
*
content-length
16856
date
Thu, 18 Nov 2021 04:51:44 GMT
expires
Thu, 18 Nov 2021 05:41:44 GMT
cache-control
public, max-age=3000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 0BEE 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvOkX_aFWnBbiREMsrpAAmZ5RiHSjYsCEhoP8Tzsph0BhZFhP3ITBeoRQauHjnv8LkC3vVZGQXtT91lieyxrKSZXsY8mByyeRlS20kel228_hWljtVhyHddM5poAbnXzFOrSY8y8PZ1qqsqw4gSMLNT3OB16a0cjLVu6ernHnJOViaTGry2QLd9HmS43lL6QjdiTazANatQ-_nmIkaIe2SQA-u8HaoAcXom9OQkbvLlUY-S47n6flFD-dGwkwsJUBgbvYKAb1QK9rIpoPH_MgN46a-1sAxmMy0rkUExlF2HMJLqwe6WfFGldJh_IMrHVLKEwbpHvHmTGBt2pv7t_b27iHSJt8tbsmrPvSqcEgv30xaNXbhPmt-a_ecfikvzF2tHMiYxcVwRJ2ovvzrrjw3ryX3K4_1QFio2hqXZGnixQNZxSZidYmdiBqeLq8GxGrWr2oiNrDi6fVWjbXOZcZx1vmdVmMq_7Lsc0hFyXHpx-MXMmIYygHmGEup3ckP2ivS_PXf9JcboAmrPQQFFRdQDI1CSfAUEMoTeC64O3mzt-Zo_YS_oj62kYCYMvv1N9xdOlzil-ox2idvziNNfodA5Bn4ZB9PSfLliX9kVu3DfDozbxMRjQGvSRtWa27OMZ_52UM5u0pFHO0sfdDpgkgiXicVx3OT1dVlSxBmXUEvOLwRUIbliLhHNGzHOCaAnDFgIUetbmIAGl_xfdJPd2zHpd-SU2jWCCw_HRYVbPbEW-Zk1IcDwXYuvZnv922oPY8_VLOK6hf6Tjblw9DnkPRfJE9tNk9BD1eTS3qRDV0jwJCpZI1dmVWLskxFNbRiSvkJ6t1toPp6gL8fiASYHYy1yMHd2pg1FwpkU7wWZia4c5xtWmJq0W8y5IxZOlzYmNCger5HJKJBCHOcYBjaERHe3aY3pJ6PQJ8da0QxT7NZIa1ESYuoDj-0ZmFqiJXw-LdqnhUSxQDnimxqaazU4Fh5z09aYKy04yZQsxIDQ8_7qmWs99u3b3NX8oWpSq3BkpGgYpAGmee8g0pWvD_oEhhWoImYtlb2yjW2URTH60eI8NV6aycRChmZZ7g-nYNwBHOXcG4d2S82ujP5tyznwzKZe97v7MfdCQQo&sai=AMfl-YQRCE2ErOs2cReVeLzWp-ShR5Md6Mv3sEySJo0TmOByDMJDCogk0SnI85VKpZxA8xCvgifZTmnv0evCBxw1QpfCAUAXn3H3AWiJDZos5ZpHTnvPNaGQgPm-7KSiKbACjAiqxbggy5gIiU5i-2IVqkeoF_pFS6lFP6B4Pn4&sig=Cg0ArKJSzK_0OwEVBHC-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=113&cbvp=1&cstd=108&cisv=r20211111.52645&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 18 Nov 2021 04:51:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
css
fonts.googleapis.com/ Frame 2333 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=ErF93Ar76V&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 04:21:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 18 Nov 2021 04:51:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Nov 2021 04:51:44 GMT
gwd_webcomponents_min.js
www.gstatic.com/external_hosted/gwd_webcomponents/ Frame 2333 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/gwd_webcomponents/gwd_webcomponents_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=ErF93Ar76V&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5622
x-xss-protection
0
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 18 Nov 2021 04:51:44 GMT
Enabler_01_238.js
s0.2mdn.net/879366/ Frame 2333 		106 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_238.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=ErF93Ar76V&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=ErF93Ar76V&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 23:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19210
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36751
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Nov 2021 23:31:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2333 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:39:48 GMT
x-content-type-options
nosniff
age
486716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:39:48 GMT
prod_studio_01_238_configurablemodule.js
s0.2mdn.net/879366/ Frame 2333 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_238_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=ErF93Ar76V&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 06:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10829
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Nov 2021 06:29:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0BEE 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvOkX_aFWnBbiREMsrpAAmZ5RiHSjYsCEhoP8Tzsph0BhZFhP3ITBeoRQauHjnv8LkC3vVZGQXtT91lieyxrKSZXsY8mByyeRlS20kel228_hWljtVhyHddM5poAbnXzFOrSY8y8PZ1qqsqw4gSMLNT3OB16a0cjLVu6ernHnJOViaTGry2QLd9HmS43lL6QjdiTazANatQ-_nmIkaIe2SQA-u8HaoAcXom9OQkbvLlUY-S47n6flFD-dGwkwsJUBgbvYKAb1QK9rIpoPH_MgN46a-1sAxmMy0rkUExlF2HMJLqwe6WfFGldJh_IMrHVLKEwbpHvHmTGBt2pv7t_b27iHSJt8tbsmrPvSqcEgv30xaNXbhPmt-a_ecfikvzF2tHMiYxcVwRJ2ovvzrrjw3ryX3K4_1QFio2hqXZGnixQNZxSZidYmdiBqeLq8GxGrWr2oiNrDi6fVWjbXOZcZx1vmdVmMq_7Lsc0hFyXHpx-MXMmIYygHmGEup3ckP2ivS_PXf9JcboAmrPQQFFRdQDI1CSfAUEMoTeC64O3mzt-Zo_YS_oj62kYCYMvv1N9xdOlzil-ox2idvziNNfodA5Bn4ZB9PSfLliX9kVu3DfDozbxMRjQGvSRtWa27OMZ_52UM5u0pFHO0sfdDpgkgiXicVx3OT1dVlSxBmXUEvOLwRUIbliLhHNGzHOCaAnDFgIUetbmIAGl_xfdJPd2zHpd-SU2jWCCw_HRYVbPbEW-Zk1IcDwXYuvZnv922oPY8_VLOK6hf6Tjblw9DnkPRfJE9tNk9BD1eTS3qRDV0jwJCpZI1dmVWLskxFNbRiSvkJ6t1toPp6gL8fiASYHYy1yMHd2pg1FwpkU7wWZia4c5xtWmJq0W8y5IxZOlzYmNCger5HJKJBCHOcYBjaERHe3aY3pJ6PQJ8da0QxT7NZIa1ESYuoDj-0ZmFqiJXw-LdqnhUSxQDnimxqaazU4Fh5z09aYKy04yZQsxIDQ8_7qmWs99u3b3NX8oWpSq3BkpGgYpAGmee8g0pWvD_oEhhWoImYtlb2yjW2URTH60eI8NV6aycRChmZZ7g-nYNwBHOXcG4d2S82ujP5tyznwzKZe97v7MfdCQQo&sai=AMfl-YQRCE2ErOs2cReVeLzWp-ShR5Md6Mv3sEySJo0TmOByDMJDCogk0SnI85VKpZxA8xCvgifZTmnv0evCBxw1QpfCAUAXn3H3AWiJDZos5ZpHTnvPNaGQgPm-7KSiKbACjAiqxbggy5gIiU5i-2IVqkeoF_pFS6lFP6B4Pn4&sig=Cg0ArKJSzK_0OwEVBHC-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=262&vt=11&dtpt=149&dett=3&cstd=108&cisv=r20211111.52645&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: orakul.com
URL: https://orakul.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 04:51:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 2333 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
1611056991849575636
s0.2mdn.net/simgad/ Frame 2333 		602 KB
602 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1611056991849575636
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44d81ee8d5b0dd420b8bcf3d06ec944fff9e3404dbe16180bac9b27930efbd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=ErF93Ar76V&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 22:51:12 GMT
x-content-type-options
nosniff
age
540032
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
616213
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 07:44:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Nov 2022 22:51:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EC4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bi3_W39uVYcaDNPjL7_UP3eqw2AYAAAAAOAHgBAI&bg=!trWltfHNAAZQLpa_UC47ACkAdvg8WuFHSsE2eLUW-IbtPcQAIe-uSM_uc4m-TXHkdqrsqDGypbsLngIAAACIUgAAABloAQcKAGjt8XAEMMkmzsXORmRaBSS9DshaZ5XQqTtxFxnBgqo5MQgO9onHuUC1nkmHiYj9r_fxu0QdwlMHGLNgb6vxRiIzSoYIEzJeuiPfmjfPMjsBAVPxd93wI2t5ZD3-77bggKvadQGZJPLkaZkDB2Lr7UJSkoK9aXS_zjgzdqT0bGxtvDHJTP89--G7z_yBZZqBOMGuBbP8IhsuGcMHpJebwYKPJ0zkGjxpx1e3Jb6c_Y-L1qpyeGLXqr5QXC6GS5KvIDlp1ZtPYUo67iwcJafwJglRkoM3ieXWx96WIbAWiLNl7vqyHBAxUb3adJRrxUiaMlDNES31ZnPFkuS2bNxN_WsubVl30fFVz_kXWpekbrUtkz6sULVhXaJrx-HAE4YkaI71eQyREC8I8sA5nz89KQoMGVowPCyJjeYooYcKtj7Mx7PKcDcXZGrA8aQ-vcXOj1dGj_e7uZ04ei7lNVxpo8-_yDeOhNlMqWTb3dAXXdnuXvUo2BGWURKMEHns4JodHTACYnNZY3oAhNn7ST1csnjccrDsMFc5jO8s8UWHfK9CMUe-C2_WMvdyfZWgZvdHf9jTpnl_GSkk_YgXE1S9kKDqiXWlWWpI731do2XSSatvnm58-GnuNPTvXf8c17r_0HqGCirtDvGVafoTdia45hBXTFRhXIWFsHYp5bV8PEjyB4bRsZYTjpdSnRBLdVrIr_w91kZAyNdZ9bDdNUsW6c-q99AN4JxImEiQiZTX1xeDUAhKXmgxa_8RhSNcwAuls5BVyB6GZl9HWsxQ7WW79wVFbHtZ3rRMD47m03Jzd4GjkLcmJ-q-R6JI_7b8WixARkhCjeMjs1jGz3MwWt6rPZjrFoNsGCkZPmLimZIjNwqRpvtXJYznN-y1b9kN2jh1lQ5twEtJgCl0UoDlYCxO8d6yBsOPJsmhSw5bTZJGV8xFxR8LwsdBYrjSQyf5HUQE-Gwuy9ubVw3tOrS-XKA-8aG5pLJuyWdNPZV_kcOeHTG0TColRSyqpi0VBfklQeXye-E46fIl4ZAY7QCCRfAug6TAlPxcI9jHXS9_EgPaX5ViTEybhVJonvnoIMzF01u6DBB8Zxe6lHtzsbKnF5UOfMPzqzEFjr74iPbC6GD0V8_T1TOMcQrc49h-wUwGKAGOg2f9WIdlHztGSpVhYfBonwcwci8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6C8A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzbKhW5AnCdrudwRNLjtIqB8cMtwnnDChWcflEjuRVqC4c_OQiWYc0pE-xvjJLvlSLmEVkc5sR083p9bFUYCHitnabBe94GbBD8VsQ_z_YSLyPjaEcCQ&sai=AMfl-YSoEOupXFFzw_xcux3K4t_ooEWOjyAsGh0fNcknR7lNCCovKE4qm_LdQQG9SH72xMlIo17eor7mbq49Vf8G30t-tywy22kIRUMWdYdb74bEguc4a53wtncYs4q4UVg&sig=Cg0ArKJSzJ6uOB9RQZt2EAE&id=lidar2&mcvt=1000&p=165,130,765,290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3339105464&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637211103022&rpt=171&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E7BC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWOrQDNV1ZcXOK4cnY-eJhhA4cSuPSQ2MV4qq-qSbmxzGWt6jYjUq6JWci3kod9ceLjVcIt3bwLiES7k7XXhG1Des3npjdQJD0_TKY-OpLWTwSdoOfiA&sai=AMfl-YS6cx3nplGW74nc4zpMl15T7tz9L5Hou4kafLTuP6Rurccc3cbLWKUM4Vr67c8nADLBxXK8M8L-a2co1YfKgK28NQFAEc_BQCb77bEmMzheMrUFBjKuPM1ooH1GT4o&sig=Cg0ArKJSzO6g247_U0BpEAE&id=lidar2&mcvt=1001&p=165,1310,765,1470&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=353626697&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637211103028&rpt=173&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1611056991849575636
s0.2mdn.net/simgad/ Frame 2333 		602 KB
602 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1611056991849575636
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44d81ee8d5b0dd420b8bcf3d06ec944fff9e3404dbe16180bac9b27930efbd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=ErF93Ar76V&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 22:51:12 GMT
x-content-type-options
nosniff
age
540032
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
616213
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 07:44:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Nov 2022 22:51:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BEE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHy4LiJzGtfb75qSEzuUEa7wEbb6KzYFulj7ffMW5V4qkR6QVOa7_d1DikagUviLq5pVLDDe2kCTPkWZLD7gPZ94REtl3KewXK8AgXSUXrFPOsShqxSw&sai=AMfl-YQii8iNWVDIsnQ-4-8EicQFOsBvXaSzJ52sViEZ7FGNjLb2-GnN7Ie5wab9SjptGn_ChtSTxJ9HzWhbyD8mjkLh3DFlQ8urZrRSgCo4euHNeTLDHEKeiYGVYhaVc_I&sig=Cg0ArKJSzHH3S5kHc5OWEAE&cid=CAASFeRoX7_SskYYUudQ3PjO8knl7aFF8Q&id=lidar2&mcvt=1000&p=342,975,592,1275&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1569085847&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637211103807&rpt=125&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
300x250.jpg
cs03.trafmag.com/banners/promo/2021blackfriday/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs03.trafmag.com/banners/promo/2021blackfriday/300x250.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.191.235.71 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS
cs03.trafmag.com
Software
nginx /
Resource Hash
10338a0a341fcd27c52fb1b657cbb077270cc35fc511371b03bc43b103c8d8e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:45 GMT
last-modified
Fri, 12 Nov 2021 15:44:02 GMT
server
nginx
etag
"618e8bc2-abfa"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
44026
expires
Thu, 25 Nov 2021 04:51:45 GMT
v3_299755_4460.json
player.adtelligent.com/prebidlink/2728685/ 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/2728685/v3_299755_4460.json?cb=orakul.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454780/wrapper_hb_299755_4460.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
379648c9bc138f4c7766a0cdd7ec385d06053459a1c594b83d44e209ac5e7783

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://orakul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 04:51:45 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 16:00:02 GMT
server
nginx
etag
W/"61952702-306d"
content-type
application/json
access-control-allow-origin
https://orakul.com
expires
Thu, 18 Nov 2021 05:51:45 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
dc_oe=ChMIhu-R0o6h9AIV-OW7CB1dNQxrEAAYACCZ4Z5MQhMI1tvb0Y6h9AIV2Pt3Ch0beQVZ;met=1;&timestamp=1637211114142;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0BEE 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhu-R0o6h9AIV-OW7CB1dNQxrEAAYACCZ4Z5MQhMI1tvb0Y6h9AIV2Pt3Ch0beQVZ;met=1;&timestamp=1637211114142;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 04:51:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/td/sts?render_urls=https://pawzlove-media.s3.us-east-2.amazonaws.com/images/urlscan/21713/urlscan_image/234ef0de7c42eae36157a3111d77ebfd.jpg,https://www.humanesociety.org/sites/default/files/styles/2000x850/public/2018/08/puppy-410265.jpg?h=0c7c9985&itok=KxhG3DVU,https://i.pinimg.com/originals/19/01/dd/1901ddbdaf5f1ddd066a6c77a9ec6d02.png,https://is4-ssl.mzstatic.com/image/thumb/Purple114/v4/d5/d1/c0/d5d1c071-f654-f505-0765-7c1a10341171/source/256x256bb.jpg,https://happytailservet.com/wp-content/uploads/2018/02/raster-3.png,https://i2.wp.com/www.bikesforall.net/wp-content/uploads/2017/03/bikesforall-logo-1-256.png?resize=256%2C256,http://s3.amazonaws.com/pix.iemoji.com/images/emoji/apple/ios-12/256/woman-biking.png,https://b3h2.scene7.com/is/image/BedBathandBeyond/283706668024413p?$imagePLP$&wid=256&hei=256,https://styles.redditmedia.com/t5_2rb8v/styles/communityIcon_3srnewy9kav31.png?width=256&s=88c19e54cb828dbbe743cf145156dfe1384574db,https://static.wikia.nocookie.net/hhwa/images/f/f1/Quarter_t1.png/revision/latest?cb=20150108033346,https://images.squarespace-cdn.com/content/v1/5a168baaa8b2b09a2e8b0214/1592227325353-4PH44TTND45IQKVQ0ZOE/ke17ZwdGBToddI8pDm48kHhlTY0to_qtyxq77jLiHTtZw-zPPgdn4jUwVcJE1ZvWhcwhEtWJXoshNdA9f1qD7T-j82ScS_xjTqFYGqFrT72qZ_E0ELtHpOZiWcSG1QwIMeEVreGuQ8F95X5MZTW1Jw/image-asset.pnghttps://i.imgur.com/pCvlKfV.png,https://i.pinimg.com/474x/69/77/b7/6977b70a129ec184527433bbdf9fe457.jpg,https://d2ph5fj80uercy.cloudfront.net/04/cat2972.jpg,https://styles.redditmedia.com/t5_2zexl/styles/communityIcon_dv2ks8krg3561.png?width=256&s=30865c28ea92dd2b74df8e6d473483b14383556b,https://cf-s3.petcoach.co/thumbnails/user_profile_thumb/uploads/users/21565/avatar/2bcae776e34a854c43288ffa3076624f86a8a442.jpeg,https://pawzlove-media.s3.us-east-2.amazonaws.com/images/urlscan/21734/urlscan_image/a2d749db712f4cd9178d8b75e3346c4b.jpg,https://www.vetrxdirect.com/images/11683-13-om-overweight-management-for-cats-therapeutic-diet.jpg,https://www.automotive-classifieds.com/images/resource/cat-1.png,https://b3h2.scene7.com/is/image/BedBathandBeyond/244058267020188p?$imagePLP$&wid=256&hei=256,https://cdn.iconscout.com/icon/free/png-256/car-automobile-vehicle-personal-family-transportation-emoj-symbol-30709.png,https://file.kbb.com/kbb/images/ownership/havearecallillustration-bluebg.png,https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcS9DElCbc79JfjhNz_R82dyb0jO2UX1QTNI9Q&usqp=CAU,https://www.lafd.org/sites/default/files/IMG_3915.JPG,https://www.gannett-cdn.com/presto/2020/08/13/PDTN/59c15a02-c1d4-4f30-b0cf-51af7cc63bbd-AP20226159790118.jpg,https://static-s.aa-cdn.net/img/ios/894228730/786953dde7e722fd257ce890835ba7ae?v=1,https://s.france24.com/media/display/44518224-d56b-11ea-8dd0-005056bff430/w:1280/p:16x9/Apple-fire2.webp,https://news.artnet.com/app/news-upload/2019/09/GettyImages-1163245900-256x256.jpg,https://mainlinesecurity.com/wp-content/uploads/2017/09/fire-icon-256px.png,https://i.pinimg.com/originals/41/39/6c/41396c595a6ebdc4b301e9d6b45472bf.jpg,https://cdn.iconscout.com/icon/premium/png-256-thumb/fox-119-718928.png,https://images.vexels.com/media/users/3/192653/isolated/lists/0b30c00f3eecbfd37336c9dd29783aa8-flat-orange-fox.png,https://iconarchive.com/download/i107329/google/noto-emoji-animals-nature/22218-fox-face.ico,https://cachedimages.podchaser.com/256x256/aHR0cHM6Ly9hcnR3b3JrLmNhcHRpdmF0ZS5mbS9lZTM1ODRhNS00MmUzLTQ3YmMtOGY0OC02NzJkMDgxNDQ1Mzgvb2Z5Zi1sb2dvLXB1cnBsZS1zcS0zMDAweDMwMDAucG5n/aHR0cHM6Ly93d3cucG9kY2hhc2VyLmNvbS9pbWFnZXMvbWlzc2luZy1pbWFnZS5wbmc%3D,https://guitar.com/wp-content/uploads/2019/12/Normans-Rare-Guitars-72@1050x1400.jpg,https://c8.alamy.com/comp/PGCF2B/los-angeles-united-states-of-america-july-22-2017-guitars-inside-the-guitar-center-on-sunset-boulevard-PGCF2B.jpg,https://guitar.com/wp-content/uploads/2019/12/Normans-Rare-Guitars-73@1400x1050.jpg,https://cdn.iconscout.com/icon/premium/png-256-thumb/electric-guitar-1711457-1450820.png,https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTBVT6khTzFZWRupKPDvplRlxOp8N6qRpcnlA&usqp=CAU,https://cdn.iconscout.com/icon/premium/png-256-thumb/guitar-3418500-2850047.png

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| _m2455853646 number| dayMs number| cb string| vpbSrc string| gptSrc object| c function| loadScript object| googletag object| orakul function| $ function| jQuery function| adriver function| mod_click_count function| click_count function| GetSign function| UpdateInformer function| addBookmark function| slideItem function| show_phone function| isIE function| preloadImage object| jQuery111305817856915743054 object| d object| n object| s object| admixerML object| l_m1794119227 function| ga object| name118now object| trafmag_div_2ab95d1d function| AfLoadAdditionalGoods object| ggeac object| google_js_reporting_queue object| gravitecWebpackJsonp number| _subscriptionStrategy object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| admixerJSONP object| __core-js_shared__ object| core object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad function| adriver_dispatcher function| HELPER object| hb_dmx_res object| banner_rozetka300x250v4 function| html2canvas function| _open object| vpb object| ampInaboxIframes object| ampInaboxPendingMessages function| vmpbjsChunk object| vmpbjs object| _pbjsGlobals object| GravitecConfig object| Gravitec object| WLPush object| litHtmlVersions string| yearOption object| GoogleGcLKhOms object| google_image_requests

16 Cookies

Domain/Path Name / Value
.trafmag.com/ Name: vid
Value: 1410209745946534
.trafmag.com/ Name: viewposter
Value: 150
.orakul.com/ Name: _ga
Value: GA1.2.1642257109.1637211102
.orakul.com/ Name: _gid
Value: GA1.2.1046787920.1637211102
.orakul.com/ Name: _gat
Value: 1
orakul.com/ Name:
Value: store.test
.ukr.net/ Name: tracknew
Value: 1637211102779902.1637211102.1
orakul.com/ Name: cbtYmTName
Value: Fm00f3I0LDR0ISQvdyRwdCRzLnMjJSckNGvl
.admixer.net/ Name: am-uid
Value: c12538631b9d452f808567738cad0f18
orakul.com/ Name: am-uid
Value: c12538631b9d452f808567738cad0f18
loadercdn.net/ Name: vui
Value: 12335c93e36d4fa79e9c68496f71d12d
.doubleclick.net/ Name: IDE
Value: AHWqTUlGtaifiV0Q3sp09L1yvqY_WnKpc3EctxBkuwSJvyFV7q6mPxhN_dWhUxmDZcU
.adtelligent.com/ Name: vmuid
Value: 8c2bd222bf220f3a
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adtelligent.com/ Name: a319130
Value: 88dbd0a9-e2a8-43e0-9c43-e26c58017cb9
.orakul.com/ Name: __gads
Value: ID=04fe88316ff99228-229d0e1ed6cb00fc:T=1637211102:S=ALNI_MY4wzg-BEW9l_cDxUJQse4PSFRUdw

2 Console Messages

Source Level URL
Text
javascript error URL: https://orakul.com/
Message:
Access to XMLHttpRequest at 'https://pubads.g.doubleclick.net/td/sts?render_urls=https://pawzlove-media.s3.us-east-2.amazonaws.com/images/urlscan/21713/urlscan_image/234ef0de7c42eae36157a3111d77ebfd.jpg,https://www.humanesociety.org/sites/default/files/styles/2000x850/public/2018/08/puppy-410265.jpg?h=0c7c9985&itok=KxhG3DVU,https://i.pinimg.com/originals/19/01/dd/1901ddbdaf5f1ddd066a6c77a9ec6d02.png,https://is4-ssl.mzstatic.com/image/thumb/Purple114/v4/d5/d1/c0/d5d1c071-f654-f505-0765-7c1a10341171/source/256x256bb.jpg,https://happytailservet.com/wp-content/uploads/2018/02/raster-3.png,https://i2.wp.com/www.bikesforall.net/wp-content/uploads/2017/03/bikesforall-logo-1-256.png?resize=256%2C256,http://s3.amazonaws.com/pix.iemoji.com/images/emoji/apple/ios-12/256/woman-biking.png,https://b3h2.scene7.com/is/image/BedBathandBeyond/283706668024413p?$imagePLP$&wid=256&hei=256,https://styles.redditmedia.com/t5_2rb8v/styles/communityIcon_3srnewy9kav31.png?width=256&s=88c19e54cb828dbbe743cf145156dfe1384574db,https://static.wikia.nocookie.net/hhwa/images/f/f1/Quarter_t1.png/revision/latest?cb=20150108033346,https://images.squarespace-cdn.com/content/v1/5a168baaa8b2b09a2e8b0214/1592227325353-4PH44TTND45IQKVQ0ZOE/ke17ZwdGBToddI8pDm48kHhlTY0to_qtyxq77jLiHTtZw-zPPgdn4jUwVcJE1ZvWhcwhEtWJXoshNdA9f1qD7T-j82ScS_xjTqFYGqFrT72qZ_E0ELtHpOZiWcSG1QwIMeEVreGuQ8F95X5MZTW1Jw/image-asset.pnghttps://i.imgur.com/pCvlKfV.png,https://i.pinimg.com/474x/69/77/b7/6977b70a129ec184527433bbdf9fe457.jpg,https://d2ph5fj80uercy.cloudfront.net/04/cat2972.jpg,https://styles.redditmedia.com/t5_2zexl/styles/communityIcon_dv2ks8krg3561.png?width=256&s=30865c28ea92dd2b74df8e6d473483b14383556b,https://cf-s3.petcoach.co/thumbnails/user_profile_thumb/uploads/users/21565/avatar/2bcae776e34a854c43288ffa3076624f86a8a442.jpeg,https://pawzlove-media.s3.us-east-2.amazonaws.com/images/urlscan/21734/urlscan_image/a2d749db712f4cd9178d8b75e3346c4b.jpg,https://www.vetrxdirect.com/images/11683-13-om-overweight-management-for-cats-therapeutic-diet.jpg,https://www.automotive-classifieds.com/images/resource/cat-1.png,https://b3h2.scene7.com/is/image/BedBathandBeyond/244058267020188p?$imagePLP$&wid=256&hei=256,https://cdn.iconscout.com/icon/free/png-256/car-automobile-vehicle-personal-family-transportation-emoj-symbol-30709.png,https://file.kbb.com/kbb/images/ownership/havearecallillustration-bluebg.png,https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcS9DElCbc79JfjhNz_R82dyb0jO2UX1QTNI9Q&usqp=CAU,https://www.lafd.org/sites/default/files/IMG_3915.JPG,https://www.gannett-cdn.com/presto/2020/08/13/PDTN/59c15a02-c1d4-4f30-b0cf-51af7cc63bbd-AP20226159790118.jpg,https://static-s.aa-cdn.net/img/ios/894228730/786953dde7e722fd257ce890835ba7ae?v=1,https://s.france24.com/media/display/44518224-d56b-11ea-8dd0-005056bff430/w:1280/p:16x9/Apple-fire2.webp,https://news.artnet.com/app/news-upload/2019/09/GettyImages-1163245900-256x256.jpg,https://mainlinesecurity.com/wp-content/uploads/2017/09/fire-icon-256px.png,https://i.pinimg.com/originals/41/39/6c/41396c595a6ebdc4b301e9d6b45472bf.jpg,https://cdn.iconscout.com/icon/premium/png-256-thumb/fox-119-718928.png,https://images.vexels.com/media/users/3/192653/isolated/lists/0b30c00f3eecbfd37336c9dd29783aa8-flat-orange-fox.png,https://iconarchive.com/download/i107329/google/noto-emoji-animals-nature/22218-fox-face.ico,https://cachedimages.podchaser.com/256x256/aHR0cHM6Ly9hcnR3b3JrLmNhcHRpdmF0ZS5mbS9lZTM1ODRhNS00MmUzLTQ3YmMtOGY0OC02NzJkMDgxNDQ1Mzgvb2Z5Zi1sb2dvLXB1cnBsZS1zcS0zMDAweDMwMDAucG5n/aHR0cHM6Ly93d3cucG9kY2hhc2VyLmNvbS9pbWFnZXMvbWlzc2luZy1pbWFnZS5wbmc%3D,https://guitar.com/wp-content/uploads/2019/12/Normans-Rare-Guitars-72@1050x1400.jpg,https://c8.alamy.com/comp/PGCF2B/los-angeles-united-states-of-america-july-22-2017-guitars-inside-the-guitar-center-on-sunset-boulevard-PGCF2B.jpg,https://guitar.com/wp-content/uploads/2019/12/Normans-Rare-Guitars-73@1400x1050.jpg,https://cdn.iconscout.com/icon/premium/png-256-thumb/electric-guitar-1711457-1450820.png,https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTBVT6khTzFZWRupKPDvplRlxOp8N6qRpcnlA&usqp=CAU,https://cdn.iconscout.com/icon/premium/png-256-thumb/guitar-3418500-2850047.png' from origin 'https://orakul.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://pubads.g.doubleclick.net/td/sts?render_urls=https://pawzlove-media.s3.us-east-2.amazonaws.com/images/urlscan/21713/urlscan_image/234ef0de7c42eae36157a3111d77ebfd.jpg,https://www.humanesociety.org/sites/default/files/styles/2000x850/public/2018/08/puppy-410265.jpg?h=0c7c9985&itok=KxhG3DVU,https://i.pinimg.com/originals/19/01/dd/1901ddbdaf5f1ddd066a6c77a9ec6d02.png,https://is4-ssl.mzstatic.com/image/thumb/Purple114/v4/d5/d1/c0/d5d1c071-f654-f505-0765-7c1a10341171/source/256x256bb.jpg,https://happytailservet.com/wp-content/uploads/2018/02/raster-3.png,https://i2.wp.com/www.bikesforall.net/wp-content/uploads/2017/03/bikesforall-logo-1-256.png?resize=256%2C256,http://s3.amazonaws.com/pix.iemoji.com/images/emoji/apple/ios-12/256/woman-biking.png,https://b3h2.scene7.com/is/image/BedBathandBeyond/283706668024413p?$imagePLP$&wid=256&hei=256,https://styles.redditmedia.com/t5_2rb8v/styles/communityIcon_3srnewy9kav31.png?width=256&s=88c19e54cb828dbbe743cf145156dfe1384574db,https://static.wikia.nocookie.net/hhwa/images/f/f1/Quarter_t1.png/revision/latest?cb=20150108033346,https://images.squarespace-cdn.com/content/v1/5a168baaa8b2b09a2e8b0214/1592227325353-4PH44TTND45IQKVQ0ZOE/ke17ZwdGBToddI8pDm48kHhlTY0to_qtyxq77jLiHTtZw-zPPgdn4jUwVcJE1ZvWhcwhEtWJXoshNdA9f1qD7T-j82ScS_xjTqFYGqFrT72qZ_E0ELtHpOZiWcSG1QwIMeEVreGuQ8F95X5MZTW1Jw/image-asset.pnghttps://i.imgur.com/pCvlKfV.png,https://i.pinimg.com/474x/69/77/b7/6977b70a129ec184527433bbdf9fe457.jpg,https://d2ph5fj80uercy.cloudfront.net/04/cat2972.jpg,https://styles.redditmedia.com/t5_2zexl/styles/communityIcon_dv2ks8krg3561.png?width=256&s=30865c28ea92dd2b74df8e6d473483b14383556b,https://cf-s3.petcoach.co/thumbnails/user_profile_thumb/uploads/users/21565/avatar/2bcae776e34a854c43288ffa3076624f86a8a442.jpeg,https://pawzlove-media.s3.us-east-2.amazonaws.com/images/urlscan/21734/urlscan_image/a2d749db712f4cd9178d8b75e3346c4b.jpg,https://www.vetrxdirect.com/images/11683-13-om-overweight-management-for-cats-therapeutic-diet.jpg,https://www.automotive-classifieds.com/images/resource/cat-1.png,https://b3h2.scene7.com/is/image/BedBathandBeyond/244058267020188p?$imagePLP$&wid=256&hei=256,https://cdn.iconscout.com/icon/free/png-256/car-automobile-vehicle-personal-family-transportation-emoj-symbol-30709.png,https://file.kbb.com/kbb/images/ownership/havearecallillustration-bluebg.png,https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcS9DElCbc79JfjhNz_R82dyb0jO2UX1QTNI9Q&usqp=CAU,https://www.lafd.org/sites/default/files/IMG_3915.JPG,https://www.gannett-cdn.com/presto/2020/08/13/PDTN/59c15a02-c1d4-4f30-b0cf-51af7cc63bbd-AP20226159790118.jpg,https://static-s.aa-cdn.net/img/ios/894228730/786953dde7e722fd257ce890835ba7ae?v=1,https://s.france24.com/media/display/44518224-d56b-11ea-8dd0-005056bff430/w:1280/p:16x9/Apple-fire2.webp,https://news.artnet.com/app/news-upload/2019/09/GettyImages-1163245900-256x256.jpg,https://mainlinesecurity.com/wp-content/uploads/2017/09/fire-icon-256px.png,https://i.pinimg.com/originals/41/39/6c/41396c595a6ebdc4b301e9d6b45472bf.jpg,https://cdn.iconscout.com/icon/premium/png-256-thumb/fox-119-718928.png,https://images.vexels.com/media/users/3/192653/isolated/lists/0b30c00f3eecbfd37336c9dd29783aa8-flat-orange-fox.png,https://iconarchive.com/download/i107329/google/noto-emoji-animals-nature/22218-fox-face.ico,https://cachedimages.podchaser.com/256x256/aHR0cHM6Ly9hcnR3b3JrLmNhcHRpdmF0ZS5mbS9lZTM1ODRhNS00MmUzLTQ3YmMtOGY0OC02NzJkMDgxNDQ1Mzgvb2Z5Zi1sb2dvLXB1cnBsZS1zcS0zMDAweDMwMDAucG5n/aHR0cHM6Ly93d3cucG9kY2hhc2VyLmNvbS9pbWFnZXMvbWlzc2luZy1pbWFnZS5wbmc%3D,https://guitar.com/wp-content/uploads/2019/12/Normans-Rare-Guitars-72@1050x1400.jpg,https://c8.alamy.com/comp/PGCF2B/los-angeles-united-states-of-america-july-22-2017-guitars-inside-the-guitar-center-on-sunset-boulevard-PGCF2B.jpg,https://guitar.com/wp-content/uploads/2019/12/Normans-Rare-Guitars-73@1400x1050.jpg,https://cdn.iconscout.com/icon/premium/png-256-thumb/electric-guitar-1711457-1450820.png,https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTBVT6khTzFZWRupKPDvplRlxOp8N6qRpcnlA&usqp=CAU,https://cdn.iconscout.com/icon/premium/png-256-thumb/guitar-3418500-2850047.png
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
afl.rozetka.com.ua
b7089b2d26b54af08b65f77bd180062f.safeframe.googlesyndication.com
cdn.admixer.net
cdn.gravitec.net
content.adriver.ru
counter.ukr.net
cs03.trafmag.com
csync.loopme.me
dm.hybrid.ai
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
id.gravitec.net
inv-nets.admixer.net
loadercdn.net
orakul.com
pagead2.googlesyndication.com
player.adtelligent.com
pubads.g.doubleclick.net
s.znctrack.net
s0.2mdn.net
securepubads.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
trafmag.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
pubads.g.doubleclick.net
142.250.181.226
142.250.184.226
142.250.186.98
146.0.227.110
162.55.6.212
185.187.81.40
185.187.81.41
193.200.64.15
193.200.65.2
193.200.65.5
195.191.235.71
195.214.195.100
212.42.83.55
213.174.135.1
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a02:6ea0:c700::1
2a03:90c0:41:2801::254
2a0c:5c81:5142::2
37.18.16.22
62.149.0.72
77.109.110.134
01b66c134b8b5a23bf3683b03b4c0dc1975d42d8f2b45d7aaf80862d77a7df8e
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07fb66de9f1cc4079a12ec3fedcd127cc4a51a4f89012e98f9bde17153ab8076
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
099dbd77103a217b6c331679b1b6c70cd99e306b63dad0aeef2bd7101faf250b
0a58791af95cd6a2937b3bf6c809ba54c8ed57f1aad54fbdf419687a429a3490
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0d5d4fe613a4f424515742eca7888b87c66788ba3377ba1f494d9e869dc7caba
0d83e8c41f1b986435a6f2d4d279f5f26eb9a2a2e6483f6851c50dc2d0e7a65b
10338a0a341fcd27c52fb1b657cbb077270cc35fc511371b03bc43b103c8d8e6
10a8e19581ac1aec1c3ea4d5a4736d029944179db83a6fbbff1af1ba097c066e
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17e1d5f52bad4cbb281ba3602c05b20f0fd554bfdf7bae45f9860ffd0bd2dbc1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
190c1f7cecd6244f3e8f93d8bc7cfe1f91cbd191d580af5e9ecf9b0e3c9b24d7
1935f9318660c957ea4cc4faf915d69d79b1855379b3a0160c5f938236e3617d
19f9423f76bc0ec0c2308b2bbe1e80416253e154f24bbcd51a3de78e58088722
1aec2bdc267370ccba729825eb4699cba852cb311f4469dfaa209683c7e48e39
1da46754ab097219c68cc82cd9cf943248d15c5fe9c45f2116d28e778cd81f52
1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50
1f7ab645513317e31a719f3e0c9619f9b22595804543352f590d15a58a4c6ed0
20dd496f956dbc57726701802053f77c8b0f281a6945ca311b7804b695a62da6
215b493385ae56358d58d1456fba4835e897490f61cd4b0838c76893199dd33e
21a6a09b1d1c3d875dde86cc384ebf25898a1d5c4b041b9541bd64964c9b9eb5
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
23c0b8d3b6f621ae5d9d2a5730282e8b125581db9ced15efea6cc021b9e6b6dd
25d2019e12d6b08ec89f465f08a39572bfdced1f02c845045ebdc26bd99a58b0
267af5a9d0c450f643fa97ce518f770ddf80663c589eca901b707391fa6ba9d0
28333d75fe86f4d034f512efaea2e39f21f33e4cd8385ed715f931e16236821b
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3085aac649fa0d732e9fd1e54e0ce46f115238e1c115a7f7ce9de4bc416ab551
319590c4c661a1defe64c3597a8406680ff10665bb5335e0f22c1cf7cbd70b57
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
379648c9bc138f4c7766a0cdd7ec385d06053459a1c594b83d44e209ac5e7783
37e1c110c3ba863ef1c4280bcd6601a388ead4e9d1a6bbcc8622ad54f055cbf6
3879e6688c69c2bcf5abd1db4272bfb33d5e1dfd69559b1e75455e68a7a6fe5a
39624914f45f74d657c6a62dfde2e3ec9754b07fdd5c33ee620187c6e4202ca4
3c3536e8c227ce1db9c1a27923160492437026e060ec7d015f3a332af77bfb7b
3e746c385ab6f4ff90951bf1b6abb87ce52b68528a6856cd95edfd439c51c18d
42066156d2aa4ee3a42224d122d2db777bff32f2d6b2c72d4086ddf5a7e40400
44d81ee8d5b0dd420b8bcf3d06ec944fff9e3404dbe16180bac9b27930efbd15
4603e3334675f00704a8e9e0cc89d61cc2c4c21c44feab5c1e170abf80376a46
48048b6601e63749eb014a1dd5c31c6cc8272f633cb53849a224783e34569015
49f83def4b5c96e8c0809d901276d70b449498798c2c4584c6de262785dd142c
4d5a195f8d3400af7a2e827167273371982f74863bea8e417fb578f1f95d16ed
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345
5ced651c3af635a16cb6fe8cffda0eceac54e10aeff9bc2d856c3bcfb6f548d5
5de1f9437e0bc204f3b5536a6fa8433dea88a10b436823b6236685b49f8a7d48
6070791b5628669c71de351e7d1fc341098aaffef59675d60bc6c524250a81d0
6127bccb9effa3f98c976a3ca41f29da9b839c2684050e0caef160925d93aa0c
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6a1c82399b84e2c52d73f9578b947312d6400d13a4b4c12fa1e473fa6bd02884
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7341ec7a3f4bfb6ca0ce05fca448cbea4a628e4fc4c02bf71bcab49254de574b
7690bd90b726586b15c03511274b4d29ace4b99befd54d114a2247d40d35e932
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7b3f9ded26b95bd37f0ce1f04cc6370346458bbb28abe8dc55d8f64cd85de8f8
7cd652c6ae22dc0ddee0fe581bde233119425ef94700d65d9f2d82bfa71d0cc8
7f855f6e437fb9ab5b2c65d457c912d33ddaadbc12f00c31d51f5f0992b2dfd8
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
8885a26d7460df5f5e40e4071ea6571771f86530e82cc881646e19eed8856f4b
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b405159a0695e43ac7f4d208ce78342ff14a4a8ac5b9342ec7a8f7410ca8120
8eaa1fdb4991f4d428be6a72fb6abcf77b4c07f1ce3acc5bc15ef5365b2d83a0
8f12a1a58c4d6078ba40590dbe963171f578851a02f1e9b507c518b27df8334d
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9475f646cc1df14dbc475918d79db26490268b49d8e1a72cca0a0ed22194ff49
98885298c5a6463540ef901010d537e1110e979ac19b61a9960a326e69aa477d
9d0ef5c804d4308b77375258c3a700c57c31e939dc48772a620387fb98087a86
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9d4063941a8461606790ff081c584fb607f1c7e1ffb5f4eafe4fd5840d7af185
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dc58c034ba5d1274f26643eb802aead9978712c1d315e6720e0968b204f7a36
9ee683bc3fce4c181aa44c82078f61975235f1bf0ed7924da4d39254149aa7ca
9f2b928380f527986730b8010fcaf32a7848a643ee86977d2b008ede5eee5bb7
9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781
a03fec41cc29b8aea906d4e7c390b3d7d39f371243b0b7517cd1cdf24b0bc2f0
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51c8efa67eb4cabbd219730d59b3312b5d8c8e27d47291d11c3a76ec2061f9d
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5ff5982aa6d566ab5d87e674d990339da20d71b24398c872bdd2718f646be4c
a6e880045b430cd33f6d08c8f3f9ac1d5f5edb964cc4cf109da1c3e10bc69bd8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a941be2318d79441ad1a966e6720e8129624611ee13198f78f7c2e59dbb2668b
a9c7e1f3a5ec72454b79178c4c837517e7679d3f2edf7873a78f3593c7ca8e84
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab03ec12547341deedbf49b120ac9545397de30defeadb0a57eb5cde29be7740
ac38948118ce51a3ddbd555d2340617e7507c4d7e3c58586afba1b153aafd636
acde1e1e0a830d1136c7b58c4fe953cf6d179e7d8e496fc516d8ab4a96ff4bfd
ad95ed5a09e3273139e8b6eb0e12385f917141cae83437047c436b9ffdba09aa
ade1328c2706f71fd8794b20e3340777e2fe49ac1875eb152fab375ea2eea68e
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af5cc9d722681514c8d5eee2374054f3521a8516083b6eae712fef6ff6acdf19
b1578ba5f94e1d3f6576a4aefd2e03182bd733df1260741492a4b709d15b755f
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b7c6c7a28fdf33b4d68bf7b74e73e30769b05a86f55c0c697b7c8dde3eec83f4
b8c92c9fbc61102677c490a3bc73d35ae108d335e7181c7d7dd796cda2757d40
bc0f94089cc7a6a1bee2676b63ca84880e97e69d6b6fd5d67b872876ffca5d21
be4290f00ebd88a47fc81bfcffe33456532e133bb04699de7f7b91637047aeda
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
bfd4551464d142e6336482ee16579ff18161541f6f198035a085bcd4367dc53d
c4889dcd267c53d32e9a9d1d0c96992ad7abde128ee9ef4ad7805c72084ed97b
c581cfab3bce30352233131a4cbc18385b63982e86a0d9c97172ea12b188b282
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce320f08de8d3e52704806521512a4a9db74c1503581ec5023c6ad58f2ff3706
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
d08469f82da2f8943f19c5d191e2c27cdd56d08677760da6cc75c556845e18d3
d1a534fb185c36e26a0c4d9f0867f9ad243365f6c3cdba69d5e361743bbf9fff
d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66
d5d6b9d3b4f8f1ebaf8ba3a1e2a3122e93aff00cd9409c0fa569cde0eb8b1643
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d867cce01e0ce0cf2f9d9e0e3acec7ff2d3b1cc7027c8099a25a1c73e9e852d7
db8e600ed386c138d89fad0a8a5a9d179c6bda445a2d4c08712d6682fc576170
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
e08c4b5171fde4ef14a17c9d124f9d48d9ccf0a47c14dc42e110f4781d387ff9
e2436b01ba79eed5bec1f1c4f40cdae758cb89214aadf09f47ef4e2b7a778164
e28bcfefad2c0f3f491619132330d80cd2d4b2e138d947cc93c673a326e70b1f
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e31a7d34dbada1656df0c7464213d1e0f7c7f9fe3ec7f03099d866067cbc914a
e38d2d95ff33f47762abd8eddb99d1a1caad2c384130bf3b0d6da498f336e38e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6cb29c9dc420039a9e9952f6a9608ddbede04f22bb75822fd85309d364c7659
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e91911587ba30775be3b17574c2fb86897dd00c2654673b4f786abee49c38e9c
e92076ce9b16bc36f5fc094a6e19fa9dcd9fce5badd133a23be988362dea039b
e97e4e1a626109cc68dd6c4d590bb9af6f32522664224e559e4f2e48d9c4da53
ea3b3fccc80ec2367900c7b7fff7162a7ba2bff793b31df137ac8bfe1826a7e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1a5e82df25a880c12bfa9c4e87a56962bba1c205893b3404fb8b11f5a8067d
f50035da88d5cf95c516b93a8e0f371e37e177c75f36416d700bf9c86ebd2b2d
f71a2212eabcd2e75afe61c0fb04dd593b8ffdf48989c40877c30d7fdd54f25a
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a