ispovesti.com Open in urlscan Pro
2606:4700:3031::ac43:aa5e Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ispovesti.com/
Submission: On January 20 via manual (January 20th 2024, 4:41:11 am UTC) from ME — Scanned from DE

Summary HTTP 88 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 21 domains to perform 88 HTTP transactions. The main IP is 2606:4700:3031::ac43:aa5e, located in United States and belongs to CLOUDFLARENET, US. The main domain is ispovesti.com.

This is the only time ispovesti.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:303... 2606:4700:3031::ac43:aa5e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:30d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 1	91.209.18.90 91.209.18.90	8558 (HTTPOOL-N...) (HTTPOOL-NET-AS)
2	91.209.18.100 91.209.18.100	8558 (HTTPOOL-N...) (HTTPOOL-NET-AS)
1	2606:4700:20:... 2606:4700:20::ac43:4bcd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
88	27

17 2606:4700:3031::ac43:aa5e (United States)

ASN13335 (CLOUDFLARENET, US)

ispovesti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:30d7 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.209.18.90 (Slovenia) 1 redirects

ASN8558 (HTTPOOL-NET-AS, SI)
PTR: relay.toboads.com

relay-rs.ads.httpool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.209.18.100 (Slovenia)

ASN8558 (HTTPOOL-NET-AS, SI)
PTR: tas.toboads.com

tas-rs.toboads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4bcd (United States)

ASN13335 (CLOUDFLARENET, US)

lib.ads4g.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9cc0c3c1c6de5201c41505a20f931b70.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	ispovesti.com ispovesti.com	333 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 9cc0c3c1c6de5201c41505a20f931b70.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	270 KB
11	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	19 KB
9	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 955 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 480	166 KB
9	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	212 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 520 eus.rubiconproject.com — Cisco Umbrella Rank: 579 token.rubiconproject.com — Cisco Umbrella Rank: 477	13 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 679 gum.criteo.com — Cisco Umbrella Rank: 423 mug.criteo.com — Cisco Umbrella Rank: 3123	7 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 syndication.twitter.com — Cisco Umbrella Rank: 1527	132 KB
3	googletagservices.com 1 redirects www.googletagservices.com — Cisco Umbrella Rank: 230	95 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 657	54 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 4252	529 B
2	toboads.com tas-rs.toboads.com — Cisco Umbrella Rank: 321725	122 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6599	175 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 253	611 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	242 B
1	ads4g.pl lib.ads4g.pl — Cisco Umbrella Rank: 241908	13 KB
1	httpool.com 1 redirects relay-rs.ads.httpool.com — Cisco Umbrella Rank: 320655	218 B
1	adxbid.info adxbid.info — Cisco Umbrella Rank: 14253	82 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	79 KB
88	21

	Domain	Requested by
17	ispovesti.com	ispovesti.com
11	www.facebook.com	connect.facebook.net
8	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
8	pagead2.googlesyndication.com	ispovesti.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	ispovesti.com www.googletagservices.com securepubads.g.doubleclick.net
3	www.googletagservices.com	1 redirects ispovesti.com securepubads.g.doubleclick.net
2	eus.rubiconproject.com	adxbid.info eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	adxbid.info static.criteo.net
2	connect.facebook.net	connect.facebook.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	adx.adform.net	adxbid.info
2	platform.twitter.com	ispovesti.com platform.twitter.com
2	stats.g.doubleclick.net	ispovesti.com
2	tas-rs.toboads.com	ispovesti.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	mug.criteo.com
1	scontent.xx.fbcdn.net	www.facebook.com
1	www.google.com	tpc.googlesyndication.com
1	9cc0c3c1c6de5201c41505a20f931b70.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fastlane.rubiconproject.com	adxbid.info
1	prebid-eu.creativecdn.com	adxbid.info
1	ib.adnxs.com	adxbid.info
1	bidder.criteo.com	adxbid.info
1	syndication.twitter.com	platform.twitter.com
1	region1.google-analytics.com	www.googletagmanager.com
1	lib.ads4g.pl	ispovesti.com
1	relay-rs.ads.httpool.com	1 redirects
1	adxbid.info	ispovesti.com
1	www.googletagmanager.com	ispovesti.com
88	31

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
plus.google.com
instagram.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
adxbid.info E1	`2023-12-05` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
syndication.twitter.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.toboads.com Go Daddy Secure Certificate Authority - G2	`2023-04-07` - `2024-04-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh

This page contains 21 frames:

Primary Page: http://ispovesti.com/
Frame ID: D1378BE9DE56EDDC6746523E82ED4E79
Requests: 45 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=http%3A%2F%2Fispovesti.com
Frame ID: F4C96924FC4ACF551C9B8B7D8B126D55
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: E116E2CD86AEA3AE949DBF1521C71A40
Requests: 1 HTTP requests in this frame

Frame: https://9cc0c3c1c6de5201c41505a20f931b70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0208AF55BA90FE34B233193B06D204B4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdMFVQEo_3lqdX-plE5RP4h2IXyvFQMeA3lR44396ULuCn3BqUFHqWuXZtgKDvIstOcaFS89PxCW9rw4ngNQFRRiUndmZGAWnZnTsmg_2IXaW1ykyPUfrNV2UWk0S0HyFtML9k5qNxoulddUTFy03g69ghmv6T1W8c_hqDOYalRwchciCBMg7bfCyEXSrbk3reWn-QmuOiejhqECNL0U4h5GqlofFk_s2HKhpdhlDNYPUYJLmFIqP9Nvrgy471Ah7sPM4eiNhCjc6ruQKluJELM7t9O6OxVGLeKmeweZNNvVJh_XN1Eg_6F0RCSbYvliHMadX8KwlrpMPFmuCHRCKUPIbeqQ&sai=AMfl-YRtXgxlZacfwrUOjdNjJqh2_3vFhGLxBeJIK9J-gsYiU6iws_Uz9dbudNySyqZwxTmWRbajWDvORGtCVGhRDwz45N24uyT3JJyOf8gYXym_u4xaw2n7sC7V4IPW49FqfEgNU6PLSlp-pnhDCWsFUsXl&sig=Cg0ArKJSzER0g6yN4ShzEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 9BB363768B4FD69A6421CA7511725651
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1202209323644624&output=html&adk=329615837&adf=2762459402&lmt=1705725666&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C500x675_r&format=0x0&url=http%3A%2F%2Fispovesti.com%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&dt=1705725666158&bpp=3&bdt=248&idt=235&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D870bea116b4512fe%3AT%3D1705725666%3ART%3D1705725666%3AS%3DALNI_MZXYFnK9q--ihSVYkvg8GOd3I9IcA&gpic=UID%3D00000d4442c48123%3AT%3D1705725666%3ART%3D1705725666%3AS%3DALNI_Majww-oy7IeGS1sdmGotU13sk-ovQ&nras=1&correlator=5918292347700&frm=20&pv=2&ga_vid=2129364219.1705725666&ga_sid=1705725666&ga_hid=1565701512&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31079265%2C44785295%2C44795921%2C31080504%2C95320870%2C95320889%2C95321626%2C95321862%2C95322166%2C95322325&oid=2&pvsid=1827026096471883&tmod=1663601162&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: D8D633344291A642BC0406B956462D83
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df239500b551f3f4%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3146453&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80
Frame ID: F93388028FF28D42C09DAF4B56190063
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ac272a620f88%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3146166&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80
Frame ID: 9AE00EEF9F047675D8879AE5ABCB8B93
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29263c0166a4ac%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3146187&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80
Frame ID: 2339BFD64FE9A5EF6C59ED040700CB73
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df327af8ef076e84%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145512&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80
Frame ID: D89DF09320CF61F41F24FAA74AB369AB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10314d9813be%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145731&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80
Frame ID: B3C918EF2981C8D1C57D8F4B2AA708A3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df118f511016674c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145302&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80
Frame ID: 8C7E64AF55750B50422E47728E5AAD32
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6223d4c20768%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145196&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80
Frame ID: 515BFF53F257835B6BA7FE5601EF1E12
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2106c951621c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145329&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80
Frame ID: 37BAB6F08CA0F5CE70C13ACD689EA315
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9cfc3cb132c9c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145134&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80
Frame ID: 4813DF97C3F989208CEA4FC5842575C3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39aee1c31ebb6c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3150429&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80
Frame ID: FCF9CF595FBA741028BA5FC0CA45B040
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32c18d2396070c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&color_scheme=dark&container_width=130&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fispovest&locale=en_US&sdk=joey&show_border=false&show_faces=false&stream=false&width=180
Frame ID: A3B189DA0C509C750F3707A600104FC8
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B46114FA65F9DD42DEB9975E31E6781E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 409CA7019F73B58EEC1E2F66BCB4E199
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ispovesti.com
Frame ID: 9E42FAC0EB3D56FC041383FF79020F4E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BC291F40DEF0D3BF5567A6BFEB423AA1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ispovesti.com - Anonimne lične ispovesti

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

72 %
HTTPS

70 %
IPv6

21
Domains

31
Subdomains

27
IPs

7
Countries

1686 kB
Transfer

4470 kB
Size

16
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/ispovest

Search URL Search Domain Scan URL

URL: https://twitter.com/ispovesti

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/102258784641513431046/posts

Search URL Search Domain Scan URL

URL: https://instagram.com/ispovesti

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://relay-rs.ads.httpool.com/ HTTP 303
https://tas-rs.toboads.com/js/adi-ec561a14.js

Request Chain 12

http://www.googletagservices.com/tag/js/gpt.js HTTP 302
https://www.googletagservices.com/tag/js/gpt.js

Request Chain 13

http://stats.g.doubleclick.net/dc.js HTTP 307
https://stats.g.doubleclick.net/dc.js

Request Chain 28

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=783785871&utmhn=ispovesti.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ispovesti.com%20-%20Anonimne%20li%C4%8Dne%20ispovesti&utmhid=1565701512&utmr=-&utmp=%2F&utmht=1705725666103&utmac=UA-39630369-1&utmcc=__utma%3D175528634.2129364219.1705725666.1705725666.1705725666.1%3B%2B__utmz%3D175528634.1705725666.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=876195460&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 307
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=783785871&utmhn=ispovesti.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ispovesti.com%20-%20Anonimne%20li%C4%8Dne%20ispovesti&utmhid=1565701512&utmr=-&utmp=%2F&utmht=1705725666103&utmac=UA-39630369-1&utmcc=__utma%3D175528634.2129364219.1705725666.1705725666.1705725666.1%3B%2B__utmz%3D175528634.1705725666.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=876195460&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Request Chain 48

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 84

https://gum.criteo.com/sid/json?origin=publishertag&domain=ispovesti.com&sn=ChromeSyncframe&so=0&topUrl=ispovesti.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=aN4423wvN2hTbjNvUHJqS3ZmTGlxNkJOL2pZUlo5clJBeTNGcG9MMUdEb2Z2VkMrNjdXVEpBcFhqMTZEUytFcmJkUjZRR0Q0c1ZDdk5uT3lZaDBDQ01QcWxvcE1vaHNKL2dESUdDTkVoQS9kV0EyQk04cWdvZnlLaktOak15eTVDUkpxMFAyVXJUaEd1c08vdDdna2JoMTRNR1lBZzNxY3BWTFp4Uzd3bFJwU1ZpbHBWWG9jL2IwQTRoUlY0Y09GVUpWY1FLNTA0anN1UFhLUE4yL0FzRy8rWk1HQ2xUWFViQzhTYVlVREM3eDBWVFg4QU9TYk03ZVl0d251emhESXhqcW16U0xuT3JMT2xCWVlrWEFjdWJnckZYZzVETFlrVk5heS9HMVViaHQxMmZaYz18&cppv=2

88 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ispovesti.com/ 43 KB
12 KB 820ms
381ms Document
text/html 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ispovesti.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: 5692eee5e93e7a60c5690d94816306718997fa12264396b83a79ef5d0eab5884

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8484a4a18caa9171-FRA
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 20 Jan 2024 04:41:05 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJqG05vCn4tMRw64xBQ2eRIXIR5BkjhlB%2BUMMZR%2Fpdubc%2BskQzug82G5JPMUnKUcocm3t%2BbFw74nXm60HogAChevguiw7OGkkjjQVj9lSaJcKhOhC1%2BZWWdb%2F7cHsgQmGzN5%2BVSRiUGX4l9O"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/5.3.29
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 70ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8TZN4VTKWR

Requested by

Host: ispovesti.com
URL: http://ispovesti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cbb868b875829ec1a1e52518403272a5752d0a9a4f3f57868bec154a596184e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 20 Jan 2024 04:41:05 GMT

GET
H/1.1 200
OK styles.min_v2.css
ispovesti.com/css/ 18 KB
5 KB 18ms
14ms Stylesheet
text/css 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ispovesti.com/css/styles.min_v2.css?1612294234
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a659c5b537e8cecd748a8412949e4bc4a214ea593f23fa4ad4ada1d5368bab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1016821
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 3898
Last-Modified: Tue, 02 Feb 2021 19:30:34 GMT
Server: cloudflare
ETag: "388c84-48f8-5ba5f811a401f-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2ByATRqxu6b35Z8DasrZYPvVQ3kptAqGXQWNS2w7v27vdLCkSXwPE5S6PnoG%2FX7Xz%2FJCx1i8Jgzy1edf%2B37AkxAptZXxohXsXOjgGhYcbPfDD%2FKVR6JoT1puOi1cnZbMhL3emGkV0WlK9NVa"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 8484a4a40ea49171-FRA
Expires: Wed, 07 Feb 2024 10:15:05 GMT

GET
H/1.1 200
OK custom.css
ispovesti.com/css/custom/ 7 KB
2 KB 35ms
31ms Stylesheet
text/css 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ispovesti.com/css/custom/custom.css?1461006022
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92b944f69bf563b004b1d14781493b8daff2a9c8a20b11d77160075d3c910b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 671110
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1709
Last-Modified: Mon, 18 Apr 2016 19:00:22 GMT
Server: cloudflare
ETag: "3383b5-1cbf-530c6f9009130-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFk38oRm73AeemAKbwv1yjOF%2BKWlzTwOJMV0NaLwgSWGvCU3LipJF8kf7uHdxiyPeNtLpQShPwNpKYELSYxMZufJjzkbb31WLI04LMRWpOlX0u4Zi%2BVG8HvUr%2FvTXWYwG6%2FIsMYCqlEVnjce"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 8484a4a40a016633-AMS
Expires: Sun, 11 Feb 2024 10:17:05 GMT

GET
H/1.1 200
OK style.css
ispovesti.com/calendar/css/ 2 KB
1 KB 28ms
19ms Stylesheet
text/css 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ispovesti.com/calendar/css/style.css?1386454388
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d0e5fdb8e29b0b84a27be5abd87dcc103938ae7668cc9ef0836660f5356d28b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1691308
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 575
Last-Modified: Sat, 07 Dec 2013 22:13:08 GMT
Server: cloudflare
ETag: "300444-61d-4ecf9114b4500-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjzVlWBIknXc1YZ0FcdPW51XFnlfPUlbCRSE23hRTy5SkTc2Z3FS5fISgxYecXiAw4BrjWDOOJO03XRor%2F%2BttdtZnnapyFKA2NGc%2FrYt1ePaYdXriKuz9SrYzuh3yGsdpcK77DgZzOsqZarc"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 8484a4a40fc79290-FRA
Expires: Tue, 30 Jan 2024 14:53:22 GMT

GET
H/1.1 200
OK info_styles.css
ispovesti.com/info/css/ 2 KB
2 KB 29ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ispovesti.com/info/css/info_styles.css?1411556831
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbb4cde2dafbd50ce00fa1ce1a168b6ab4ec42d8696f04626b7b4cd148a3e9c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1701915
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 727
Last-Modified: Wed, 24 Sep 2014 11:07:11 GMT
Server: cloudflare
ETag: "32060d-88f-503cdaf836911-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzPQ13FKZ2crkVsy3oz4liwt7qj0rXxJoP1B82aJ681sGzpJNxv9P4hCQAjneU6AtnvvNTVPSbaevN3byu7bWDuz7V2prBaoWQrpL4fDAq8oF4x%2F1v8zIRblnAm3EgqdfxAyvYdvbmk59b9g"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 8484a4a41f4f4d9e-FRA
Expires: Tue, 30 Jan 2024 11:56:35 GMT

GET
H/1.1 200
OK jquery-1.9.1.min.js Show response
ispovesti.com/js/ 90 KB
33 KB 44ms
26ms Script
application/javascript 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ispovesti.com/js/jquery-1.9.1.min.js
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4397614
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 32775
Last-Modified: Tue, 26 Mar 2013 16:59:44 GMT
Server: cloudflare
ETag: "32062c-169d5-4d8d6d91d0000-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FedLnJ4VRDB4HyWcqoly4xe1FCRnOb30MCnc0s8ImaEYSTH6LDMmQdkw4aY4zztPwDhTvj4jxXH3H4KiMYbz%2BBGlBMEvOIKI9100Qi1XGHscgn0ItzbmL3aw1PapACKgBSnwginJ4OHLyri%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8484a4a42ceb6f18-CDG
Expires: Fri, 29 Nov 2024 07:07:11 GMT

GET
H2 200 ispovesti.js Show response
adxbid.info/ 265 KB
82 KB 86ms
32ms Script
application/javascript 2606:4700:3035::6815:30d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/ispovesti.js
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 314f46914aefc2dca06813c9f525b844b1a40e7ba75ec914b070c688299eec9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:35:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3208
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raAJuBLlo83HidjO%2B0LWNccIF9CoQ15fit2LSbXgG6Z5w%2FlSAOG8L%2BKhyeRo%2Fwzegd%2Bk5aJHdlb099szR%2FDrBJJM4a9eSO3HYs8KbmMsCbGuqJHqVJMcAuYC6l53T5dWoJ7MAEvJ%2FxRWkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8484a4a4bbb0d0b5-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 125ms
85ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ispovesti.com
URL: http://ispovesti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35416662d65bf7170f1f31b43376d8a8c90ccd6e94a1f00c7c97bbdd6e5d415f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51148
x-xss-protection: 0
server: cafe
etag: 7569113525125031693
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 20 Jan 2024 04:41:06 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 158ms
99ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ispovesti.com
URL: http://ispovesti.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05afe8252457a4ac2e9e78b825c4cd6c45db5a4bd734b7094908c808bdf61b38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29413
x-xss-protection: 0
server: cafe
etag: 852 / 19742 / m202401160101 / config-hash: 15866861927224639442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 04:41:06 GMT

GET
H2

200

adi-ec561a14.js Show response
tas-rs.toboads.com/js/
Redirect Chain

https://relay-rs.ads.httpool.com/
https://tas-rs.toboads.com/js/adi-ec561a14.js

121 KB
121 KB

161ms
80ms

Script
text/javascript

91.209.18.100
HTTPOOL-NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tas-rs.toboads.com/js/adi-ec561a14.js
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/
Protocol: H2
Server: 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI),
Reverse DNS: tas.toboads.com
Software: nginx / PHP/7.1.13
Resource Hash: 129903f7de528fe1f19d1fb4b15eb74b533caae2fa806d2ca8a010c60e77059b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
last-modified: Tue, 05 Dec 2023 13:52:32 GMT
server: nginx
x-powered-by: PHP/7.1.13
etag: W/"ebadc3b25a8662991415a39814ec4260"
content-type: text/javascript;charset=UTF-8
p3p: policyref="/w3c/p3p.xml", CP="httpool"
cache-control: private, max-age=21254400
expires: Wed, 07 Aug 2024 12:52:32 GMT

Redirect headers

location: https://tas-rs.toboads.com/js/adi-ec561a14.js
date: Sat, 20 Jan 2024 04:41:06 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
last-modified: Sat, 20 Jan 2024 04:41:06 GMT
server: nginx
x-powered-by: PHP/7.1.13
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK main.ispovesti_v2.js Show response
ispovesti.com/js/ 34 KB
8 KB 30ms
13ms Script
application/javascript 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ispovesti.com/js/main.ispovesti_v2.js?1574490181
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff2e118027cd85b684c13b6dfc10528e3f34514fe8c1f53b9ce652937458f8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4587823
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 7339
Last-Modified: Sat, 23 Nov 2019 06:23:01 GMT
Server: cloudflare
ETag: "4e3372-88ae-597fd8ff88cf9-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfu8q%2B4LNMubbqNcgYzL2l3zLn1qmJsmRAhDa0lFSRSqWIrJyqldw4Z%2BeZxe9L6FWqEstnC7PmGeQe1SIbMk%2B7djHbRu9XrmzpxT56ilqcDr23x7%2B3zjF4qMWaonnS2C1yvL1evEmWJPzyL6"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8484a4a42eb29171-FRA
Expires: Wed, 27 Nov 2024 02:17:02 GMT

GET
H/1.1 200
OK 9094980374222f38e011.js Show response
lib.ads4g.pl/publisher/ispovesti.com/ 26 KB
13 KB 39ms
20ms Script
application/javascript 2606:4700:20::ac43:4bcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://lib.ads4g.pl/publisher/ispovesti.com/9094980374222f38e011.js
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4bcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7840b242fd9d03e90d4337518d24c8ebf3676f32bb22b8b01e09d50fb87962b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5635
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 10:54:15 GMT
Server: cloudflare
ETag: W/"633c10d7-67e1"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H94u4ObM8Vz5NV1MDokn8v6slrzEeoZnjGNLy9ECLDh%2F5vCx%2FhbWWZUhCEaVhg7dAQqkWkw2Wm95Mox9REJuKZ0bxGQRWma%2FoApsn0AAhVV912GbvUH%2F%2BKTx0XrGsqI6WbomcyC%2Beeh6ng%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
CF-RAY: 8484a4a48e638ff8-FRA
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Expires: Sat, 20 Jan 2024 06:07:11 GMT

GET
H2

200

gpt.js Show response
www.googletagservices.com/tag/js/
Redirect Chain

http://www.googletagservices.com/tag/js/gpt.js
https://www.googletagservices.com/tag/js/gpt.js

97 KB
29 KB

56ms
55ms

Script
text/javascript

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ispovesti.com
URL: http://ispovesti.com/

Protocol

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4689675d546920c2ad44be24b4e69374ae06876bf75857bcc90a2efde6c3778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29413
x-xss-protection: 0
server: cafe
etag: 859 / 19742 / m202401160101 / config-hash: 15866861927224639442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 04:41:06 GMT

Redirect headers

Date: Sat, 20 Jan 2024 04:41:06 GMT
X-Content-Type-Options: nosniff
Server: cafe
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Location: https://www.googletagservices.com/tag/js/gpt.js
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 20 Jan 2024 04:41:06 GMT

GET
H2

200

dc.js Show response
stats.g.doubleclick.net/
Redirect Chain

http://stats.g.doubleclick.net/dc.js
https://stats.g.doubleclick.net/dc.js

45 KB
17 KB

63ms
20ms

Script
text/javascript

2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: ispovesti.com
URL: http://ispovesti.com/

Protocol

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 03:44:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3369
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Sat, 20 Jan 2024 05:44:57 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/dc.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 19ms
11ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:05 GMT
Content-Encoding: gzip
Age: 1125
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/6795)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK mosaic.png
ispovesti.com/images/ 10 KB
11 KB 25ms
24ms Image
image/png 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ispovesti.com/images/mosaic.png
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/css/styles.min_v2.css?1612294234
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ecf958ab57002f5224ba290e89640ee2aa12175417c45c5097723fa70ecc037

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/css/styles.min_v2.css?1612294234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:05 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4413504
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 10527
Last-Modified: Tue, 26 Jan 2016 21:59:28 GMT
Server: cloudflare
ETag: "300489-291f-52a43ccb018f3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPQ%2B20sUYcBXzA%2F2y2vU9tsrrKlTpCMm7Ci5hBP9sVZpGjB095HbMirknbr6Uc1T7n3kBsa5StuaIPccpKJfZdYURBEnMTZvt5onadH2a2GtEgnscXPTR9t7g0cZEBrYicnOwIu6RNkxuWQL"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8484a4a47d556f18-CDG
Expires: Fri, 29 Nov 2024 02:42:22 GMT

GET
H/1.1 200
OK isp-sprite-3.png
ispovesti.com/images/ 26 KB
27 KB 17ms
17ms Image
image/png 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ispovesti.com/images/isp-sprite-3.png
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/css/styles.min_v2.css?1612294234
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fcc9febc6e47efcb4bbcc40500cfda8762c376e1db120e15a2275928d4260ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/css/styles.min_v2.css?1612294234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4483790
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 26941
Last-Modified: Sun, 08 Dec 2013 03:16:18 GMT
Server: cloudflare
ETag: "321813-693d-4ecfd4d80a480"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KIHsKaU%2F6QuZXR053waukODKzWTHA02u1smbbpScs8VIzeSkK4kVhB8TIXMWM17iZfF6c91jI1kamulFpPiK%2BpqE%2BqH3%2BPOyjz895%2FIi7a724nTa5vSOZUXBj4pdMCeo5NfwdkGvEifVnzp"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8484a4a47ef99171-FRA
Expires: Thu, 28 Nov 2024 07:10:55 GMT

GET
H/1.1 200
OK per1.png
ispovesti.com/images/ 1 KB
2 KB 24ms
24ms Image
image/png 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ispovesti.com/images/per1.png
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/css/styles.min_v2.css?1612294234
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5da2956f229233bb8c6097b72d0e09155caee3b1a2af94fb36610ea92849279d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/css/styles.min_v2.css?1612294234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4225226
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1494
Last-Modified: Wed, 05 Mar 2014 18:58:32 GMT
Server: cloudflare
ETag: "321830-5d6-4f3e09b62a600"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zwQkH2jdOVmR2gwPgNmt1jEFYi5gccnBYGCnOETc7zKCgIYl9BofKYr6jxRk0GssQskrxWQguubZWNkXrQsClkc%2BX3xu0KmhYf4n%2FsCdO0k6EdcY2EanJl6WOkXhv8hlVQCLQc8flIQFf81"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8484a4a47ff09290-FRA
Expires: Sun, 01 Dec 2024 07:00:24 GMT

GET
H/1.1 200
OK SEGOEUIL.ttf
ispovesti.com/assets/ 323 KB
185 KB 23ms
23ms Font
application/x-font-ttf 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ispovesti.com/assets/SEGOEUIL.ttf
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/css/styles.min_v2.css?1612294234
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cea1f3385b7d2e8930533d6b1c721d0916806035995fc681f02b548fdad38ea

Request headers

Referer: http://ispovesti.com/css/styles.min_v2.css?1612294234
Origin: http://ispovesti.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 484489
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sat, 30 Mar 2013 14:30:28 GMT
Server: cloudflare
ETag: "300437-50c9c-4d9253aa8c900-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGQ%2BLStTCcH9f%2FiTnxP2xSabRh7lk9v5d8imhevFOz9BjUWZxXS9znqT4q35M8i577py3htjsoQiaI30sxFjNOBRatjVGWXpYO8FGlI3IQguymExarBhaf1%2BaHtS7BmHKsENullWT07I702j"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-font-ttf
Cache-Control: max-age=2592000
CF-RAY: 8484a4a47a566633-AMS
Expires: Tue, 13 Feb 2024 14:07:30 GMT

GET
H/1.1 200
OK comment.png
ispovesti.com/images/ 261 B
1 KB 16ms
16ms Image
image/png 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ispovesti.com/images/comment.png
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/css/styles.min_v2.css?1612294234
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5b5055ed9477d135cfb3277719b4ae55137fc5822672e1c6cae0fff65c7f76a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/css/styles.min_v2.css?1612294234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3140082
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 261
Last-Modified: Sat, 11 Feb 2017 22:53:23 GMT
Server: cloudflare
ETag: "300ac6-105-5484914da4cac"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqSo91tZLNB%2BuxVfIV2sjf0SatzZ7Zpj5PHJ1nFefuUh7ZsBiX4toMw4tnFiu%2BTLfD0M6eBlcUr1jugd4M7i3auAZM8l2dN5KJYr8Lgd%2FCiyNXWv1HFTpp7hVPT4qW7OUpqXWRMeUmVMHt4Y"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8484a4a47f824d9e-FRA
Expires: Fri, 13 Dec 2024 20:26:34 GMT

GET
H/1.1 200
OK arrow-left.png
ispovesti.com/images/ 1 KB
2 KB 40ms
24ms Image
image/png 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ispovesti.com/images/arrow-left.png
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/css/custom/custom.css?1461006022
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b854c68fc478d44a8d9bb67fa7a5368fb34aa4f9d46f24f84ee3388f8fd1987

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/css/custom/custom.css?1461006022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4868185
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1099
Last-Modified: Thu, 26 Dec 2013 00:19:50 GMT
Server: cloudflare
ETag: "321804-44b-4ee64ef8d5580"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZW44Of8s3lAbdSq43MUHMnnPOflRWf0VnWcsLr8u1hNVo9M27o8H7MVqid7O6p3ptG4WLhBJ2B0nCClo8WiwRmvW7cWdt7%2FjKqI%2BXP%2FV3I6Qki2VcplTySEI5Ft%2F8txAEqUZvjpfgXOO%2FQr"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8484a4a49d6d6f18-CDG
Expires: Sat, 23 Nov 2024 20:24:21 GMT

GET
H/1.1 200
OK arrow-right.png
ispovesti.com/images/ 1 KB
2 KB 15ms
13ms Image
image/png 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ispovesti.com/images/arrow-right.png
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/css/custom/custom.css?1461006022
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9897a0bbea2d9ec1bdf2924eae9f0c4944bc87bdaccf9c6c13f66a70d7865b01

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/css/custom/custom.css?1461006022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 988247
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1129
Last-Modified: Thu, 26 Dec 2013 00:19:54 GMT
Server: cloudflare
ETag: "321808-469-4ee64efca5e80"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2b7GvHbjDzdJymW90TI4D97y4tYnP6JYdao1I%2BLPJtWc%2FtWQj0Gz5WEkogy6gos87F%2FDRBYNBjy1r4jHV6B7h1Jigz9UjqU4M%2BnTfmmZ928wxKuVNrt5R1Z4jYAoqQ1NZmSnpwj47HirEsf"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8484a4a49f924d9e-FRA
Expires: Tue, 07 Jan 2025 18:11:21 GMT

GET
H/1.1 200
OK isp-sprite-4.png
ispovesti.com/images/ 27 KB
28 KB 19ms
18ms Image
image/png 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ispovesti.com/images/isp-sprite-4.png
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/info/css/info_styles.css?1411556831
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05994d87e448b89cb2a51dfe590cf939282cad15459fdf7e8cc264a0a9373994

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/info/css/info_styles.css?1411556831
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1099555
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 28139
Last-Modified: Sun, 05 Jan 2014 09:57:04 GMT
Server: cloudflare
ETag: "321814-6deb-4ef362a4ffc00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nqh7ZdUSlCTavqi8WP16Aar5Gqv2QAHkds6kSC%2BHWqISrXGFVRdxyWi5POSrkr2ZMnlhLO2cwkPkCEteFnjfkzkWr9AJrqX9njcmV56xkEMt1LtDafm4spD%2BRh%2BbVDfVQewpKQwmoS8Ax9re"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8484a4a4af179171-FRA
Expires: Mon, 06 Jan 2025 11:16:10 GMT

GET
H/1.1 200
OK social-footer.png
ispovesti.com/info/images/ 4 KB
5 KB 16ms
16ms Image
image/png 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ispovesti.com/info/images/social-footer.png
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/info/css/info_styles.css?1411556831
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59fe485551eade8097556080e7024372c459f2ce970aee6baf441fe9ae5a123

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/info/css/info_styles.css?1411556831
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1206793
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 3872
Last-Modified: Mon, 30 Sep 2013 21:44:20 GMT
Server: cloudflare
ETag: "320612-f20-4e7a0bd169500"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCusWaab1Css9vxsqu%2FaQrJYnDTgW7ckq3muE6OumfxJghT8Z4Eoz0ov9xFEfleJkU3%2BG6ZB3VFq7H2Zg8Q6%2BsMYdtDYH4HVvkmPUH4O5bKJKlGTKVwe74k1uG40cLa1EH%2BRac1UQ07SPRgf"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8484a4a4afff9290-FRA
Expires: Sun, 05 Jan 2025 05:28:50 GMT

GET
H/1.1 200
OK foot_img.png
ispovesti.com/images/ 7 KB
7 KB 18ms
18ms Image
image/png 2606:4700:3031::ac43:aa5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ispovesti.com/images/foot_img.png
Requested by: Host: ispovesti.com
URL: http://ispovesti.com/info/css/info_styles.css?1411556831
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:aa5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c947046dc161e7bde59e53e0feb599a8e5ab319cf9fce09b8e0fc6d620ac544c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/info/css/info_styles.css?1411556831
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3105756
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 6753
Last-Modified: Wed, 11 Sep 2013 18:08:46 GMT
Server: cloudflare
ETag: "321811-1a61-4e61f832d4780"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6w5RPUKvSRqW7qpy1trOQexKCHotqvrlFSc1ZGEgpmzMilZi4XCZyvBQQ6iYZJcC3OwhB0UzVctYC9E8zXV1%2BbnRXb8ZbWCKejuEFSBtcu4ESo8aA8hpEfTA8gesYHyz0yjGTS5o8UcIDeGA"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 8484a4a4afa14d9e-FRA
Expires: Sat, 14 Dec 2024 05:58:41 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame F4C9 319 KB
104 KB 38ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=http%3A%2F%2Fispovesti.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3410367
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Jan 2024 04:41:06 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H2 204 collect
region1.google-analytics.com/g/ 0
242 B 50ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8TZN4VTKWR&gtm=45je41h0v9117443242&_p=1705725665963&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2129364219.1705725666&ul=en-us&sr=1600x1200&_s=1&sid=1705725666&sct=1&seg=0&dl=http%3A%2F%2Fispovesti.com%2F&dt=Ispovesti.com%20-%20Anonimne%20li%C4%8Dne%20ispovesti&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=966
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8TZN4VTKWR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:41:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ispovesti.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F4C9 869 B
659 B 149ms
118ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=109e8684ddb3e9603e543770b369a60beef962b9

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=http%3A%2F%2Fispovesti.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time: 110
date: Sat, 20 Jan 2024 04:41:05 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sat, 20 Jan 2024 04:41:06 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 470fb0f2f8795697
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: f2be06598dfd0196b47576ff8b6f0af630879861d90772e3fe686e1ad5899027
content-length: 337

GET
H2

200

__utm.gif
stats.g.doubleclick.net/r/
Redirect Chain

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=783785871&utmhn=ispovesti.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ispoves...
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=783785871&utmhn=ispovesti.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ispove...

35 B
198 B

20ms
20ms

Image
image/gif

2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=783785871&utmhn=ispovesti.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ispovesti.com%20-%20Anonimne%20li%C4%8Dne%20ispovesti&utmhid=1565701512&utmr=-&utmp=%2F&utmht=1705725666103&utmac=UA-39630369-1&utmcc=__utma%3D175528634.2129364219.1705725666.1705725666.1705725666.1%3B%2B__utmz%3D175528634.1705725666.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=876195460&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: ispovesti.com
URL: http://ispovesti.com/

Protocol

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 20 Jan 2024 04:41:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=783785871&utmhn=ispovesti.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ispovesti.com%20-%20Anonimne%20li%C4%8Dne%20ispovesti&utmhid=1565701512&utmr=-&utmp=%2F&utmht=1705725666103&utmac=UA-39630369-1&utmcc=__utma%3D175528634.2129364219.1705725666.1705725666.1705725666.1%3B%2B__utmz%3D175528634.1705725666.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=876195460&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 92ms
29ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.16.0&cb=16535713816

Requested by

Host: adxbid.info
URL: https://adxbid.info/ispovesti.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://ispovesti.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ispovesti.com
date: Sat, 20 Jan 2024 04:41:05 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 50 B
611 B 73ms
31ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: adxbid.info
URL: https://adxbid.info/ispovesti.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:41:06 GMT
an-x-request-uuid: b149da98-1d43-476f-8288-e1c3fea4b13e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ispovesti.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.131; 178.162.209.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 50
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 118ms
27ms Preflight 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://ispovesti.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: http://ispovesti.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 73ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: adxbid.info
URL: https://adxbid.info/ispovesti.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ispovesti.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ispovesti.com
date: Sat, 20 Jan 2024 04:41:06 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
751 B 156ms
66ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=70760&zone_id=336224&size_id=15&rp_schain=1.0,1!luponmedia.com,1994179,1,,,&rf=http%3A%2F%2Fispovesti.com%2F&tk_flint=pbjs_lite_v5.16.0&x_source.tid=f41a78b3-cba6-4f43-85b0-2509dee25cee&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2627070594723149
Requested by: Host: adxbid.info
URL: https://adxbid.info/ispovesti.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8de9d11c5927e2cbd373399f9e3e429fd3628b5402abd8fc4fdede6dbf9bff8b

Request headers

Referer: http://ispovesti.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:41:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://ispovesti.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 239
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
529 B 131ms
76ms XHR
text/plain 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: adxbid.info
URL: https://adxbid.info/ispovesti.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://ispovesti.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:41:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://ispovesti.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 430 KB
135 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28465
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138162
x-xss-protection: 0
server: cafe
etag: 1666572220375911148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 18 Jan 2025 20:46:41 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 402 KB
137 KB 109ms
109ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1202209323644624&plah=ispovesti.com&bust=31080504

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e443717b6187ea6b759316b8bd2622aa30c1ab7a33b52c60f0a0bdad5c2a735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139636
x-xss-protection: 0
server: cafe
etag: 9229624495607395650
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 04:41:06 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame E116 9 KB
4 KB 57ms
15ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 00:24:58 GMT
etag: 9219409622527106327
expires: Sat, 03 Feb 2024 00:24:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 70 KB
25 KB 72ms
72ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1827026096471883&correlator=394738263759067&eid=31079957%2C31079233%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=190621946%2CIspovesti_300x250%2CIspovesti_300x250_P1%2Cengagement%2Cbranding_right%2Cwallpaper%2C750x200&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=300x250%7C300x600%2C300x250%2C1x1%2C300x600%7C1x1%7C160x600%2C1x1%2C750x200&ifi=2&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1705725666266&lmt=1705725666&adxs=960%2C960%2C-9%2C-9%2C0%2C425&adys=499%2C154%2C-9%2C-9%2C0%2C1000&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&tos=~~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fispovesti.com%2F&vis=1&psz=300x0%7C300x-1%7C0x-1%7C0x-1%7C1x-1%7C1600x-1&msz=300x0%7C300x-1%7C0x-1%7C0x-1%7C1x-1%7C750x-1&fws=0%2C0%2C2%2C2%2C512%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=2129364219.1705725666&ga_sid=1705725666&ga_hid=1565701512&ga_fc=true&dlt=1705725665910&idt=332&adks=2083853432%2C988085029%2C4021175829%2C1109650513%2C346878802%2C3497597877&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2eba5de2e553f845633e4139fdee299bb3cb237c62340d56218b9250097b4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26002
x-xss-protection: 0
google-lineitem-id: -2,8880946,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,34998506386,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://ispovesti.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9cc0c3c1c6de5201c41505a20f931b70.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0208 6 KB
3 KB 96ms
21ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9cc0c3c1c6de5201c41505a20f931b70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sun, 19 Jan 2025 04:41:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9BB3 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdMFVQEo_3lqdX-plE5RP4h2IXyvFQMeA3lR44396ULuCn3BqUFHqWuXZtgKDvIstOcaFS89PxCW9rw4ngNQFRRiUndmZGAWnZnTsmg_2IXaW1ykyPUfrNV2UWk0S0HyFtML9k5qNxoulddUTFy03g69ghmv6T1W8c_hqDOYalRwchciCBMg7bfCyEXSrbk3reWn-QmuOiejhqECNL0U4h5GqlofFk_s2HKhpdhlDNYPUYJLmFIqP9Nvrgy471Ah7sPM4eiNhCjc6ruQKluJELM7t9O6OxVGLeKmeweZNNvVJh_XN1Eg_6F0RCSbYvliHMadX8KwlrpMPFmuCHRCKUPIbeqQ&sai=AMfl-YRtXgxlZacfwrUOjdNjJqh2_3vFhGLxBeJIK9J-gsYiU6iws_Uz9dbudNySyqZwxTmWRbajWDvORGtCVGhRDwz45N24uyT3JJyOf8gYXym_u4xaw2n7sC7V4IPW49FqfEgNU6PLSlp-pnhDCWsFUsXl&sig=Cg0ArKJSzER0g6yN4ShzEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: ispovesti.com
URL: http://ispovesti.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 20 Jan 2024 04:41:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 9BB3 23 KB
9 KB 70ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 09:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 09:16:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9BB3 3 KB
1 KB 72ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:40:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:40:08 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BB3 206 KB
65 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 04:41:06 GMT

GET
H2 200 2986559298110159934
tpc.googlesyndication.com/simgad/ Frame 9BB3 30 KB
31 KB 71ms
21ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2986559298110159934

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f1422cf1bee721109db3eb79d22562b1c6c69e2cacb4d4bec0fe2ba4419c9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 07:37:26 GMT
date: Wed, 17 Jan 2024 07:37:26 GMT
x-content-type-options: nosniff
age: 248620
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31087
x-xss-protection: 0
last-modified: Mon, 26 Aug 2013 11:28:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 9BB3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d7f9aced9a8d128229c44cfe23ff24421479061e742244b572c9bf485def153

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D8D6 0
315 B 80ms
79ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1202209323644624&output=html&adk=329615837&adf=2762459402&lmt=1705725666&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C500x675_r&format=0x0&url=http%3A%2F%2Fispovesti.com%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&dt=1705725666158&bpp=3&bdt=248&idt=235&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D870bea116b4512fe%3AT%3D1705725666%3ART%3D1705725666%3AS%3DALNI_MZXYFnK9q--ihSVYkvg8GOd3I9IcA&gpic=UID%3D00000d4442c48123%3AT%3D1705725666%3ART%3D1705725666%3AS%3DALNI_Majww-oy7IeGS1sdmGotU13sk-ovQ&nras=1&correlator=5918292347700&frm=20&pv=2&ga_vid=2129364219.1705725666&ga_sid=1705725666&ga_hid=1565701512&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44759837%2C31079265%2C44785295%2C44795921%2C31080504%2C95320870%2C95320889%2C95321626%2C95321862%2C95322166%2C95322325&oid=2&pvsid=1827026096471883&tmod=1663601162&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1202209323644624&plah=ispovesti.com&bust=31080504

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 20 Jan 2024 04:41:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9BB3 0
0 81ms
47ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssInl1A8us3vDLIAljdEwM4p7g45GT6P8XIc0Ej90u4qtYOeHyfXIB_dvXAIypf_6f5_-nvzf2uWV-9G15L9lh5FNlJFP0iGC8ejifTGU04rSUVaEQOsKFEf26LgUyMJUXLqkEmhNxkDcCnXNd_t5hzaKCGw2EQwioEmv3imx0ozuT2W6uOB8ug5ewkHJa7wLMjlB_SQ9xXy1OX0bTwttIcasB0cNo6OFOxHPLOwqg-_v9OfnFazAZoxLGzx6QkQv2HFVa7PReQBEUWzLlBA6dSuzW9yyV60HmAy1l6vQAa48oPbW0K56btOAaASWunIQd5iDFccjpiTxB1O7V-P7wKkAhtl1jO&sai=AMfl-YRpI6cOPpErb0hkvGM-ndCv5ozHDCAlOfMNG0xMh-vqYkO-c68i6X8Vf8x_5EJNVu-a5Hmcz33qXw_X2sg-mCJc9vbszYdE0VcHR802wgTx8iwTzdGKIijiQHAyg1sDonVyN8t4dvflvNmQHEFClIsD&sig=Cg0ArKJSzCK3pbHI_oCIEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 20 Jan 2024 04:41:06 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
3 KB

23ms
7ms

Script
application/x-javascript

2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Protocol

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

781f61d26f26021d6297d6dd43c2598e6fafff3a11ed84c70607ff1b74be4b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 04:41:06 GMT
content-md5: PMr50yTq1hAdhzQlE3+fHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: hAb3/k/h8oXPV3+EYkLtPqp2gE/I2+ZXUs9VJ5L1AJ2nASM9/fCQhkBwJ2ed0tJHpaA4ksRwqJn/nhAaVtcGTg==
x-fb-content-md5: 34eea0535f2e43459244a26e501917a6
cross-origin-opener-policy: same-origin-allow-popups
etag: "92b706a0c70f9c646b547f91b1f43e23"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 20 Jan 2024 04:41:44 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1&appId=540760192613233
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 87ms
59ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3195781c4444e0567c041136a85a78f8924cf3754986d2cafe95d7ea3943e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12199
x-xss-protection: 0

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e8d76b52e2d77f45e4c9240ca3adbc628697227b40e95c31c79b2ad8f9c2b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://ispovesti.com/
Origin: http://ispovesti.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 04:41:06 GMT
content-md5: zFGxF7xeFylHO9Aoxu+TWQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87866
reporting-endpoints
x-fb-debug: 4o9xaMuBZMNYNK7syEy5zLjzCUpSKwfjP/nVHK1tmtw9uVyUcVbvzHn6KHbxew9ePmr/KATBJG7O7hgs3rAakg==
x-fb-content-md5: c62f1fda1bdb8eade3b742cd1f467e09
cross-origin-opener-policy: same-origin-allow-popups
etag: "fe7ce7006ed0bc4b4bab1aec01e769a8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 19 Jan 2025 03:42:39 GMT

GET
H2 200 adl-a4605d68.js Show response
tas-rs.toboads.com/js/ 235 B
473 B 50ms
48ms Script
text/javascript 91.209.18.100
HTTPOOL-NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tas-rs.toboads.com/js/adl-a4605d68.js?b=1&rq=555a3b76-a529-5a61-aed7-c971df88c250&vt=1b051f64-fe92-43f5-ab5c-9db0c1360a8a&isf=false&zn=ec5a93b48&tm=0&af=570x0&fv=undefined&nw=0&co=1&vh=1200&vw=1600&asc=1&srf=http%3A%2F%2Fispovesti.com%2F&loc=eq-srf&rn=c5f13a46-83d2-5695-3e47-102dbac4341a&ct=3483ed29-3dce-5562-03b7-eb3aa00bbf25&c=hA_c_0_43fe994e&ah=0&
Requested by: Host:
URL: webpack:///../javascript/src/WindowManager.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI),
Reverse DNS: tas.toboads.com
Software: nginx / PHP/7.1.13
Resource Hash: a1240f3426581d15a0c42680894786bffa1d4dc911109b4d5c2df69f7318f69a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:41:06 GMT
last-modified: Sat, 20 Jan 2024 04:41:06 GMT
server: nginx
x-powered-by: PHP/7.1.13
p3p: policyref="/w3c/p3p.xml", CP="httpool"
content-type: text/javascript; charset=utf-8
cache-control: private, max-age: 0
expires: Sat, 20 Jan 2024 03:41:06 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame F933 0
117 B 81ms
45ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df239500b551f3f4%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3146453&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: PhrUyDwLOyeewVPTWz1UsgerwT7thiabIsKVu2vNbi+XLmUyUU9g4x9PnVqgugmzEV9/sVNYj9qWQqqf7l4tBQ==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 9AE0 0
119 B 79ms
44ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ac272a620f88%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3146166&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: psJuWRM7mNGv5mBS0gq+nTy9HgMfPPVaXGk3Wq8RbjxVghLP6sPyHRZ+ibSPpiom6K5Vi16XFs2+Bz5EA/O2AA==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 2339 0
2 KB 74ms
41ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29263c0166a4ac%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3146187&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: hEuV8giph4pv5d7dIqvwn6npUoq+o5DMrFJGOrg2Vgi/FC7R8EJ/ciXz28PJVXQQ1EF1M3KUE+5ncs+1y54KPA==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame D89D 0
117 B 82ms
51ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df327af8ef076e84%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145512&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: 09HcywmMtpxvvqoUPWAx/qQSEQBahOkw86YRgufj3Tqh/OeRloxTzwl53OEjbyclSxvuc4bhYygZvVjYU0ATvA==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame B3C9 0
118 B 72ms
43ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10314d9813be%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145731&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: ikr2HzEhtqS+65IW17HIFSF1fuI2cOYQlL3dVIEOYjneMrCIJ19rraBsWfdAwW/cFVnuXkkUZEBSDYg5DMLKpA==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 8C7E 0
1 KB 76ms
49ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df118f511016674c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145302&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: kD53Tw3P3GQNSf6suf5PhN4y1RRu1xKe1hz15Ow8r/EFSdJTOVl6MPIYddiuxR1Oehk1YL2F7vjE1khzVagkpg==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 515B 0
116 B 69ms
44ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6223d4c20768%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145196&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: KWdBBR3K1issv0BPt6f4gxYS50G1ksaCxQ3vzdabUZMaQTFqtGTRE75AzG6lAiHaCQ8ihq58h2+QtxNwvvOC4g==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 37BA 0
116 B 72ms
49ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2106c951621c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145329&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: FMqh1H9qosnhO4ZB7lp9eXCMaxk0ydVhrWJZiy5qoRDSGMtXlZV3020xqWOgqPWIW4H1ei1cmjD1h7mpnkeMCg==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 4813 0
119 B 64ms
43ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9cfc3cb132c9c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3145134&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: aAyNWz4H/oKznL7qItfwwPh+kb/iL+zGE97VFM555nDGyaKOQzjYBvxDkuh542GRnuzgMnU67usfqYHcqLEEBQ==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame FCF9 0
116 B 62ms
42ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39aee1c31ebb6c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&container_width=144&font=arial&href=http%3A%2F%2Fispovesti.com%2Fispovest%2F3150429&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: jfB7svolY/lcekZVLQKLVq1vb0qAEQn8uuZp5dOCbsmuH5bH9hbv9tneYZRcKgdiadf4oXWNOcEQOpBTNw3pHw==
x-xss-protection: 0

GET
H2 200 like_box.php Show response
www.facebook.com/plugins/ Frame A3B1 46 KB
15 KB 97ms
79ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32c18d2396070c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&color_scheme=dark&container_width=130&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fispovest&locale=en_US&sdk=joey&show_border=false&show_faces=false&stream=false&width=180

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c152af8b14a314a8095d4b38e11e69de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87e547bf5572a39b0da18cf388d59cb75d91441774b1d205a08b45e6949a3ae2

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 04:41:06 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: OlCzYf41fVl+OdoeKl6CadOjWfjqADm6cB2rz2QrGsHVWUv2CShKlDd7GTiULlk/ZLR+YJFFsewFhn1OYDPcjQ==
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 04:41:06 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B461 13 KB
5 KB 17ms
16ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 22:10:53 GMT
expires: Sat, 18 Jan 2025 22:10:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 409C 829 B
1 KB 75ms
34ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc05a5bf73aec874ffb7ff4a7d5c0c1b6a1eeea038f570df474a84265d1f58f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fQZP1k2heqyF7nwgRMMZmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fQZP1k2heqyF7nwgRMMZmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 04:41:06 GMT
expires: Sat, 20 Jan 2024 04:41:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame B461 39 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 14:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 14:00:04 GMT

GET
H2 200 nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame A3B1 19 KB
6 KB 27ms
9ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32c18d2396070c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&color_scheme=dark&container_width=130&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fispovest&locale=en_US&sdk=joey&show_border=false&show_faces=false&stream=false&width=180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o/7VM47+HYG0hT0S5PaW4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5162
reporting-endpoints
x-fb-debug: p3gWGRdIZg+hOkFFdxsUXaP0e4PJ6jzPTxwHwsXx2BEktZ6Jo+Z5sdwkM/vMwfQShH6FwzCPBpJJNxVSTEsiFA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 17 Jan 2025 10:29:03 GMT

GET
H2 200 oZB9N6h5pPF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame A3B1 353 KB
91 KB 38ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07e7fe2ae1f7a8b12a42abe3d98f965966c1b8f505d3b4b2c951ed072bc3bca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xo4X8+9CY4R/JniO37MSig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93331
reporting-endpoints
x-fb-debug: 5T+v2ABtZkCG63NGrhIga9AnC5BqBazlmUFUX5VG+xb9lc7+TtDx5K6+Gsgr68YQRQeaYnzsL4hnNbGE/GCE+w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 18 Jan 2025 00:02:34 GMT

GET
H2 200 Cn_OgNtBsi4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame A3B1 7 KB
3 KB 30ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/Cn_OgNtBsi4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da9912d4e908e3788e753fe3583a9063c0b65049f82d366fe871f03368f7ce10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: B9gIP5hWP1n5LlUoNnhxow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2301
reporting-endpoints
x-fb-debug: Lv1Y+b1V5BFfWx3+71/rBrxTfFBtS8beoHIBWm27cUCT4OKvkpCPEHTFEe3PAwdvjD82ofN8fEv81FoDgBSG3A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 09 Jan 2025 17:29:56 GMT

GET
H2 200 ru8zNtgW1u3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame A3B1 94 KB
27 KB 47ms
30ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/ru8zNtgW1u3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0563dbb4bb81c6b1f745145ff4ca39c3d63daf31952c521dbb689dda5b26ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xfgcH48ZrXyM9ExSIhREow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27517
reporting-endpoints
x-fb-debug: wuiU1AE3Omiy5urglUppCzfizTb/80KcAkbBc8rtYtZM6lSbJnbMHPW7W6U7aspHgfWlcPVgEuYXO5rOLdmFow==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 11 Jan 2025 16:04:37 GMT

GET
H2 200 WDd6AOxHz0q.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame A3B1 51 KB
16 KB 29ms
11ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/WDd6AOxHz0q.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cac134aca5d573ff54447519d5cb7ccb10e4be05e58ab04d1c823e9ca05de0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iP8mA2aK/kTnUfNMkpvOEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16598
reporting-endpoints
x-fb-debug: YuV8BC3TZDspteA381w/ZylmzYNnVt82MUxkEPqca123kcWNLHxCtQeOVX40IitgFy8yormybnF0ijMFatz0+Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 16 Jan 2025 22:03:41 GMT

GET
H2 200 Gnm9vzFr_bN.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yo/l/en_US/ Frame A3B1 70 KB
20 KB 29ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yo/l/en_US/Gnm9vzFr_bN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68ef2f6656eedf422aa23fa2577c634d7da41ecc2a15b4b2fa99a9328d2dcd28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h9roFUGEDyi5KOSrmiZMkw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20068
reporting-endpoints
x-fb-debug: WAZ+TOy+IRPg5c8FXZ4cKQDRV2MtItGg4FSbRIMZeKdoCOD70WjfrZ9NyzaMAimQd7X6jDGoXVzT5eMBe0f7og==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 16 Jan 2025 18:07:28 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame A3B1 507 B
487 B 29ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 20 Jan 2024 04:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: AWG1TDl4OR0fnTx9CWOvq2HSTdbsXsvr7QnKiidXJgAkOkPRppBF9uSFP4Gc3axmQe3JLh40/R9S8hkCY1py0w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 14 Jan 2025 07:36:57 GMT

GET
H2 200 325716116_879686836700726_8954182083603056187_n.png
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame A3B1 2 KB
2 KB 8ms
8ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/325716116_879686836700726_8954182083603056187_n.png?stp=cp0_dst-png_p50x50&_nc_cat=111&ccb=1-7&_nc_sid=4da83f&_nc_ohc=7wAzr1YW0xwAX9Wk4sE&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AfDt4p3vVQNhx3j-SD8ykMpH44PlDStHnXQwalxhMC8WbQ&oe=65B0B3E0
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32c18d2396070c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&color_scheme=dark&container_width=130&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fispovest&locale=en_US&sdk=joey&show_border=false&show_faces=false&stream=false&width=180
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a6403a2d78cf38f225169c4e71f5618eb3133f98ce0e5dd3e35a9b9ca671dec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 19 Jan 2023 14:02:22 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=3260290218
thrift_fmhk: GBBA4Q3uvcbuzPkAFFvgfcSGFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2117027286
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1587

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 409C 0
0 44ms
44ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401160101&jk=1827026096471883&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B461 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hunBuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame A3B1 573 B
715 B 21ms
11ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 20 Jan 2024 04:41:06 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: V3NO5YbJ8f9M7JXIV12PGd8P+BvCjqdQIz2O6jhLgqiwHHjhULA8nSGv7SEDGbOudZCDOKoWVJRLMiZ0Vo7cZg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1,i
expires: Wed, 08 Jan 2025 00:49:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401160101&jk=1827026096471883&bg=!kJOlk9zNAAa8BdJLnAU7ADQBe5WfOHMGSJAN92_VT75136DbonBZ8GjLkVJ_uCb56o9ByxPR81b-_K2RW5jASKbaL7xZAgAAAJBSAAAAA2gBB5kCtDcrERE-8VHji27WkLUe1K6S6n_6CbZE5v5j4osQK2UUiOlFzinzuxGTIBqCgLGdzC9aew2zELhtKrzc_NCK5wFFzDHQQKSllKOUC5RRfqkh5BoprS5tzwcfQBEgxoYBAnrTVuVs9AjxGUkN0be9HT7HnKNqoRTXK2eTaY_LdBZsSaAsrVK1ShT8zp3z-8He63MBoBwpl_AZOLVzTGBdYefUeTSgBNN9fwA7KEULj6jUPHut-ct5z2NIRDx2EplHBZZk7INx1lKYfvQnAjKB5RQNcAhMHm4jiSqzfuN8_BMyeBXEEdl8tLqBZ9DFVwePrPX1_49cj3PWWIkOFptX9hacbyBXE5PRsYFRpA23U1PnRZ6yv3DQr57aQPJ5iHR8L5V7kGR3ViAX9mZZd7uSZAg0oLnztP-60GNEJ5Adlze15jnvpq2O5RtVPXX796sxCsYy2KSGBT-YxwYrzZiB7LpfAoG-pn-Oi1G0xdhC8e3lMFOzSfhsCUMi4uY6ksqrrYEIcqRn6tcs1gVLN8_THS8xM9nXrShSCRLJINdmrqQ3CCmeuLGGJBtKG57by5OiVtT7QhdXqnksWR18z51IQdF5yFQbD8nlxrH541N9iJh5HNvf-nGIvNdDgmJPdR9Uj6MPm5AxowFL2JwMl7e_zsll4b_t26OFdAwItmwAsdyIQjeraL8VrqSgnYRw8PvPN4pJyi2ZUeRbEB7hlqPdHUc3_RPxI964DZ6EsE6EioImrCAkuttfmIsQ776JPQbsy44SgW2Tr_o6ZK-35x4O975bjaQm2TCSHnl_-MUho5xtlE7dO1gvy-b7OF6-0rvC5WD742C2_Ijl9po5bz-QPzL4TJgTMN0XZwHwba2BW3FqOOfntz_xOI9Ycjs9ljrib18LPUN8yeKr8rNHmRtqiwkZg8sE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9BB3 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4jwAxIT4ACnw_gZakzGhGn67BUa8Jzz4-H3yW3cjcLFm_SZHwvJhvqsOXrU3n_gAHyXuptSVgjK4vdAjsBDZgs_boCSQe7DB2djqt1oBIz-M2eK_kHkMlRByHaGPTxHk6riUn0CkjyKOR7rfO7J1OGg&sig=Cg0ArKJSzLPmHvNS6Dj_EAE&id=lidar2&mcvt=1000&p=154,960,404,1260&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=988085029&rs=4&la=0&cr=0&vs=4&r=v&rst=1705725666364&rpt=102&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:41:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-1202209323644624&su=ispovesti.com&eid=95320239%2C44759875%2C44759926%2C44759837%2C31079265%2C44785295%2C44795921%2C31080504%2C95320870%2C95320889%2C95321626%2C95321862%2C95322166%2C95322325&doc=complete&pg_h=3475&pg_w=1600&pg_hs=3475&c=1&aa_c=0&av_h=250&av_w=300&av_a=75000&b=3071&all_b=3071&d=0.072&all_d=0.072&ard=0.013&all_ard=0.013&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:41:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 54ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: adxbid.info
URL: https://adxbid.info/ispovesti.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

379e001b24f06b84923dae89b0909f6eeeaae45b7a0352b2bd8fbefea36aa7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:29 GMT
server: nginx
etag: W/"642e8d39-15331"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 21 Jan 2024 04:41:09 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9E42 14 KB
6 KB 42ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ispovesti.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 04:41:09 GMT
server: Kestrel
server-processing-duration-in-ticks: 292528
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 81ms
54ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

379e001b24f06b84923dae89b0909f6eeeaae45b7a0352b2bd8fbefea36aa7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ispovesti.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:29 GMT
server: nginx
etag: W/"642e8d39-15331"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 21 Jan 2024 04:41:09 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9E42
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ispovesti.com&sn=ChromeSyncframe&so=0&topUrl=ispovesti.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=aN4423wvN2hTbjNvUHJqS3ZmTGlxNkJOL2pZUlo5clJBeTNGcG9MMUdEb2Z2VkMrNjdXVEpBcFhqMTZEUytFcmJkUjZRR0Q0c1ZDdk5uT3lZaDBDQ01QcWxvcE1vaHNKL2dESUdDTkVoQS9kV0EyQk04cWdvZnlLaktOak...

447 B
659 B

29ms
28ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aN4423wvN2hTbjNvUHJqS3ZmTGlxNkJOL2pZUlo5clJBeTNGcG9MMUdEb2Z2VkMrNjdXVEpBcFhqMTZEUytFcmJkUjZRR0Q0c1ZDdk5uT3lZaDBDQ01QcWxvcE1vaHNKL2dESUdDTkVoQS9kV0EyQk04cWdvZnlLaktOak15eTVDUkpxMFAyVXJUaEd1c08vdDdna2JoMTRNR1lBZzNxY3BWTFp4Uzd3bFJwU1ZpbHBWWG9jL2IwQTRoUlY0Y09GVUpWY1FLNTA0anN1UFhLUE4yL0FzRy8rWk1HQ2xUWFViQzhTYVlVREM3eDBWVFg4QU9TYk03ZVl0d251emhESXhqcW16U0xuT3JMT2xCWVlrWEFjdWJnckZYZzVETFlrVk5heS9HMVViaHQxMmZaYz18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f27865d8cdb93ca73dc6435d132458dc839873b1b69d0275d54584f5edf689de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:41:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 11306301
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:41:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=aN4423wvN2hTbjNvUHJqS3ZmTGlxNkJOL2pZUlo5clJBeTNGcG9MMUdEb2Z2VkMrNjdXVEpBcFhqMTZEUytFcmJkUjZRR0Q0c1ZDdk5uT3lZaDBDQ01QcWxvcE1vaHNKL2dESUdDTkVoQS9kV0EyQk04cWdvZnlLaktOak15eTVDUkpxMFAyVXJUaEd1c08vdDdna2JoMTRNR1lBZzNxY3BWTFp4Uzd3bFJwU1ZpbHBWWG9jL2IwQTRoUlY0Y09GVUpWY1FLNTA0anN1UFhLUE4yL0FzRy8rWk1HQ2xUWFViQzhTYVlVREM3eDBWVFg4QU9TYk03ZVl0d251emhESXhqcW16U0xuT3JMT2xCWVlrWEFjdWJnckZYZzVETFlrVk5heS9HMVViaHQxMmZaYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 365864
content-length: 0
expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame BC29 281 B
555 B 54ms
7ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/ispovesti.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://ispovesti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 Jan 2024 04:41:09 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BC29 40 KB
11 KB 9ms
8ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 15fa995712e39a5f45ccac6d7c1ebb7a5f8644e88ce7bcc657c36b64890390b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:41:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jan 2024 16:51:07 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=43740
Connection: keep-alive
Content-Length: 10965
Expires: Sat, 20 Jan 2024 16:50:09 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame BC29 7 B
380 B 129ms
8ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: f2725c115d816cae2dce6044d9cf3fcf
Expires: 0

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ispovesti.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: da3e9c670f8fe2d934aad94e48da787f
.ispovesti.com/	1970-01-21 03:24:45	Name: _ga Value: GA1.1.2129364219.1705725666
.ispovesti.com/	1970-01-21 03:24:45	Name: __utma Value: 175528634.2129364219.1705725666.1705725666.1705725666.1
.ispovesti.com/	1969-12-31 23:59:59	Name: __utmc Value: 175528634
.ispovesti.com/	1970-01-20 22:11:33	Name: __utmz Value: 175528634.1705725666.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.ispovesti.com/	1970-01-20 17:48:46	Name: __utmt Value: 1
.ispovesti.com/	1970-01-20 17:48:47	Name: __utmb Value: 175528634.1.10.1705725666
.rubiconproject.com/	1970-01-21 02:34:21	Name: khaos Value: LRLL0RE7-U-DFAD
.rubiconproject.com/	1970-01-21 02:34:21	Name: audit Value: 1\|naVuGyos1qrAUrELdhElFy+IXqvPVzt4X6LBWwGzep2k2NKlEueGiP58rgAMdcxnl6HAXGZRRUnuvKApWmIhP8xuhZpbWKLtRA17BXn0zDe+xUA9sgf/4eNEKcfJxgEB
.ispovesti.com/	1970-01-21 03:10:21	Name: __gads Value: ID=870bea116b4512fe:T=1705725666:RT=1705725666:S=ALNI_MZXYFnK9q--ihSVYkvg8GOd3I9IcA
.ispovesti.com/	1970-01-21 03:10:21	Name: __gpi Value: UID=00000d4442c48123:T=1705725666:RT=1705725666:S=ALNI_Majww-oy7IeGS1sdmGotU13sk-ovQ
.ispovesti.com/	1970-01-21 03:24:45	Name: _ga_8TZN4VTKWR Value: GS1.1.1705725666.1.0.1705725666.0.0.0
.doubleclick.net/	1970-01-21 03:10:21	Name: IDE Value: AHWqTUk0yiMhppm88tuvW5jjh0pwfKN4Ng4YAGqqwQdpQv8tgbN-fLXZIyYk0tjj_jg
.criteo.com/	1970-01-21 03:10:21	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:10:21	Name: uid Value: 4a8a67c2-ca93-4cba-93bb-ee9fb679f31f
.ispovesti.com/	1970-01-21 03:10:21	Name: cto_bundle Value: NQed2l9BOWJzNWMwJTJCRWh1SFg5ZUFGVDJqcmdFVHQlMkI0eG5kQkU4a1VJayUyRlhTSjRqMmNpTkdaU3ltN3MlMkZSJTJGUVBHanJ5OUwwYkhHM0xpck9uWDFQNUE0SDBvQUtCcnhYdmJleHY1bmpxNlFleEoxRHprZFVRbmdnYzkwY2FnZVdXVHdSTTdXSlVKTGRsM3ElMkY5NmVGb3MlMkZ6ZE5RUSUzRCUzRA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://www.facebook.com/plugins/like_box.php?app_id=540760192613233&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32c18d2396070c%26domain%3Dispovesti.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fispovesti.com%252Ff13c5488a29533c%26relation%3Dparent.parent&color_scheme=dark&container_width=130&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fispovest&locale=en_US&sdk=joey&show_border=false&show_faces=false&stream=false&width=180 Message: The page did not request an origin-keyed agent cluster, but was put in one anyway because the origin 'https://www.facebook.com' had previously been placed in an origin-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.
security	warning	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz(Line 350) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9cc0c3c1c6de5201c41505a20f931b70.safeframe.googlesyndication.com
adx.adform.net
adxbid.info
bidder.criteo.com
connect.facebook.net
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
ispovesti.com
lib.ads4g.pl
mug.criteo.com
pagead2.googlesyndication.com
platform.twitter.com
prebid-eu.creativecdn.com
region1.google-analytics.com
relay-rs.ads.httpool.com
scontent.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
syndication.twitter.com
tas-rs.toboads.com
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.244.42.136
184.30.22.30
185.184.8.90
185.89.210.90
2001:4860:4802:34::36
2602:803:c003:200::21
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:4bcd
2606:4700:3031::ac43:aa5e
2606:4700:3035::6815:30d7
2a00:1450:4001:800::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:400c:c07::9a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
37.157.5.133
69.173.144.138
91.209.18.100
91.209.18.90
05994d87e448b89cb2a51dfe590cf939282cad15459fdf7e8cc264a0a9373994
05afe8252457a4ac2e9e78b825c4cd6c45db5a4bd734b7094908c808bdf61b38
07e7fe2ae1f7a8b12a42abe3d98f965966c1b8f505d3b4b2c951ed072bc3bca7
129903f7de528fe1f19d1fb4b15eb74b533caae2fa806d2ca8a010c60e77059b
15fa995712e39a5f45ccac6d7c1ebb7a5f8644e88ce7bcc657c36b64890390b1
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
314f46914aefc2dca06813c9f525b844b1a40e7ba75ec914b070c688299eec9f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35416662d65bf7170f1f31b43376d8a8c90ccd6e94a1f00c7c97bbdd6e5d415f
379e001b24f06b84923dae89b0909f6eeeaae45b7a0352b2bd8fbefea36aa7f6
3d7f9aced9a8d128229c44cfe23ff24421479061e742244b572c9bf485def153
3f1422cf1bee721109db3eb79d22562b1c6c69e2cacb4d4bec0fe2ba4419c9c8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4d0e5fdb8e29b0b84a27be5abd87dcc103938ae7668cc9ef0836660f5356d28b
4e8d76b52e2d77f45e4c9240ca3adbc628697227b40e95c31c79b2ad8f9c2b88
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5692eee5e93e7a60c5690d94816306718997fa12264396b83a79ef5d0eab5884
5cea1f3385b7d2e8930533d6b1c721d0916806035995fc681f02b548fdad38ea
5da2956f229233bb8c6097b72d0e09155caee3b1a2af94fb36610ea92849279d
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68ef2f6656eedf422aa23fa2577c634d7da41ecc2a15b4b2fa99a9328d2dcd28
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6b854c68fc478d44a8d9bb67fa7a5368fb34aa4f9d46f24f84ee3388f8fd1987
6fcc9febc6e47efcb4bbcc40500cfda8762c376e1db120e15a2275928d4260ea
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
781f61d26f26021d6297d6dd43c2598e6fafff3a11ed84c70607ff1b74be4b2a
7840b242fd9d03e90d4337518d24c8ebf3676f32bb22b8b01e09d50fb87962b1
7cbb868b875829ec1a1e52518403272a5752d0a9a4f3f57868bec154a596184e
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e547bf5572a39b0da18cf388d59cb75d91441774b1d205a08b45e6949a3ae2
89a659c5b537e8cecd748a8412949e4bc4a214ea593f23fa4ad4ada1d5368bab
8de9d11c5927e2cbd373399f9e3e429fd3628b5402abd8fc4fdede6dbf9bff8b
92b944f69bf563b004b1d14781493b8daff2a9c8a20b11d77160075d3c910b0b
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9897a0bbea2d9ec1bdf2924eae9f0c4944bc87bdaccf9c6c13f66a70d7865b01
9e443717b6187ea6b759316b8bd2622aa30c1ab7a33b52c60f0a0bdad5c2a735
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ecf958ab57002f5224ba290e89640ee2aa12175417c45c5097723fa70ecc037
a1240f3426581d15a0c42680894786bffa1d4dc911109b4d5c2df69f7318f69a
a2eba5de2e553f845633e4139fdee299bb3cb237c62340d56218b9250097b4f9
a6403a2d78cf38f225169c4e71f5618eb3133f98ce0e5dd3e35a9b9ca671dec7
b59fe485551eade8097556080e7024372c459f2ce970aee6baf441fe9ae5a123
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bbb4cde2dafbd50ce00fa1ce1a168b6ab4ec42d8696f04626b7b4cd148a3e9c5
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3195781c4444e0567c041136a85a78f8924cf3754986d2cafe95d7ea3943e29
c947046dc161e7bde59e53e0feb599a8e5ab319cf9fce09b8e0fc6d620ac544c
cac134aca5d573ff54447519d5cb7ccb10e4be05e58ab04d1c823e9ca05de0b2
d4689675d546920c2ad44be24b4e69374ae06876bf75857bcc90a2efde6c3778
d5b5055ed9477d135cfb3277719b4ae55137fc5822672e1c6cae0fff65c7f76a
da9912d4e908e3788e753fe3583a9063c0b65049f82d366fe871f03368f7ce10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0563dbb4bb81c6b1f745145ff4ca39c3d63daf31952c521dbb689dda5b26ff3
f27865d8cdb93ca73dc6435d132458dc839873b1b69d0275d54584f5edf689de
fc05a5bf73aec874ffb7ff4a7d5c0c1b6a1eeea038f570df474a84265d1f58f0
ff2e118027cd85b684c13b6dfc10528e3f34514fe8c1f53b9ce652937458f8c5
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

ispovesti.com Open in urlscan Pro 2606:4700:3031::ac43:aa5e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

72 %HTTPS

70 %IPv6

21 Domains

31 Subdomains

27 IPs

7 Countries

1686 kBTransfer

4470 kBSize

16 Cookies

4 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ispovesti.com Open in urlscan Pro
2606:4700:3031::ac43:aa5e Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

72 %
HTTPS

70 %
IPv6

21
Domains

31
Subdomains

27
IPs

7
Countries

1686 kB
Transfer

4470 kB
Size

16
Cookies

88 HTTP transactions
1 data transactions