rulsmart.me Open in urlscan Pro
185.158.112.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://storage.rulsmart.me/2362/getfiles/video/1691453181_rulsmart-video.zip
Effective URL:
http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDU...
Submission: On August 17 via manual (August 17th 2023, 5:12:24 am UTC) from US — Scanned from DE

Summary HTTP 194 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 20 domains to perform 194 HTTP transactions. The main IP is 185.158.112.11, located in Russian Federation and belongs to IPSERVER-RU-NET Fiord, RU. The main domain is rulsmart.me.

This is the only time rulsmart.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	185.158.112.11 185.158.112.11	44812 (IPSERVER-...) (IPSERVER-RU-NET Fiord)
4 51	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 1	87.240.132.78 87.240.132.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
32	87.240.137.164 87.240.137.164	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 2	80.239.201.0 80.239.201.0	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	87.240.185.171 87.240.185.171	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	87.240.169.1 87.240.169.1	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	87.240.169.3 87.240.169.3	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	93.186.227.158 93.186.227.158	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	87.240.185.133 87.240.185.133	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
33	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3 4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4005:805::2003	15169 (GOOGLE) (GOOGLE)
1	74.125.206.155 74.125.206.155	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:1::9	15169 (GOOGLE) (GOOGLE)
3	52.92.18.138 52.92.18.138	16509 (AMAZON-02) (AMAZON-02)
194	34

10 185.158.112.11 (Russian Federation) 2 redirects

ASN44812 (IPSERVER-RU-NET Fiord, RU)
PTR: 112-11.static.ipcserver.net

storage.rulsmart.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rulsmart.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.132.78 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 87.240.137.164 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv164-137-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st.vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.239.201.0 (Sweden) 1 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.185.171 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv171-185-240-87.vk.com

sun9-72.userapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.169.1 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: mx.vk.com

sun9-78.userapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.169.3 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv3-169-240-87.vk.com

sun9-80.userapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.186.227.158 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv158-227.vkontakte.ru

sun9-75.userapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.185.133 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv133-185-240-87.vk.com

sun9-6.userapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4005:805::2003 (Hong Kong)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:1::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5e6nzz.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.92.18.138 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

t2ocreaspalladium.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	676 KB
33	vk.com 1 redirects vk.com — Cisco Umbrella Rank: 6223 st.vk.com — Cisco Umbrella Rank: 56256	2 MB
25	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 bid.g.doubleclick.net — Cisco Umbrella Rank: 1014	258 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	167 KB
13	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 352 gcdn.2mdn.net — Cisco Umbrella Rank: 1319 r4---sn-4g5e6nzz.c.2mdn.net	2 MB
10	rulsmart.me 2 redirects storage.rulsmart.me rulsmart.me	92 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	603 B
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73 imasdk.googleapis.com — Cisco Umbrella Rank: 600	136 KB
6	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 3768	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	282 KB
5	userapi.com sun9-72.userapi.com — Cisco Umbrella Rank: 57000 sun9-78.userapi.com — Cisco Umbrella Rank: 48863 sun9-80.userapi.com — Cisco Umbrella Rank: 48757 sun9-75.userapi.com — Cisco Umbrella Rank: 56184 sun9-6.userapi.com — Cisco Umbrella Rank: 56799	17 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760	3 KB
4	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 10788	3 KB
3	amazonaws.com t2ocreaspalladium.s3-eu-west-1.amazonaws.com — Cisco Umbrella Rank: 219587	75 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3	858 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	2 KB
3	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 9953	18 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 24545	863 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	70 KB
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 149892	704 B
194	20

	Domain	Requested by
33	tpc.googlesyndication.com	googleads.g.doubleclick.net rulsmart.me tpc.googlesyndication.com imasdk.googleapis.com s0.2mdn.net pagead2.googlesyndication.com
33	pagead2.googlesyndication.com	rulsmart.me pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
25	st.vk.com	vk.com
18	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
10	s0.2mdn.net	rulsmart.me s0.2mdn.net
9	rulsmart.me	1 redirects rulsmart.me
8	www.googleadservices.com	rulsmart.me
8	vk.com	1 redirects rulsmart.me vk.com
6	mc.yandex.ru	3 redirects rulsmart.me
5	fonts.gstatic.com	fonts.googleapis.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	counter.yadro.ru	2 redirects rulsmart.me
3	t2ocreaspalladium.s3-eu-west-1.amazonaws.com	rulsmart.me
3	www.google.com	2 redirects tpc.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	top-fwz1.mail.ru	vk.com top-fwz1.mail.ru
2	r4---sn-4g5e6nzz.c.2mdn.net	googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	rulsmart.me
2	mc.webvisor.org	1 redirects rulsmart.me
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	sun9-6.userapi.com	vk.com
1	sun9-75.userapi.com	vk.com
1	sun9-80.userapi.com	vk.com
1	sun9-78.userapi.com	vk.com
1	sun9-72.userapi.com	vk.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	rulsmart.me
1	c.hit.ua	rulsmart.me
1	storage.rulsmart.me	1 redirects
194	36

This site contains links to these domains. Also see Links.

Domain
storage.rulsmart.me

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-16` - `2024-02-20`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.userapi.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-17` - `2024-02-20`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-05-31`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-08` - `2023-10-17`	2 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 24 frames:

Primary Page: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Frame ID: B186D1C9EDFB2337759C94E1B7E689EC
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/zrt_lookup.html
Frame ID: 8175635B01100D810EE167357D52EEC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&adk=1812271804&adf=3025194257&lmt=1692241936&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_r&format=0x0&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&ea=0&pra=5&wgl=1&dt=1692249136408&bpp=138&bdt=126&idt=296&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5973679571545&frm=20&pv=2&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=313
Frame ID: 767AAC7C5B9279F25C8083CF3878FAA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=8070673132&adk=926445072&adf=683863926&pi=t.ma~as.8070673132&w=300&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=300x600&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1692249136546&bpp=7&bdt=264&idt=189&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=chUE5Epebl&p=http%3A//rulsmart.me&dtd=194
Frame ID: 0ADBC7965DD0AFC2BF9589C1D70BEB7F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=1664212738&adk=1969458916&adf=854766408&pi=t.ma~as.1664212738&w=300&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=300x600&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1692249136553&bpp=1&bdt=270&idt=197&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=XKGPeZALkd&p=http%3A//rulsmart.me&dtd=200
Frame ID: BF2F73CAA500699CCAC8611348D2E6F6
Requests: 19 HTTP requests in this frame

Frame: https://vk.com/widget_community.php?app=0&width=220px&_ver=1&gid=53383122&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=140&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&referrer=&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&18a01e89e6b
Frame ID: D876A466A3B457EF1246E5F97FA1B731
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216
Frame ID: A54CA565AEE937ADBD9A4D0346BA42F2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1885653797&adf=1795251393&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136556&bpp=4&bdt=274&idt=219&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600%2C1040x280&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&fsb=1&xpc=mqu2JJpzNA&p=http%3A//rulsmart.me&dtd=221
Frame ID: 87F4B29AC478CA5233D65E7D149E21A2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYrt7A3QEwAQ&v=APEucNXeHvdMUVwOTMhaezZ2zSueoT5xLf1lZjISKoUGf4fcZMyDCtDGXm864aL-_WwwLo3i0e1pij2ao9-lvrnoegKPGhS43TEmOHxMXsBJo5sA045kTI6DSIOND0f5HacRO2OYC3w9u6PyPqYe7eytH7gCPJybguGqWHDTFMOJ1kAHk5CLpyw
Frame ID: 493E375E5A41534C77F999338EBC366B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
Frame ID: F1FF72B9D17B281EC4EF44282D3DE4D6
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
Frame ID: 709B9F19EA067161625517885C7419D6
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E8CEBE1C999D36FA53DBF3A4E69A5181
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 543B299393A0950359FC051165C3997F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250
Frame ID: 9201D1EE52CDE1807F2A626E50D1EBC2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 84F3856A094DA0743916A077AB672398
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A01A2E4EB0988C05AEDFAFADA70942BB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js
Frame ID: 8F536F736DF34447501B55911F27BCC7
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 32B29E83C28791131D71E6CE9AF454D0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 5EE1D9B65A2891DC1E7A380D109A6551
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: A246871D6E299791C086E7DB6D2DFBC6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C2C1EEDC2E394EC9E72687A8541ECEB0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: F07A20EA204EEAEF40A306397962E5B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 26805B8E73BABC16C84079FD892C4582
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65873FA89A19F1E9710718B56C67CC80
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Скачивание файла

Page URL History Show full URLs

http://storage.rulsmart.me/2362/getfiles/video/1691453181_rulsmart-video.zip HTTP 302
http://rulsmart.me/engine/fgo.php?fgo=/2362/getfiles/video/1691453181_rulsmart-video.zip HTTP 302
http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWx... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

194
Requests

88 %
HTTPS

43 %
IPv6

20
Domains

36
Subdomains

34
IPs

7
Countries

6825 kB
Transfer

14265 kB
Size

33
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://storage.rulsmart.me/2362/getfiles/video/1691453181_rulsmart-video.zip
Title: Скачать файл

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://storage.rulsmart.me/2362/getfiles/video/1691453181_rulsmart-video.zip HTTP 302
http://rulsmart.me/engine/fgo.php?fgo=/2362/getfiles/video/1691453181_rulsmart-video.zip HTTP 302
http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://vk.com/js/api/openapi.js HTTP 301
https://vk.com/js/api/openapi.js

Request Chain 10

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//rulsmart.me/engine/vfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D;h%u0421%u043A%u0430%u0447%u0438%u0432%u0430%u043D%u0438%u0435%20%u0444%u0430%u0439%u043B%u0430;0.4200309327476426 HTTP 302
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//rulsmart.me/engine/vfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D;h%u0421%u043A%u0430%u0447%u0438%u0432%u0430%u043D%u0438%u0435%20%u0444%u0430%u0439%u043B%u0430;0.4200309327476426 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//rulsmart.me/engine/vfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D;h%u0421%u043A%u0430%u0447%u0438%u0432%u0430%u043D%u0438%u0435%20%u0444%u0430%u0439%u043B%u0430;0.4200309327476426

Request Chain 15

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55z3twh48ty7%3Afp%3A657%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1093%3Acn%3A2%3Adp%3A0%3Als%3A5800210948%3Ahid%3A74018439%3Az%3A120%3Ai%3A20230817071216%3Aet%3A1692249137%3Ac%3A1%3Arn%3A799744399%3Arqn%3A1%3Au%3A1692249137716122368%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C54%2C1%2C325%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1692249135900%3Ast%3A1692249137&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55z3twh48ty7%3Afp%3A657%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1093%3Acn%3A2%3Adp%3A0%3Als%3A5800210948%3Ahid%3A74018439%3Az%3A120%3Ai%3A20230817071216%3Aet%3A1692249137%3Ac%3A1%3Arn%3A799744399%3Arqn%3A1%3Au%3A1692249137716122368%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C54%2C1%2C325%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1692249135900%3Ast%3A1692249137&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Request Chain 16

https://mc.yandex.ru/watch/873079?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55z3twh48ty7%3Afp%3A657%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A942723277514%3Ahid%3A74018439%3Az%3A120%3Ai%3A20230817071216%3Aet%3A1692249137%3Ac%3A1%3Arn%3A153211536%3Arqn%3A1%3Au%3A1692249137716122368%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C54%2C1%2C325%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1692249135900%3Arqnl%3A1%3Ast%3A1692249137%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/873079/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55z3twh48ty7%3Afp%3A657%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A942723277514%3Ahid%3A74018439%3Az%3A120%3Ai%3A20230817071216%3Aet%3A1692249137%3Ac%3A1%3Arn%3A153211536%3Arqn%3A1%3Au%3A1692249137716122368%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C54%2C1%2C325%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1692249135900%3Arqnl%3A1%3Ast%3A1692249137%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Request Chain 28

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10098.4JjRmZpS1KpJz9Dkc5LdwOvbK7NxTYR2EnRuU65nrqm8I3rUBEQsh9TBC0WMK8sN.GG_p5K_qaVtZKkg9xG1QMwwbr34%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=10098.kzOTdABxeEo9CT6wkNssU8rrftHhpgooahP9ZdjVl-KAzZmHTgthltrtYXNTPjdfhC54wQyWaWSlNe2d9ooNAlEBEI8IrxxZxR-QewBBSwa2MYAAYOYlIjZk8r6Qz7sjZazy6hcHZxYFFYdizuHClFXWkmdNoueGJQAax41nE0XFcs1ZOTjnXpM1mGGG2j3iid1ClmK8fVfRmfFjzy7briScMEyqZheUSjnKEIUI1Co%2C.NOYxstaimoxGX5iSekeQbg8lX4w%2C

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZyD-8AAdvDOS-BtY7Cox8&google_cver=1

Request Chain 83

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN2sMaZMjfEZIOgOZWbauAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZyD-8AAdvDOS-BtY7Cox8&google_cver=1

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKx9jcYEsVfB5XSoJ54lB9o&google_cver=1

Request Chain 85

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMzMTc0MDM4NTU0MzEwODYw

Request Chain 130

https://googleads.g.doubleclick.net/pagead/adview?ai=CMGlDMKzdZIe-L9aexdwP046h6AyczrmcaIWb3t6NEdLw0uCyARABIMTAjBxglfrwgYwHoAGQsajOAcgBCakCVYKMewxDsj6oAwHIA8sEqgSPAk_Qa3sJKnw6E3_CHObfCUhzkOzme3d4x-qgme9-nVDDTBM_s5mMUdSOcBziET4c7DTgzoae5WKrTjPvB_AgJr9E8Bl7ZuMtvrplH2E8QEas0xsqTekOS4vYNwVI3wSaXgXIORdpb_Ibf9AQP3LMUU7a7Xn_L6YiAWone7OcOdZoi5bucFVkp54q6iKuFpqv8C4qTK3YEWgYSqsLv9KNlAl7mMrTzdlAEryn8t6_sPb3SDhmZklIuDQbC9ttYltLyyH5_KjndI6sUiRzgzFs1fx1AP75kFdCtGSXiiVTbBmTHtysTCSWuyIRCcfE1inaVyh6IRdGm5y0QHpQQQrgJKFevB93xlFRkrziBhsYS9jABPmU4rbCA5IFBAgEGAGSBQQIBRgEoAYugAfYztexAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMTQBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCRZodHRwczovL3d3dy5kam9nYi5jb20vgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTQ4MDk3NDA4MjMzNjc3NjIYAA&sigh=tHGjY2EEq4s&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWRNylqQM7L0XZ0rIjt5yFHY8cTC5xTRgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215713923990082492062%22,%22debug_reporting%22:true,%22destination%22:%22https://djogb.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22432674960%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221025068893231063905%22}&andc=true

Request Chain 152

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 153

https://googleads.g.doubleclick.net/pagead/adview?ai=CNngGMKzdZIj4MPyXjuwP2KGXsAuczrmcaKWc3t6NEdLw0uCyARABIMTAjBxglfrwgYwHoAGQsajOAcgBCakCVYKMewxDsj6oAwHIA8sEqgSQAk_QtvWPcyyPfdSj3BvuRJR6bph6qo2qzRW9N7JkS20cP7XiIJXACRJWlVeE3rOA5YhJXcxTk1iBmJVoElbqz7eJOeHEyV7EfLcq53ScLL6N4HXyJ0Xl433M5pFatHlLR--4EYGTDNYZTKT69cW1oODel5MIdBn7bMjPfq_9cEZR7qQR2C1vZrl7_svsRIi50jwdRMCqUWGGYIHWStF1V7kknxTN23qHk7ZLZSDNPMaIIrY88nXQMAOVr74kHAbDugyvQdbEhJ201WqzbMmoWqI1j3fhsSAuoteu4dERDf06sXYsdB4t9Dvw6mouhEymCx8hy7QuD_yc-o6iGf2Yjh9Z3mNx9ch0AP_EcDGIgm9_wAT5lOK2wgOSBQQIBBgBkgUECAUYBKAGLoAH2M7XsQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDwvQzSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkWaHR0cHM6Ly93d3cuZGpvZ2IuY29tL4AKAcgLAbgT5APYEwrQFQGAFwGyFxwKGggAEhRwdWItNDgwOTc0MDgyMzM2Nzc2MhgA&sigh=dKAQtG_KqbY&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWf7bRDcONrl3oer5eOg-SpreAAz9-wBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215984550375105626606%22,%22debug_reporting%22:true,%22destination%22:%22https://djogb.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22432674960%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210002826357412942257%22}&andc=true

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 165

https://googleads.g.doubleclick.net/pagead/adview?ai=C9KrgMKzdZNm_LtWrxdwPx4a5kALM4seycqfvzo3nEb-7wbjBCRABIMTAjBxglYKAgMAHoAHhlK3TA8gBAqkCVYKMewxDsj6oAwHIA8kEqgT7AU_Qkejz5c26oMKsmCMtJf3foTyVNqC8CK7G5rFubXSi2pin35s2ksufj5WxHV2T_QbfzfhqlOuqsYLHVhAYD1EqcS7au5XCS7cyZvXuLlVVB27bBa6xuvzWcI1FnJRKKiw8vk8RbijknQeowDXLJwnpymTlWrretn8zPfHgWrSVUG4tUnntQiWVN21ayMQkL_9bUSoP2yLER0CjdfXeRSyXhMuDKSh3TxA0JF6Zcx3s-_zB6Z5TdLuYNmDzaZ3UvI1Pqxe09PofwaqC-xvymv3eTe4lGJjkXj72WnAAU0oVCNHmyrifjeqaRu5H8P0e-xa5kBpJ5nhONvlWwATb9ZbOsgSSBQQIBBgBkgUECAUYBKAGAoAHnIWFLqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJuIA9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCWZodHRwczovL3d3dy5rYXVmbGFuZC5kZS9pdGVtL3NlYXJjaC8_aWRfY2F0ZWdvcnk9Njg5OTYmc2VhcmNoX3ZhbHVlPUxFR08lQzIlQUUlMjBmJUMzJUJDciUyMEVyd2FjaHNlbmWACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItNDgwOTc0MDgyMzM2Nzc2MhgA&sigh=SprODwxr25Y&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWdWv1GcdrWFYwE2xX_VHcGU9YWMEB_hgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227114121809289839744%22,%22debug_reporting%22:true,%22destination%22:%22https://kaufland.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980109921%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225386332161903727073%22}&andc=true

Request Chain 168

https://gcdn.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723785138/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/04F6E827A403091957BC5CC5F2B2CC0EE4A09426.5DEE8D4AB5FBE8B7F7184F9B76C4D1C86363B14A/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723785138/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/58808F3AE9F3E86C2E6A92465F3C4B0C951ECF68.7A4C5133839CF0C3E0E8D122D561C4D7AD90D458/key/cms1/cms_redirect/yes/mh/xb/mip/2a02:6ea0:c71b:0:1012:90f3:68d2:2c62/mm/42/mn/sn-4g5e6nzz/ms/onc/mt/1692248412/mv/u/mvi/4/pl/48/file/file.mp4

Request Chain 170

https://googleads.g.doubleclick.net/pagead/adview?ai=CK3AwMKzdZJKvMMGWjuwP-_iTqA_53dTpbJb0-tevEKbxhuOgAhABIMTAjBxglfrwgYwHoAHJ_dSiKMgBAakCVYKMewxDsj6oAwHIA8MEqgSQAk_QiWP0ZtNSIk-9wiEbHJ2ISCSDQ5oVWUXOs4SXZZES6_WHEIfVAsKGSGD0xlAyCUN_fVhGk3b8dFrGjpf2v6gamIjzykecCBdKUeV5Hj7fbCbZ7R2SNHpPwqxYa3oQnUXCnfyeFnXTbng1Y89LidxjWNbZyVTj4MTsC-F00K_8R1BHsI2xInJeth_2JCQgudhTT-9VAqihMWYHByvId8uLgWObcbtIbN6FoseeILIthOErLYgadticDOmrqjv3jGUH9f-c2h2nBy5Jc9DXy4omcC4QnT5dWnJ20BZxT7t4zoFsyy4IjGW7LVIt8rhq9ErMSzCkMnP90kB-ZL7mWYd42ktno_CPhvsyGig-FFp1wASZ-rLZlgSSBQQIBBgBkgUECAUYBKAGZoAHybWlggOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD_1hTSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkqaHR0cHM6Ly93d3cuY2hhbmdlbXkuY29tcGFueS9jaGFuZ2VteXNhbGVzgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTQ4MDk3NDA4MjMzNjc3NjIYAA&sigh=rECkrlJBPzc&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWEEZeJYDXeRmEgH9fm8Y6UgvRAGg1qBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227795193278007152468%22,%22debug_reporting%22:true,%22destination%22:%22https://changemy.company%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210810113737%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22555181930864166337%22}&andc=true

194 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request vfileload.php Show response
rulsmart.me/engine/
Redirect Chain

http://storage.rulsmart.me/2362/getfiles/video/1691453181_rulsmart-video.zip
http://rulsmart.me/engine/fgo.php?fgo=/2362/getfiles/video/1691453181_rulsmart-video.zip
http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

10 KB
5 KB

55ms
54ms

Document
text/html

185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx / PHP/5.3.3-7+squeeze19
Resource Hash: fd3ab1c497cc706c01d4ee4d71de7884d014bef7e7136f140f506142521cc2cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4163
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: text/html; charset=windows-1251
Date: Thu, 17 Aug 2023 05:12:15 GMT
Expires: Fri, 18 Aug 2023 05:12:15 GMT
Server: nginx
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3-7+squeeze19

Redirect headers

Cache-Control: max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 139
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: text/html
Date: Thu, 17 Aug 2023 05:12:15 GMT
Expires: Fri, 18 Aug 2023 05:12:15 GMT
Location: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Server: nginx
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3-7+squeeze19

GET
H/1.1 200
OK style.css
rulsmart.me/templates/default/load/css/ 5 KB
2 KB 51ms
50ms Stylesheet
text/css 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/templates/default/load/css/style.css
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: c1f682c5eb8ac9883142511d4198cea10006f8412aa67da3eb2a5370d833bf5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 05:12:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Fri, 18 Aug 2023 05:12:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 81ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4809740823367762

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d35ad59d964bd45a9edcf9fece844c77d93df73bfa6f3bfa955f04d313a0880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Origin: http://rulsmart.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51104
x-xss-protection: 0
server: cafe
etag: 18093894545390611927
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 05:12:16 GMT

GET
H/1.1 200
OK jquery-2.0.3.min.js Show response
rulsmart.me/templates/default/load/js/ 82 KB
83 KB 99ms
50ms Script
application/javascript 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/templates/default/load/js/jquery-2.0.3.min.js
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 05:12:15 GMT
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83612
Expires: Fri, 18 Aug 2023 05:12:15 GMT

GET
H/1.1 200
OK sstu_script.js Show response
rulsmart.me/templates/default/load/js/ 113 B
1 KB 100ms
51ms Script
application/javascript 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/templates/default/load/js/sstu_script.js
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 9854b2eba9e32c3d1056354bb4d67393ad04996585566a9bf33cb29bbb4d8378

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 05:12:15 GMT
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 113
Expires: Fri, 18 Aug 2023 05:12:15 GMT

GET
H/1.1 200
OK logo
counter.yadro.ru/ 830 B
1 KB 91ms
43ms Image
image/gif 88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/logo?27.6
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Protocol: HTTP/1.1
Server: 88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host198.rax.ru
Software: 0W/0.8c /
Resource Hash: 57f283698fb628ed0d218da8140e000a065dfe86593b52fa1f8ae591bf2a8840

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 05:12:16 GMT
Server: 0W/0.8c
Content-Type: image/gif
Cache-control: no-cache
Connection: Close
Content-Length: 830
Expires: Tue, 16 Aug 2022 21:00:00 GMT

GET
H2

200

openapi.js Show response
vk.com/js/api/
Redirect Chain

http://vk.com/js/api/openapi.js
https://vk.com/js/api/openapi.js

104 KB
31 KB

189ms
73ms

Script
application/x-javascript

87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Protocol: H2
Server: 87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv164-137-240-87.vk.com
Software: kittenx /
Resource Hash: 3c42ae7e84132121c8b32b471556e9cce0bdb805921d7f4c9494dd061a234541

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
content-encoding: gzip
x-frontend: front512004
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
server: kittenx
etag: W/"6389a5e0-1a018"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
expires: Mon, 21 Aug 2023 05:12:16 GMT

Redirect headers

Date: Thu, 17 Aug 2023 05:12:16 GMT
X-Frontend: front226206
Server: kittenx
Content-Type: text/html
Location: https://vk.com/js/api/openapi.js
Access-Control-Expose-Headers: X-Frontend
Connection: keep-alive
Content-Length: 164

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 369 KB
126 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4809740823367762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef2f75889cbad7faebdd895cd3c5fc83964ae88b328ea3b799118b4354b5b964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128222
x-xss-protection: 0
server: cafe
etag: 14653998481871022349
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 05:12:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/ Frame 8175 10 KB
5 KB 200ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4809740823367762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 04:36:15 GMT
etag: 13776922816869014096
expires: Thu, 31 Aug 2023 04:36:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 403
Forbidden PTN57F-webfont.woff
rulsmart.me/templates/default/load/css/font/ 0
0 53ms
52ms Font
text/html 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/templates/default/load/css/font/PTN57F-webfont.woff
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/templates/default/load/css/style.css
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash

Request headers

Referer: http://rulsmart.me/templates/default/load/css/style.css
Origin: http://rulsmart.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 05:12:15 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 267
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 403
Forbidden PTS55F-webfont.woff
rulsmart.me/templates/default/load/css/font/ 0
0 53ms
53ms Font
text/html 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/templates/default/load/css/font/PTS55F-webfont.woff
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/templates/default/load/css/style.css
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash

Request headers

Referer: http://rulsmart.me/templates/default/load/css/style.css
Origin: http://rulsmart.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 05:12:15 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 266
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//rulsmart.me/engine/vfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA...
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//rulsmart.me/engine/vfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppc...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//rulsmart.me/engine/vfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnp...

43 B
528 B

46ms
46ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//rulsmart.me/engine/vfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D;h%u0421%u043A%u0430%u0447%u0438%u0432%u0430%u043D%u0438%u0435%20%u0444%u0430%u0439%u043B%u0430;0.4200309327476426

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 05:12:16 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 16 Aug 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 05:12:16 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//rulsmart.me/engine/vfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D;h%u0421%u043A%u0430%u0447%u0438%u0432%u0430%u043D%u0438%u0435%20%u0444%u0430%u0439%u043B%u0430;0.4200309327476426
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 16 Aug 2022 21:00:00 GMT

GET
H/1.1 200
OK hit
c.hit.ua/ 279 B
704 B 83ms
39ms Image
image/png 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.hit.ua/hit?i=15760&g=0&x=4&s=1&c=1&t=-120&w=1600&h=1200&d=24&0.9561682114659007&r=&u=http%3A//rulsmart.me/engine/vfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Protocol: HTTP/1.1
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: 4811da110157debbf541ce540b6011b75720b5798959657bc486a8b6edb0fe61

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 05:12:16 GMT
Server: nginx/1.17.9
Transfer-Encoding: chunked
Content-Type: image/png
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 168 KB
70 KB 78ms
20ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89752357a34a6a32e28ff598027697763cb3751e4ca688b26028f9bd48a30e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1977
x-jsd-version: 1.289.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230070-FRA, cache-yyz4572-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2a1cc-8RIPVOvBVcvmLnlTIFTNOpX5tz4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fd%2BpdO8%2FjcHo5MQerZEBkcKHv3VLMSCCdkf021lpspP4pc0nk3EL5%2Bz7hCb2SxyftFNpC53otJgNu61CWuxCazxn5c8Io7YBGZINreXmloBPCfBawi6Li%2FgJowcC0JQEH3pbIMOUtgP6VeOkqzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f7f6bcfee6a368c-FRA

GET
H/1.1 403
Forbidden PTN57F-webfont.ttf
rulsmart.me/templates/default/load/css/font/ 0
0 52ms
52ms Font
text/html 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/templates/default/load/css/font/PTN57F-webfont.ttf
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/templates/default/load/css/style.css
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash

Request headers

Referer: http://rulsmart.me/templates/default/load/css/style.css
Origin: http://rulsmart.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 05:12:15 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 265
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 403
Forbidden PTS55F-webfont.ttf
rulsmart.me/templates/default/load/css/font/ 0
0 53ms
52ms Font
text/html 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/templates/default/load/css/font/PTS55F-webfont.ttf
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/templates/default/load/css/style.css
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash

Request headers

Referer: http://rulsmart.me/templates/default/load/css/style.css
Origin: http://rulsmart.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 05:12:15 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 265
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZ...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZ...

264 B
300 B

51ms
51ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55z3twh48ty7%3Afp%3A657%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1093%3Acn%3A2%3Adp%3A0%3Als%3A5800210948%3Ahid%3A74018439%3Az%3A120%3Ai%3A20230817071216%3Aet%3A1692249137%3Ac%3A1%3Arn%3A799744399%3Arqn%3A1%3Au%3A1692249137716122368%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C54%2C1%2C325%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1692249135900%3Ast%3A1692249137&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

70b720f8d972e759eaf232dd10c9c177ece68d9623baed2d4a244ffe8ffa6285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 17-Aug-2023 05:12:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://rulsmart.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 264
x-xss-protection: 1; mode=block
expires: Thu, 17-Aug-2023 05:12:16 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 17-Aug-2023 05:12:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/3/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55z3twh48ty7%3Afp%3A657%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1093%3Acn%3A2%3Adp%3A0%3Als%3A5800210948%3Ahid%3A74018439%3Az%3A120%3Ai%3A20230817071216%3Aet%3A1692249137%3Ac%3A1%3Arn%3A799744399%3Arqn%3A1%3Au%3A1692249137716122368%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C54%2C1%2C325%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1692249135900%3Ast%3A1692249137&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin: http://rulsmart.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 17-Aug-2023 05:12:16 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/873079/
Redirect Chain

https://mc.yandex.ru/watch/873079?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0...
https://mc.yandex.ru/watch/873079/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYX...

428 B
511 B

47ms
47ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/873079/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55z3twh48ty7%3Afp%3A657%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A942723277514%3Ahid%3A74018439%3Az%3A120%3Ai%3A20230817071216%3Aet%3A1692249137%3Ac%3A1%3Arn%3A153211536%3Arqn%3A1%3Au%3A1692249137716122368%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C54%2C1%2C325%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1692249135900%3Arqnl%3A1%3Ast%3A1692249137%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

08b84fd8616215d18c94aa489d5bd5e474c9c1ae9731b9268132928e1a0564fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 17-Aug-2023 05:12:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://rulsmart.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Thu, 17-Aug-2023 05:12:16 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 17-Aug-2023 05:12:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/873079/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55z3twh48ty7%3Afp%3A657%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A942723277514%3Ahid%3A74018439%3Az%3A120%3Ai%3A20230817071216%3Aet%3A1692249137%3Ac%3A1%3Arn%3A153211536%3Arqn%3A1%3Au%3A1692249137716122368%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C54%2C1%2C325%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1692249135900%3Arqnl%3A1%3Ast%3A1692249137%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin: http://rulsmart.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 17-Aug-2023 05:12:16 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
603 B 38ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rulsmart.me&callback=_gfp_s_&client=ca-pub-4809740823367762

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57d4aa5e35b24d91132ee482acb07fe076e2e8ab8a669aba2527c5b96e067466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 767A 256 KB
63 KB 437ms
437ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&adk=1812271804&adf=3025194257&lmt=1692241936&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_r&format=0x0&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&ea=0&pra=5&wgl=1&dt=1692249136408&bpp=138&bdt=126&idt=296&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5973679571545&frm=20&pv=2&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=313

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fb8bfa02e7da0776998250749b3f4dc3085ca038c1e302b8f23ddf01ef8965a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 64072
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:17 GMT
expires: Thu, 17 Aug 2023 05:12:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=left_side&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=left_side&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0ADB 121 KB
40 KB 588ms
587ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=8070673132&adk=926445072&adf=683863926&pi=t.ma~as.8070673132&w=300&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=300x600&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1692249136546&bpp=7&bdt=264&idt=189&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=chUE5Epebl&p=http%3A//rulsmart.me&dtd=194

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c20d99eb2897012209d2d026ba425d2b4797552e3fea5e254852e3cd574677b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40574
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:17 GMT
expires: Thu, 17 Aug 2023 05:12:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 upload.gif
vk.com/images/ 230 B
403 B 38ms
37ms Image
image/gif 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vk.com/images/upload.gif
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv164-137-240-87.vk.com
Software: kittenx /
Resource Hash: 0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-e6"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 230
expires: Thu, 24 Aug 2023 05:12:16 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF2F 21 KB
10 KB 374ms
374ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=1664212738&adk=1969458916&adf=854766408&pi=t.ma~as.1664212738&w=300&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=300x600&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1692249136553&bpp=1&bdt=270&idt=197&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=XKGPeZALkd&p=http%3A//rulsmart.me&dtd=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a853fdf4010d4a7bc12a91409d81042dc2fd36d92d5730ddf41a6eef675aa139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9719
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:17 GMT
expires: Thu, 17 Aug 2023 05:12:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 widget_community.php Show response
vk.com/ Frame D876 44 KB
17 KB 125ms
124ms Document
text/html 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/widget_community.php?app=0&width=220px&_ver=1&gid=53383122&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=140&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&referrer=&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&18a01e89e6b

Requested by

Host: vk.com
URL: http://vk.com/js/api/openapi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx / KPHP/7.4.114414

Resource Hash

d41d7d754d9736445a47ba8655294ff7477e0bf67bafca8a17611558258f9e65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://.vk.com https://vk.ru https://.vk.ru https://static.vk.me https://.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://.yandex.ru https://.google-analytics.com https://.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://.google.com https://google.com https://.vkpartner.ru https://.moatads.com https://.adlooxtracking.ru https://.serving-sys.ru https://.weborama-tech.ru https://.gstatic.com https://.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://.vk-cdn.net https://.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://.vk.com https://vk.ru https://.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; report=/xss_reports

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: X-Frontend
cache-control: no-store
content-encoding: gzip
content-length: 15320
content-security-policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
content-type: text/html; charset=windows-1251
date: Thu, 17 Aug 2023 05:12:16 GMT
origin-agent-cluster: ?0
server: kittenx
strict-transport-security: max-age=15768000
x-frontend: front512004
x-powered-by: KPHP/7.4.114414
x-xss-protection: 1; report=/xss_reports

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
205 B 54ms
48ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Aug 2023 13:02:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64d4b5d0-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 17 Aug 2023 06:12:16 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A54C 118 KB
40 KB 1437ms
1436ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

868578dc61a729271850a59fcff489a2419b6fb8fae0ec37d5704d62b176ebaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40703
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:18 GMT
expires: Thu, 17 Aug 2023 05:12:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87F4 106 KB
37 KB 1073ms
1072ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1885653797&adf=1795251393&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136556&bpp=4&bdt=274&idt=219&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600%2C1040x280&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&fsb=1&xpc=mqu2JJpzNA&p=http%3A//rulsmart.me&dtd=221

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd61552adecedc173a715a781e70bdcd5b4e4381612dfc027a5eb8678d29baa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38107
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:17 GMT
expires: Thu, 17 Aug 2023 05:12:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10098.4JjRmZpS1KpJz9Dkc5LdwOvbK7NxTYR2EnRuU65nrqm8I3rUBEQsh9TBC0WMK8sN.GG_p5K_qaVtZKkg9xG1QMwwbr34%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=10098.kzOTdABxeEo9CT6wkNssU8rrftHhpgooahP9ZdjVl-KAzZmHTgthltrtYXNTPjdfhC54wQyWaWSlNe2d9ooNAlEBEI8IrxxZxR-QewBBSwa2MYAAYOYlIjZk8r6Qz7sjZazy6hcH...

43 B
507 B

51ms
51ms

Image
image/gif

80.239.201.0
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=10098.kzOTdABxeEo9CT6wkNssU8rrftHhpgooahP9ZdjVl-KAzZmHTgthltrtYXNTPjdfhC54wQyWaWSlNe2d9ooNAlEBEI8IrxxZxR-QewBBSwa2MYAAYOYlIjZk8r6Qz7sjZazy6hcHZxYFFYdizuHClFXWkmdNoueGJQAax41nE0XFcs1ZOTjnXpM1mGGG2j3iid1ClmK8fVfRmfFjzy7briScMEyqZheUSjnKEIUI1Co%2C.NOYxstaimoxGX5iSekeQbg8lX4w%2C

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Server

80.239.201.0 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=10098.kzOTdABxeEo9CT6wkNssU8rrftHhpgooahP9ZdjVl-KAzZmHTgthltrtYXNTPjdfhC54wQyWaWSlNe2d9ooNAlEBEI8IrxxZxR-QewBBSwa2MYAAYOYlIjZk8r6Qz7sjZazy6hcHZxYFFYdizuHClFXWkmdNoueGJQAax41nE0XFcs1ZOTjnXpM1mGGG2j3iid1ClmK8fVfRmfFjzy7briScMEyqZheUSjnKEIUI1Co%2C.NOYxstaimoxGX5iSekeQbg8lX4w%2C
date: Thu, 17 Aug 2023 05:12:17 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 loader_nav20718651089_6.js Show response
vk.com/js/ Frame D876 344 KB
75 KB 173ms
169ms Script
text/javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/js/loader_nav20718651089_6.js

Requested by

Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=220px&_ver=1&gid=53383122&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=140&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&referrer=&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&18a01e89e6b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx / KPHP/7.4.114414

Resource Hash

9aad272a56db46cca97ab549bf6e6f38d5aa3f6c09bc1801c7409d66a806122c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community.php?app=0&width=220px&_ver=1&gid=53383122&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=140&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&referrer=&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&18a01e89e6b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
content-encoding: gzip
x-frontend: front512004
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.114414
content-type: text/javascript; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
content-length: 75883

GET
H2 200 fonts_cnt.c7a76efe4d312a46c1b8.css
st.vk.com/css/al/ Frame D876 331 KB
256 KB 135ms
118ms Stylesheet
text/css 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/css/al/fonts_cnt.c7a76efe4d312a46c1b8.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

8a546f986c6d332cdeca0c6aeb7fdfb6918b995e4d7e3b691243039ceea81266

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Fri, 14 Jul 2023 23:18:25 GMT
server: kittenx
content-encoding: gzip
etag: W/"64b1d7c1-52a00"
vary: Origin
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 lite.8d619b41f75a7e1de511.css
st.vk.com/css/al/ Frame D876 276 KB
56 KB 137ms
121ms Stylesheet
text/css 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/css/al/lite.8d619b41f75a7e1de511.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

0d0411e3df6378bf2367269bf18afb9752cf84e85c39fe66793d9b1650d8840e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Mon, 07 Aug 2023 14:00:05 GMT
server: kittenx
content-encoding: gzip
etag: W/"64d0f8e5-44f2c"
vary: Origin
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 lite.js Show response
vk.com/js/al/ Frame D876 262 KB
80 KB 46ms
42ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/al/lite.js?107
Requested by: Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=220px&_ver=1&gid=53383122&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=140&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&referrer=&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&18a01e89e6b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv164-137-240-87.vk.com
Software: kittenx /
Resource Hash: c1513eba455771f07f10e9edb6abfaa739d8dee1c34419c8c3a11dc3cbf984f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community.php?app=0&width=220px&_ver=1&gid=53383122&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=140&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&referrer=&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&18a01e89e6b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
content-encoding: gzip
x-frontend: front512004
last-modified: Wed, 16 Aug 2023 23:43:22 GMT
server: kittenx
etag: W/"64dd5f1a-41875"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 lang6_0.js Show response
vk.com/js/ Frame D876 101 KB
30 KB 210ms
206ms Script
text/javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/js/lang6_0.js?28204152

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx / KPHP/7.4.114414

Resource Hash

e4a3d563a13799d6b28e285cb527e001eed1c00af1ec71042bf4a9312d8206f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community.php?app=0&width=220px&_ver=1&gid=53383122&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=140&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&referrer=&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&18a01e89e6b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
content-encoding: gzip
x-frontend: front512004
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.114414
content-type: text/javascript; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
content-length: 30470

GET
H2 200 polyfills.js Show response
st.vk.com/dist/api/widgets/ Frame D876 114 KB
46 KB 140ms
124ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/api/widgets/polyfills.js?c46a6b59b68ac7dc9e01

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

1a186287d7b2522c346f85f7881eb0576b7ae896ee9aafdd77cb5a9a80bcc48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Tue, 01 Aug 2023 04:41:32 GMT
server: kittenx
content-encoding: gzip
etag: W/"64c88cfc-1c61a"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 vkui.648026c2f7b82a52754e.css
st.vk.com/css/al/ Frame D876 380 KB
63 KB 135ms
119ms Stylesheet
text/css 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/css/al/vkui.648026c2f7b82a52754e.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

7a1c24b60c6386f2c32a8edbbbd5c4267f865ec82283b06d2bd197035b2c21a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Tue, 15 Aug 2023 10:06:53 GMT
server: kittenx
content-encoding: gzip
etag: W/"64db4e3d-5ef09"
vary: Origin
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 xdm.js Show response
st.vk.com/js/api/ Frame D876 11 KB
4 KB 136ms
121ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/js/api/xdm.js?9

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
content-encoding: gzip
etag: W/"5f6a5ec8-2af6"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 ui_common.a47b9607559fc0f376b3.css
st.vk.com/css/al/ Frame D876 107 KB
22 KB 136ms
120ms Stylesheet
text/css 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/css/al/ui_common.a47b9607559fc0f376b3.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

3b2f3d58986874b0318d7381663d6107ad0fc2d55ea852d312e7118e339ea3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Tue, 15 Aug 2023 21:54:09 GMT
server: kittenx
content-encoding: gzip
etag: W/"64dbf401-1ac75"
vary: Origin
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 react.aaab134ea5a7d2cfea2e.js Show response
st.vk.com/dist/ Frame D876 147 KB
54 KB 139ms
124ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/react.aaab134ea5a7d2cfea2e.js?219e767d9680249b8357

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

d8c57a6ff72c6adab4124e631feb8d148c90a1de884e926fec0f7e87b976e0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Fri, 14 Jul 2023 23:21:04 GMT
server: kittenx
content-encoding: gzip
etag: W/"64b1d860-24a66"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 vkcom-kit-icons.b2ebe9a27bf4ea1011a2.js Show response
st.vk.com/dist/ Frame D876 221 KB
75 KB 138ms
123ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/vkcom-kit-icons.b2ebe9a27bf4ea1011a2.js?49c11cd253f5e6262c60

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

07bb9bc43713aa923de24aaca0b6aa67d12fa43e3d3d5835bde2d660f81caf3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Wed, 16 Aug 2023 15:48:02 GMT
server: kittenx
content-encoding: gzip
etag: W/"64dcefb2-374e8"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 vkcom-kit.6977433dc76f5e14648f.css
st.vk.com/dist/ Frame D876 151 KB
32 KB 134ms
119ms Stylesheet
text/css 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/vkcom-kit.6977433dc76f5e14648f.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

75bcb080345037c196f05049080b69cb3f3292d6376ca94b642a8ef8259a59cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Wed, 16 Aug 2023 13:17:16 GMT
server: kittenx
content-encoding: gzip
etag: W/"64dccc5c-25a39"
vary: Origin
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 vkcom-kit.1ea4638f4b9ab9741ba8.js Show response
st.vk.com/dist/ Frame D876 239 KB
80 KB 136ms
121ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/vkcom-kit.1ea4638f4b9ab9741ba8.js?8885b32c3bcf8e363bd9

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

d8a144209c02eb696ab5229452706e63f84c6affcb3e313fc04dc0b0c936e590

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Wed, 16 Aug 2023 15:48:02 GMT
server: kittenx
content-encoding: gzip
etag: W/"64dcefb2-3bcfc"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 vkui.1980fdd18555e6e47787.js Show response
st.vk.com/dist/ Frame D876 335 KB
118 KB 137ms
122ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/vkui.1980fdd18555e6e47787.js?57425a8b604f91d00b03

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

0f0ba0a2eda95c27df2b97bb302e830933dc8829c67714434cb80c95f9cf7449

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Fri, 04 Aug 2023 13:15:41 GMT
server: kittenx
content-encoding: gzip
etag: W/"64ccf9fd-53b2b"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 palette.ab89cf6796f211a41208.css
st.vk.com/dist/ Frame D876 93 KB
21 KB 135ms
120ms Stylesheet
text/css 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/palette.ab89cf6796f211a41208.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

d38df1c296e6d0a9fc8454f39c13836ffb1c26a9f6a4fa31c59f8c653c7ae4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Tue, 08 Aug 2023 15:31:53 GMT
server: kittenx
content-encoding: gzip
etag: W/"64d25fe9-17344"
vary: Origin
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 palette.ee51f4db853ec64ae465.js Show response
st.vk.com/dist/ Frame D876 89 KB
31 KB 136ms
122ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/palette.ee51f4db853ec64ae465.js?42cca9cee6ae315450b3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

95faf3ffca374c677c63a69cccc0e154d695e2c2e0f8ff919292686ecae49bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Wed, 16 Aug 2023 12:13:33 GMT
server: kittenx
content-encoding: gzip
etag: W/"64dcbd6d-165b1"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 state-management.c3d891a6b93620395819.js Show response
st.vk.com/dist/ Frame D876 61 KB
26 KB 136ms
121ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/state-management.c3d891a6b93620395819.js?8bfdf2bb8db82dd015cf

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

4b0a0df2479491cf26c49065cbfa550ffe5cfa5f632fc62b7951ec24be1fd42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Mon, 07 Aug 2023 08:26:30 GMT
server: kittenx
content-encoding: gzip
etag: W/"64d0aab6-f2a9"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 audioplayer.0f968f2911c7a0d197e7.css
st.vk.com/dist/ Frame D876 12 KB
3 KB 134ms
119ms Stylesheet
text/css 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/audioplayer.0f968f2911c7a0d197e7.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

9b408d7c1463239eaf06d17f7a90cc66db752b65df22c7ccc08acb985ec0c7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Fri, 14 Jul 2023 23:21:04 GMT
server: kittenx
content-encoding: gzip
etag: W/"64b1d860-3053"
vary: Origin
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 audioplayer.ff8ee60072df1c353cbd.js Show response
st.vk.com/dist/ Frame D876 202 KB
66 KB 137ms
123ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/audioplayer.ff8ee60072df1c353cbd.js?334b6048efdc0f56930956f

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

222189ce62906db25183ae3faef9824e94e0893fedb9156052a183d748c3210f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Tue, 15 Aug 2023 01:55:56 GMT
server: kittenx
content-encoding: gzip
etag: W/"64dadb2c-32619"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 common.aeee42e7f3d6d4e0a43f.js Show response
st.vk.com/dist/ Frame D876 1 MB
557 KB 136ms
122ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/common.aeee42e7f3d6d4e0a43f.js?3340e216e98c79482067bd8

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

68ba43bb77d1224dbf3ec42d85158a6c234092b6985d55e14fc73d1d68340b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Wed, 16 Aug 2023 23:55:21 GMT
server: kittenx
content-encoding: gzip
etag: W/"64dd61e9-15fba0"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 60487d5cd5cc1d8bb0a6fa44ccfd9904.3419191dff6bee3f599b.js Show response
st.vk.com/dist/ Frame D876 37 KB
12 KB 137ms
123ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/60487d5cd5cc1d8bb0a6fa44ccfd9904.3419191dff6bee3f599b.js?fbe4bf1c98cfc20c7cd1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

7d78869039c26ebb64d611175ddd20ef410600f3d32fa277771ff0dc2d05da26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Fri, 28 Jul 2023 06:57:39 GMT
server: kittenx
content-encoding: gzip
etag: W/"64c366e3-932b"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 ui_common.1184c250c7c6598130b6.js Show response
st.vk.com/dist/web/ Frame D876 56 KB
16 KB 138ms
124ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/web/ui_common.1184c250c7c6598130b6.js?496087f1f08e3c8021d002dd9510cde7

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

98729675e66d3a37c8541d5017e48206b15b39eab1003e17724605c02fc28993

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Tue, 15 Aug 2023 01:55:56 GMT
server: kittenx
content-encoding: gzip
etag: W/"64dadb2c-e026"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 audioplayer.7965f6735e8e39fbbe73.css
st.vk.com/dist/web/ Frame D876 554 B
848 B 134ms
120ms Stylesheet
text/css 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/web/audioplayer.7965f6735e8e39fbbe73.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

40971430d92d0e9c5f2f795909527e5bf8daaa4705cb8c41b83cad73f202f3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Fri, 14 Jul 2023 23:21:04 GMT
server: kittenx
etag: "64b1d860-22a"
vary: Origin
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
timing-allow-origin: https://vk.com
content-length: 554
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 audioplayer.fd7ee41b4aabe90fcd7f.js Show response
st.vk.com/dist/web/ Frame D876 5 KB
3 KB 136ms
122ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/web/audioplayer.fd7ee41b4aabe90fcd7f.js?270b001f71db951e4a9ce54083c9f6e1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

723a6468dc6bce37214f79689196a95973c50c9ac0759eed6c6601241cee1ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Tue, 15 Aug 2023 13:03:07 GMT
server: kittenx
content-encoding: gzip
etag: W/"64db778b-12fe"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 widget_community.ec3bcbe88336ef48f0b7.css
st.vk.com/css/al/ Frame D876 21 KB
5 KB 133ms
120ms Stylesheet
text/css 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/css/al/widget_community.ec3bcbe88336ef48f0b7.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

6796d058f931b3c9ffef914468019f92f4140d4709d93b1f412293ae6216ffcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Fri, 14 Jul 2023 23:18:25 GMT
server: kittenx
content-encoding: gzip
etag: W/"64b1d7c1-532d"
vary: Origin
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 likes.0238c80545f3deef65b1.js Show response
st.vk.com/dist/web/ Frame D876 19 KB
8 KB 136ms
122ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/web/likes.0238c80545f3deef65b1.js?fdfec896f2a64b8a07a03e4b7cd4cb22

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

10148cc9ebda280e936a89f462e6f00b857b9e51c6a235eb0b80d74bd81fac3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Tue, 15 Aug 2023 01:55:56 GMT
server: kittenx
content-encoding: gzip
etag: W/"64dadb2c-4acc"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 community.js Show response
st.vk.com/dist/api/widgets/ Frame D876 2 MB
617 KB 137ms
123ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/api/widgets/community.js?74a9c59fc59e342f0f4a

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

1296929eeb1556dc7a4d934895527a777e1af57c435455e824b6a17dc2ac293c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Wed, 16 Aug 2023 23:53:30 GMT
server: kittenx
content-encoding: gzip
etag: W/"64dd617a-18a1a1"
vary: Origin
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 base.75c547c1964bba059f4d.css
st.vk.com/css/al/ Frame D876 118 KB
27 KB 82ms
68ms Stylesheet
text/css 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/css/al/base.75c547c1964bba059f4d.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx /

Resource Hash

2958d1c937bbf0a39f3a03bab08f6814cc4b29d28d04a1d6e7938737cbca35fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:16 GMT
strict-transport-security: max-age=15768000
x-frontend: front512004
last-modified: Tue, 08 Aug 2023 15:30:12 GMT
server: kittenx
content-encoding: gzip
etag: W/"64d25f84-1d6d6"
vary: Origin
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
timing-allow-origin: https://vk.com
expires: Mon, 21 Aug 2023 05:12:16 GMT

GET
H2 200 zwQmGY4jLnGnCQBV-v0poOPXyF1hs0jPm7YbFNJz4tr2sTBimKXLV-R8ejPlHOqvngFk1g.jpg
sun9-72.userapi.com/s/v1/if1/ Frame D876 3 KB
3 KB 377ms
37ms Image
image/jpeg 87.240.185.171
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sun9-72.userapi.com/s/v1/if1/zwQmGY4jLnGnCQBV-v0poOPXyF1hs0jPm7YbFNJz4tr2sTBimKXLV-R8ejPlHOqvngFk1g.jpg?size=50x50&quality=96&crop=0,10,300,300&ava=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.185.171 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv171-185-240-87.vk.com

Software

kittenx /

Resource Hash

d18b349759c435d2eb92c89bc0e9b8f3055bf6c62647d87c1c996eed10dc5646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
strict-transport-security: max-age=15768000
content-length: 3016
x-frontend: front220307
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: kittenx
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Frontend
x-imp: 527502
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: https://vk.com
access-control-allow-headers: X-Quic
expires: Sat, 16 Sep 2023 05:12:17 GMT

GET
H2 200 camera_50.png
vk.com/images/ Frame D876 570 B
743 B 37ms
37ms Image
image/png 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vk.com/images/camera_50.png
Requested by: Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=220px&_ver=1&gid=53383122&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=140&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&referrer=&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&18a01e89e6b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv164-137-240-87.vk.com
Software: kittenx /
Resource Hash: e3b9c102be54a21fc534271c42ff116be61325240fac9649023cc6adf41d8e72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community.php?app=0&width=220px&_ver=1&gid=53383122&mode=0&color1=FFFFFF&color2=2B587A&color3=5B7FA6&class_name=&height=140&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&referrer=&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0&18a01e89e6b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
last-modified: Tue, 22 Sep 2020 20:29:55 GMT
server: kittenx
etag: "5f6a5ec3-23a"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 570
expires: Thu, 24 Aug 2023 05:12:17 GMT

GET
H2 200 5g6z1zWfRCHZciIjaQJmAy4rFcRyRs-5A8h11itcGd45Gl2Gk01uq_qYStadbfoPqDEOyy6G.jpg
sun9-78.userapi.com/s/v1/if1/ Frame D876 3 KB
3 KB 143ms
39ms Image
image/jpeg 87.240.169.1
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sun9-78.userapi.com/s/v1/if1/5g6z1zWfRCHZciIjaQJmAy4rFcRyRs-5A8h11itcGd45Gl2Gk01uq_qYStadbfoPqDEOyy6G.jpg?size=50x50&quality=96&crop=362,12,588,588&ava=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.169.1 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

mx.vk.com

Software

kittenx /

Resource Hash

f7da068da00a4c9b6da209f318f110e34436631bb8e7c11562d4cfb4c8b49b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
strict-transport-security: max-age=15768000
content-length: 3156
x-frontend: front806206
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: kittenx
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Frontend
x-imp: 525602
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: https://vk.com
access-control-allow-headers: X-Quic
expires: Sat, 16 Sep 2023 05:12:17 GMT

GET
H2 200 uoFcVfOMOJK2_JQcoX0zRHRzc1QBZtvzW7Q_xsDEfygPaDCeiaXEgaRizRB3loCMYSGwWgZFkztM3-m7OtOnCXue.jpg
sun9-80.userapi.com/s/v1/if2/ Frame D876 3 KB
3 KB 158ms
37ms Image
image/jpeg 87.240.169.3
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sun9-80.userapi.com/s/v1/if2/uoFcVfOMOJK2_JQcoX0zRHRzc1QBZtvzW7Q_xsDEfygPaDCeiaXEgaRizRB3loCMYSGwWgZFkztM3-m7OtOnCXue.jpg?size=50x50&quality=96&crop=74,54,293,293&ava=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.169.3 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv3-169-240-87.vk.com

Software

kittenx /

Resource Hash

ed467a650bb48df0a751e7f719c9995e77958478bdec47bae6b1ac81a9fa85c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
strict-transport-security: max-age=15768000
content-length: 2996
x-frontend: front806208
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: kittenx
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Frontend
x-imp: 226212
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: https://vk.com
access-control-allow-headers: X-Quic
expires: Sat, 16 Sep 2023 05:12:17 GMT

GET
H2 200 f5x9zXF04FXijBYFarDdcq5YQi7P7nCtFunZKp1Xv_JRPDsiDoR9r_zeKKkTJWX97UluYGli.jpg
sun9-75.userapi.com/s/v1/if1/ Frame D876 3 KB
4 KB 143ms
39ms Image
image/jpeg 93.186.227.158
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sun9-75.userapi.com/s/v1/if1/f5x9zXF04FXijBYFarDdcq5YQi7P7nCtFunZKp1Xv_JRPDsiDoR9r_zeKKkTJWX97UluYGli.jpg?size=50x50&quality=96&crop=52,0,404,404&ava=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.227.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv158-227.vkontakte.ru

Software

kittenx /

Resource Hash

be3225b9e9a479fa3962a95877a1da4d29bef23447f171b59a21c995d0aeaadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
strict-transport-security: max-age=15768000
content-length: 3259
x-frontend: front604602
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: kittenx
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Frontend
x-imp: 525600
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: https://vk.com
access-control-allow-headers: X-Quic
expires: Sat, 16 Sep 2023 05:12:17 GMT

GET
H2 200 Ik8p_8zISU7mncrFEcNNgQfdHQF4EkJUxjZSofg0Ejh6qtHYG_9mfakhVmcn13THJlA2muwtrhx92imDnpuQeje4.jpg
sun9-6.userapi.com/s/v1/ig2/ Frame D876 3 KB
3 KB 142ms
38ms Image
image/jpeg 87.240.185.133
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sun9-6.userapi.com/s/v1/ig2/Ik8p_8zISU7mncrFEcNNgQfdHQF4EkJUxjZSofg0Ejh6qtHYG_9mfakhVmcn13THJlA2muwtrhx92imDnpuQeje4.jpg?size=50x50&quality=95&crop=0,144,1094,1094&ava=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.185.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv133-185-240-87.vk.com

Software

kittenx /

Resource Hash

2ac1bc55ca4e4b43f3fd48110675be9cf53d58feff41ef29b56ddbc3166f1b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
strict-transport-security: max-age=15768000
content-length: 2737
x-frontend: front221105
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: kittenx
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Frontend
x-imp: 825005
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: https://vk.com
access-control-allow-headers: X-Quic
expires: Sat, 16 Sep 2023 05:12:17 GMT

GET
DATA 200
OK truncated
/ Frame D876 436 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcab021c706550a1acd80d7f7848e434abaf2830c91f4217fc17301dc9b4f172

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame D876 62 KB
62 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e

Request headers

Referer
Origin: https://vk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ Frame D876 62 KB
62 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d

Request headers

Referer
Origin: https://vk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ Frame D876 39 KB
17 KB 151ms
45ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

a3e983aa47b1f2934305b695d1ed4960d635377c922b1f477b9ffc29df4dd32c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Fri, 11 Aug 2023 13:12:12 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"64d633ac-9a0f"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Thu, 17 Aug 2023 06:12:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF2F 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChgmMkrUxFxwPMkHPrv55ZQYalBO83rjsr52qJIl03mO3fiWMLV5mpzJwE2h0yxpf730NsgLeI4WZTh2zV9Rs6LEfWqwkdc8yNwvsyu7OX55p3DDk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=1664212738&adk=1969458916&adf=854766408&pi=t.ma~as.1664212738&w=300&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=300x600&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1692249136553&bpp=1&bdt=270&idt=197&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=XKGPeZALkd&p=http%3A//rulsmart.me&dtd=200

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF2F 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7046754842308464447&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BF2F 86 KB
29 KB 62ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 05:12:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame BF2F 3 KB
1 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame BF2F 20 KB
8 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF2F 180 KB
56 KB 50ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 05:12:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0ADB 14 KB
2 KB 41ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=8070673132&adk=926445072&adf=683863926&pi=t.ma~as.8070673132&w=300&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=300x600&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1692249136546&bpp=7&bdt=264&idt=189&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=chUE5Epebl&p=http%3A//rulsmart.me&dtd=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Aug 2023 05:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 04:26:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Aug 2023 05:12:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 0ADB 2 KB
945 B 37ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 0ADB 23 KB
9 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 0ADB 3 KB
1 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 0ADB 20 KB
8 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0ADB 180 KB
57 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 05:12:17 GMT

GET
H2 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame 0ADB 35 KB
15 KB 66ms
9ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 493E 624 B
246 B 52ms
51ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYrt7A3QEwAQ&v=APEucNXeHvdMUVwOTMhaezZ2zSueoT5xLf1lZjISKoUGf4fcZMyDCtDGXm864aL-_WwwLo3i0e1pij2ao9-lvrnoegKPGhS43TEmOHxMXsBJo5sA045kTI6DSIOND0f5HacRO2OYC3w9u6PyPqYe7eytH7gCPJybguGqWHDTFMOJ1kAHk5CLpyw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=1664212738&adk=1969458916&adf=854766408&pi=t.ma~as.1664212738&w=300&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=300x600&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1692249136553&bpp=1&bdt=270&idt=197&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=XKGPeZALkd&p=http%3A//rulsmart.me&dtd=200
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:17 GMT
expires: Thu, 17 Aug 2023 05:12:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 154 KB
52 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4125fbc3eaefadfb530ce8a053be8d50c0451713d396e4ca64b1e0283621da4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53701
x-xss-protection: 0
server: cafe
etag: 8276969640860262361
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 05:12:17 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 493E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZyD-8AAdvDOS-BtY7Cox8&google_cver=1

43 B
766 B

33ms
16ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZyD-8AAdvDOS-BtY7Cox8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYrt7A3QEwAQ&v=APEucNXeHvdMUVwOTMhaezZ2zSueoT5xLf1lZjISKoUGf4fcZMyDCtDGXm864aL-_WwwLo3i0e1pij2ao9-lvrnoegKPGhS43TEmOHxMXsBJo5sA045kTI6DSIOND0f5HacRO2OYC3w9u6PyPqYe7eytH7gCPJybguGqWHDTFMOJ1kAHk5CLpyw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 05:12:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZyD-8AAdvDOS-BtY7Cox8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 493E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN2sMaZMjfEZIOgOZWbauAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZyD-8AAdvDOS-BtY7Cox8&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZyD-8AAdvDOS-BtY7Cox8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYrt7A3QEwAQ&v=APEucNXeHvdMUVwOTMhaezZ2zSueoT5xLf1lZjISKoUGf4fcZMyDCtDGXm864aL-_WwwLo3i0e1pij2ao9-lvrnoegKPGhS43TEmOHxMXsBJo5sA045kTI6DSIOND0f5HacRO2OYC3w9u6PyPqYe7eytH7gCPJybguGqWHDTFMOJ1kAHk5CLpyw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 05:12:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZyD-8AAdvDOS-BtY7Cox8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 493E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKx9jcYEsVfB5XSoJ54lB9o&google_cver=1

43 B
842 B

46ms
46ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKx9jcYEsVfB5XSoJ54lB9o&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYrt7A3QEwAQ&v=APEucNXeHvdMUVwOTMhaezZ2zSueoT5xLf1lZjISKoUGf4fcZMyDCtDGXm864aL-_WwwLo3i0e1pij2ao9-lvrnoegKPGhS43TEmOHxMXsBJo5sA045kTI6DSIOND0f5HacRO2OYC3w9u6PyPqYe7eytH7gCPJybguGqWHDTFMOJ1kAHk5CLpyw

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:18 GMT
an-x-request-uuid: 411bd837-3602-4d51-9615-2eee86483233
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKx9jcYEsVfB5XSoJ54lB9o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 493E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMzMTc0MDM4NTU0MzEwODYw

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMzMTc0MDM4NTU0MzEwODYw

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:18 GMT
an-x-request-uuid: 611f57be-5003-4531-b244-14803320f235
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMzMTc0MDM4NTU0MzEwODYw
x-proxy-origin: 138.199.38.132; 138.199.38.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14917290310424539996/ Frame 0ADB 20 KB
20 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14917290310424539996/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6beebd598508632e19e2c42f7458d0da478d1257b08f1e04af51872f0b359135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 13:42:23 GMT
x-content-type-options: nosniff
age: 314994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20332
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 16:01:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 12 Aug 2024 13:42:23 GMT

GET
DATA 200
OK truncated
/ Frame 0ADB 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0ADB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF2F 0
20 B 76ms
54ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7379875949736&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF2F 0
20 B 70ms
48ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7379875949736&version=m202307240101&ct=76&x=1&cor=7046754842308465000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BF2F 91 KB
38 KB 117ms
70ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2oxUd0J6Elqsq1lOQ3m2k_4F2RcEPe2ohlDHi14OXpZ6Nx8EODQBjP5-6Zf01eys-GuP-_SN_FMCr_9nzi1GCLuF--L8Z1ZJDYPY85Cd93hjmhuwqOhKN8HIp4XZ54LPbYy2mBL7O0sKo3-X4sxjR9iEJzXkoRMveL1rQFl_JU_dQDIA&dbm_d=AKAmf-C2ATaZpoF0TszLg4Jyut9863BvcAkWtr-LBj7l5-Vq2ldGgM9kbyiEL_YV5Y0RAcZpp6ylvW-F9TRNOlRyKG45Hd1NZGtjf7PbLknP2MmK44mUdPGxuz5IgNFOeseJ-FqFTADUoPCsX2PMhyOk-7EQm3oUOHItNYVF6g3tqBUoOWm0HKALNCvSgjOV4o45hVchAZzEaOPTc0BzE94zSR2w5IXbDVKLa3OovVtyGIYgHF1jP8wAWaL_75ZR9pZgPez5Z-nEGVpGCaIHiyhlxmi12cETv10xNSnev8a4ixJj9JPBACOARrfek1RnYNdKeflh2-B3Yps2EH5EBg-eVuDCcGY7qOgiAEjfeAWhjfzTQa7nyxrTq7YmxyInYMEuJJcHsxUkWV_JcTZFlA3APcWkRu--98dCyOQj-ffiQUdQQm8D64_hzTEEWgS2Wa152rfegOaGWXm3K9uMP7LnDJjZRSHGnYPuM4AsVrZS3P0cLJSdAEBiPUq9Woa2cDiI_wKdkUUQkWCOo2tvr_E4B-Fz8kUPPnql5bxXuWkBgW2zUoI-7xI52U3-z59TKb7vQP8nBwzV6bY9MWC_YfNJO4IcsCZ2n3bYAcjLcYFcgCSJ3GllIWSayG4kYyNccaIGf4eV_CA7cvnDx2voQf4O3l9WdjL4WEMDl2-AMXJ_CVEEZCCn7d1STkFdk3EAKO7WTLpF7exvjybmEeNgtgkAwT6YuRKCafhKJVL14uYwjE6BJrrMk514DTAfbEgnrRByV5IQN-f5Yn6fUS1WJFigG5S1crbkeahrJlHarP7Nfrd1K4BjAvwtC7_n5oJuAFicNtSXkMgCuusQkZNrN7dNEo6PI67QZohH7J7-z1JMPmMdDFFPTOUn2mhcxpacuFW6XKpbgQWQ6VP8GjxNIVinnpZugBmUCCYsdBXRoygdlNsC4I20itNlm3AZrmjsYAriToa7HoEhUeOT0STdriHR7JtUBPzUcDu7ZSNbZ_X6AZqJCPIXLRj_OBRPUp9EzMNP_OuioSW-Q4HWPDGeEoKTJh4DdF55iYDa7IyoaG1KF58ZCAHby3P2nT1skBAlDnaCEvN0j4U64FszVlNeQsEWzO5Os6rraUfK7mdHhN-exrShOeLR5BX4hBUd8P6nvhqQGq2prXwQJ4QeCOHkeYcUl95TLRMNoi1tp4pnTM2EEZTYzkJhx1nEa4lGkriTjKLNR8Zkca_RxHoU-1bqvU0Ar8juzGcTWqF4_fH4V_Mv0eK2663Zp853_4Zv2UNt_wv8ZI_IxDwfq2wkH30KGPmLxoSfyRexTkOUgPrAayN1JVnWlvjk8Su_6l5a0W0gdFXksAU7lvpWl5MTnpAMRLnNRBdcdxsEVK3vVk-kf9nQPDE7cP78zaUkL6MsQtapYsDk0_LU4uz8pEQ0n7jyC9_HA92gcAe01hE9hu8SgbtiuMEl0Xg5nP_kk4-VucE98AhXQeg_WN9NlSZxEYZupzuYWg0n04GCTNRGWt0xle8szDwhNMkUyeAAY9XqhKbVy9a2bq4SfOVrY-lHLPe_A4ERsPlniGEBdZM2GCjyus0yIqGoRmu-Nf7g0ZA4eP_q0s1UrTdlJfid6vJ2tehT0p1aWf3Cr02lMjX5QARJm6_7Bj2x2FccT-QWXup5t4Y4BfV-baw2o_-bHV0jPJtL4aqy2LaNKLz17ejNarp_64XoAuCmpnYVk7TDx5qMbp7X3siVwzWdIdItrkE-3ExfLigRMCG38GCK2J3F3vOAPC-btrNxBkPHpUqu2F1zRTK4iQ7kwZMcPsIDm4fN0jHnXDvvKPnafUYy0O-VUAKnIwbCLWnF2K2tdhHAQRfWclLS4LYwbDxbJAMXSxyYyLLQQlmlg-GJn9WVVLPl2MXRkX8hdBj2fWUUi9o7IQmKD77xhfsoOn9kTKKaUGuYk7-EBmBVtHR3KBrrYloF5kidcvjhp-7P1qGajO112dC0DzKF64ZSRn20jNfStK3fAuwS_ei_MTDbwkIi37JL8c35jcsu3O-EtDTaakvK-KzltsKcKZmQx1YjWnggCIn7QGa_9uyY32k7njxaEhLM-iyn0wm1eVMsK0nYR6mLaZMO3Pl4b5ANkUj5kWMBRYPzJdpE10LYR2Z5rZtRDScsFtHz3Pc0-2mhu4n16YgRsG-0wVaVFw_s_B2hayFjd7cK7eHkx5VNZNcEyuzbAEkxOlPaC-gWKDO_ANwaWhFiYZJKUIXdlPkQ8kKwpAOFe2u0Eyjs897mkr5pIHcHRO6j5Agr-81vikV04e76zBSNfHOW0HKw6JJ3OkDxnXr6xgLCAqMln0Xsek4PmqGmVeBM8m-OKNat6O6wZLBuiuuG9B431efRBQgI-DqvQhHQiUFKky9ziRvoPNonsA3B2ds7HhG8GLaPuY30Bid7YxYAxCjltRfwzOg3fdn9a7gFkhEgvgup1B5auR3Q89dcS9FR7UbiQS1K6jfGsYbO4BDkyx16AAKV6Js7HfPIaOV_rEU-fDI77OgnIRMqwPb6xRb7mIOhsioweAZQgXZZaiyqQuW5M9nQe0mb7b4BKkFTwwDZY9tMl_YZOtnQ-gdFJ1XUbI0AQL73y1EgnPBMNNkzlKvRtzrjdvX4kILZzozit8fHlDkTWbDKDuOz87OueCfWXqhS2fnP8dzH69l5nJFFTMU6zELKwSr3iOSiCU9GmbqhCTc75fvLl93LGeJE3fadyLYKB-OIpgc_GSglCefWi47pe4K2kVyxqHZ_nJ2Wy7ijXQPZ1s4nv39Mp76oEfo3z2humcGED4WLPKbd1-UvPeeUtc13GraVvLv4OuVEBTLkkokRFBxhJcawLsp0fGElEeRruHQg0tVfrJeI_yoRH9dFj9saH_VIzSkpm-bGouLMB6XBPLO_7hofi7yLuyYcSAxg5aIsKkIeCdEu82keEpbntB-Y_AxApN7JkCrVFQ6gWu9FMXOXR4Negz6UIM0Za4q3eZhUszriMQVGplTr_s2ZIYkKZgchfxIrJudfqG--vrBNWO_53VMDwq9syddlv-wVNGc3P7jrBr2-Zu46IQpi-eVnyZG8l9YSHWMHgRKUySkiisrc761upPIpH1anHnt-yc8-WSfSYD0gS9sQmw7gax3fi3DiNuUjaUVeApkzkxtNnxiazFuZ2K7CUfWLRRPna7OYUO4d9DpVsQ7lgmlivGCQ0pXEf7xZysgKJlU9gNbq-jkbBVLE7yNV8HKAQp7WjRydEbQqj8-JOlPkjnzy0TY5lWXulxovA42MWYnMwwR3zVdUEfSNurzEj0reQS-Qgo1ggMfa9cHt4vqwf1Gef6TBWeV21kkyg1FO9KfAYCIvdlZBlQuY6zDJcAtT07cttTKnS63La9ptmdKjXAw7p-SuSYQkGUYCV8YDiDe_KAEkFJ6YPUtId3hLFBdq__uEfgjOnfQm-H-WrjiPKpeQdI2cS735b7hyWiamh7eDo7UMaMVw1GohZnSbMRTjRphze2bHVxRAozU1NDS5OLK0DJRnf_9WtpCsoyZXg0neDYFHCEKL3vag0C3wt2yb_Bj4b-uHkcB2fVx9FxsAIaqDY1HyRKBPGQkHeaZy5ZakAFtvh-OEC9SVowstPqxPLOrPnS0Aa7HMcTJYSlq-k_xVnCk2lGigfjXt-1dRfdUFIr8wLscyIijeNHZ0EMPZpd-GUCxBVXjVt0fMKkCk0gVA3YtFYsFngB7C1yO2S4IkYIB6FSxntuOT3lBONCnj0J7MQKG0cL-SVcWNg4UW_xhlfyjfmdU8tNGEfjmBjUo_BTu2d_jTtylmUv-In7yJba2vIY3G4rJdBsMo_CLsCuYqECZWnby9Y90XrQNNJ3h0BohNjGtyOulsANLupID2K20wtE9J0ie07d8-YQSMv2gCTfdHFnYunSNiUthfHOKg6lM8nRsDl1pF8lksWvy3sVxFbEp285beg6tbLNX95nO2gpfD_uxCA0HCIz8pP0WvrO7smwWODbXAVpsvX4km_HUxyepk3tuYiJGLd-2suh5DIdZHiibakzHWGslEA5gR-tSeM9JMmqATnqjKX64faFPSx0xuZilPWvTAWrhBm9LVOSXGkZPbdX8evbg0&cid=CAQSGwBpAlJWEGcPKoqipSHUkCRHHtz4gme-jHzQjhgB&dv3_ver=m202307240101&rfl=http%3A%2F%2Frulsmart.me%2F&ds=l&xdt=1&iif=1&cor=7046754842308465000&adk=250412560&idt=87&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feccd89ad5e1956fd5432496ef82b0d903fe30fe89d53d92bfa952f40752c234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=1664212738&adk=1969458916&adf=854766408&pi=t.ma~as.1664212738&w=300&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=300x600&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1692249136553&bpp=1&bdt=270&idt=197&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=XKGPeZALkd&p=http%3A//rulsmart.me&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38631
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 87F4 6 KB
779 B 70ms
20ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1885653797&adf=1795251393&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136556&bpp=4&bdt=274&idt=219&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600%2C1040x280&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&fsb=1&xpc=mqu2JJpzNA&p=http%3A//rulsmart.me&dtd=221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Aug 2023 05:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 03:27:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Aug 2023 05:12:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 87F4 2 KB
892 B 49ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 87F4 23 KB
9 KB 52ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 87F4 3 KB
1 KB 52ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 87F4 20 KB
8 KB 52ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87F4 180 KB
56 KB 64ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 05:12:17 GMT

GET
H2 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame 87F4 35 KB
15 KB 43ms
25ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ Frame D876 43 B
988 B 57ms
44ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2685520;u=http%3A//rulsmart.me/engine/vfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D;st=1692249137552;pid=0;title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0;s=1600*1200;vp=220*216;touch=0;hds=1;frame=1;flash=;sid=baa22c45c916579e;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9.3//4g/0/0/;lvid=1692249137988%3A1692249138018%3A1%3A6595ca4fee30c81240633adb02dc0a3f;visible=true;_=0.27465325470422575

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Aug 2023 05:12:18 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://vk.com
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://vk.com
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://vk.com
access-control-allow-headers: *

GET
DATA 200
OK truncated
/ Frame 0ADB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e35e20d1e072e50c70e89ae70aa6299ab2f369c3a52702f0e49ba774003d680

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14917290310424539996/ Frame 87F4 37 KB
38 KB 14ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14917290310424539996/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caff739804cc7ba8a46ab2ce71a8c38d1d7b52d889d7d18146c21cd1d5dffc0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 08:59:59 GMT
x-content-type-options: nosniff
age: 331939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38389
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 16:01:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 12 Aug 2024 08:59:59 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/ Frame F1FF 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 05:14:27 GMT
etag: 13776922816869014096
expires: Wed, 30 Aug 2023 05:14:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/ Frame 709B 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 05:14:27 GMT
etag: 13776922816869014096
expires: Wed, 30 Aug 2023 05:14:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 tracker
top-fwz1.mail.ru/ Frame D876 43 B
903 B 46ms
46ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2685520;u=http%3A//rulsmart.me/engine/vfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D;st=1692249137552;pid=0;title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%84%D0%B0%D0%B9%D0%BB%D0%B0;s=1600*1200;vp=220*216;touch=0;hds=1;frame=1;flash=;sid=baa22c45c916579e;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1692249136758/////0/0/0/0/0//1/125/126/170/794/794/795/1329/1329/1329;ni=9.3//4g/0/0/;lvid=1692249137988%3A1692249138089%3A2%3A6595ca4fee30c81240633adb02dc0a3f;visible=true;_=0.825440151295681;e=RT/load;et=1692249138087

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Aug 2023 05:12:18 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://vk.com
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://vk.com
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://vk.com
access-control-allow-headers: *

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame BF2F 172 KB
61 KB 47ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 09:29:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame BF2F 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2oxUd0J6Elqsq1lOQ3m2k_4F2RcEPe2ohlDHi14OXpZ6Nx8EODQBjP5-6Zf01eys-GuP-_SN_FMCr_9nzi1GCLuF--L8Z1ZJDYPY85Cd93hjmhuwqOhKN8HIp4XZ54LPbYy2mBL7O0sKo3-X4sxjR9iEJzXkoRMveL1rQFl_JU_dQDIA&dbm_d=AKAmf-C2ATaZpoF0TszLg4Jyut9863BvcAkWtr-LBj7l5-Vq2ldGgM9kbyiEL_YV5Y0RAcZpp6ylvW-F9TRNOlRyKG45Hd1NZGtjf7PbLknP2MmK44mUdPGxuz5IgNFOeseJ-FqFTADUoPCsX2PMhyOk-7EQm3oUOHItNYVF6g3tqBUoOWm0HKALNCvSgjOV4o45hVchAZzEaOPTc0BzE94zSR2w5IXbDVKLa3OovVtyGIYgHF1jP8wAWaL_75ZR9pZgPez5Z-nEGVpGCaIHiyhlxmi12cETv10xNSnev8a4ixJj9JPBACOARrfek1RnYNdKeflh2-B3Yps2EH5EBg-eVuDCcGY7qOgiAEjfeAWhjfzTQa7nyxrTq7YmxyInYMEuJJcHsxUkWV_JcTZFlA3APcWkRu--98dCyOQj-ffiQUdQQm8D64_hzTEEWgS2Wa152rfegOaGWXm3K9uMP7LnDJjZRSHGnYPuM4AsVrZS3P0cLJSdAEBiPUq9Woa2cDiI_wKdkUUQkWCOo2tvr_E4B-Fz8kUPPnql5bxXuWkBgW2zUoI-7xI52U3-z59TKb7vQP8nBwzV6bY9MWC_YfNJO4IcsCZ2n3bYAcjLcYFcgCSJ3GllIWSayG4kYyNccaIGf4eV_CA7cvnDx2voQf4O3l9WdjL4WEMDl2-AMXJ_CVEEZCCn7d1STkFdk3EAKO7WTLpF7exvjybmEeNgtgkAwT6YuRKCafhKJVL14uYwjE6BJrrMk514DTAfbEgnrRByV5IQN-f5Yn6fUS1WJFigG5S1crbkeahrJlHarP7Nfrd1K4BjAvwtC7_n5oJuAFicNtSXkMgCuusQkZNrN7dNEo6PI67QZohH7J7-z1JMPmMdDFFPTOUn2mhcxpacuFW6XKpbgQWQ6VP8GjxNIVinnpZugBmUCCYsdBXRoygdlNsC4I20itNlm3AZrmjsYAriToa7HoEhUeOT0STdriHR7JtUBPzUcDu7ZSNbZ_X6AZqJCPIXLRj_OBRPUp9EzMNP_OuioSW-Q4HWPDGeEoKTJh4DdF55iYDa7IyoaG1KF58ZCAHby3P2nT1skBAlDnaCEvN0j4U64FszVlNeQsEWzO5Os6rraUfK7mdHhN-exrShOeLR5BX4hBUd8P6nvhqQGq2prXwQJ4QeCOHkeYcUl95TLRMNoi1tp4pnTM2EEZTYzkJhx1nEa4lGkriTjKLNR8Zkca_RxHoU-1bqvU0Ar8juzGcTWqF4_fH4V_Mv0eK2663Zp853_4Zv2UNt_wv8ZI_IxDwfq2wkH30KGPmLxoSfyRexTkOUgPrAayN1JVnWlvjk8Su_6l5a0W0gdFXksAU7lvpWl5MTnpAMRLnNRBdcdxsEVK3vVk-kf9nQPDE7cP78zaUkL6MsQtapYsDk0_LU4uz8pEQ0n7jyC9_HA92gcAe01hE9hu8SgbtiuMEl0Xg5nP_kk4-VucE98AhXQeg_WN9NlSZxEYZupzuYWg0n04GCTNRGWt0xle8szDwhNMkUyeAAY9XqhKbVy9a2bq4SfOVrY-lHLPe_A4ERsPlniGEBdZM2GCjyus0yIqGoRmu-Nf7g0ZA4eP_q0s1UrTdlJfid6vJ2tehT0p1aWf3Cr02lMjX5QARJm6_7Bj2x2FccT-QWXup5t4Y4BfV-baw2o_-bHV0jPJtL4aqy2LaNKLz17ejNarp_64XoAuCmpnYVk7TDx5qMbp7X3siVwzWdIdItrkE-3ExfLigRMCG38GCK2J3F3vOAPC-btrNxBkPHpUqu2F1zRTK4iQ7kwZMcPsIDm4fN0jHnXDvvKPnafUYy0O-VUAKnIwbCLWnF2K2tdhHAQRfWclLS4LYwbDxbJAMXSxyYyLLQQlmlg-GJn9WVVLPl2MXRkX8hdBj2fWUUi9o7IQmKD77xhfsoOn9kTKKaUGuYk7-EBmBVtHR3KBrrYloF5kidcvjhp-7P1qGajO112dC0DzKF64ZSRn20jNfStK3fAuwS_ei_MTDbwkIi37JL8c35jcsu3O-EtDTaakvK-KzltsKcKZmQx1YjWnggCIn7QGa_9uyY32k7njxaEhLM-iyn0wm1eVMsK0nYR6mLaZMO3Pl4b5ANkUj5kWMBRYPzJdpE10LYR2Z5rZtRDScsFtHz3Pc0-2mhu4n16YgRsG-0wVaVFw_s_B2hayFjd7cK7eHkx5VNZNcEyuzbAEkxOlPaC-gWKDO_ANwaWhFiYZJKUIXdlPkQ8kKwpAOFe2u0Eyjs897mkr5pIHcHRO6j5Agr-81vikV04e76zBSNfHOW0HKw6JJ3OkDxnXr6xgLCAqMln0Xsek4PmqGmVeBM8m-OKNat6O6wZLBuiuuG9B431efRBQgI-DqvQhHQiUFKky9ziRvoPNonsA3B2ds7HhG8GLaPuY30Bid7YxYAxCjltRfwzOg3fdn9a7gFkhEgvgup1B5auR3Q89dcS9FR7UbiQS1K6jfGsYbO4BDkyx16AAKV6Js7HfPIaOV_rEU-fDI77OgnIRMqwPb6xRb7mIOhsioweAZQgXZZaiyqQuW5M9nQe0mb7b4BKkFTwwDZY9tMl_YZOtnQ-gdFJ1XUbI0AQL73y1EgnPBMNNkzlKvRtzrjdvX4kILZzozit8fHlDkTWbDKDuOz87OueCfWXqhS2fnP8dzH69l5nJFFTMU6zELKwSr3iOSiCU9GmbqhCTc75fvLl93LGeJE3fadyLYKB-OIpgc_GSglCefWi47pe4K2kVyxqHZ_nJ2Wy7ijXQPZ1s4nv39Mp76oEfo3z2humcGED4WLPKbd1-UvPeeUtc13GraVvLv4OuVEBTLkkokRFBxhJcawLsp0fGElEeRruHQg0tVfrJeI_yoRH9dFj9saH_VIzSkpm-bGouLMB6XBPLO_7hofi7yLuyYcSAxg5aIsKkIeCdEu82keEpbntB-Y_AxApN7JkCrVFQ6gWu9FMXOXR4Negz6UIM0Za4q3eZhUszriMQVGplTr_s2ZIYkKZgchfxIrJudfqG--vrBNWO_53VMDwq9syddlv-wVNGc3P7jrBr2-Zu46IQpi-eVnyZG8l9YSHWMHgRKUySkiisrc761upPIpH1anHnt-yc8-WSfSYD0gS9sQmw7gax3fi3DiNuUjaUVeApkzkxtNnxiazFuZ2K7CUfWLRRPna7OYUO4d9DpVsQ7lgmlivGCQ0pXEf7xZysgKJlU9gNbq-jkbBVLE7yNV8HKAQp7WjRydEbQqj8-JOlPkjnzy0TY5lWXulxovA42MWYnMwwR3zVdUEfSNurzEj0reQS-Qgo1ggMfa9cHt4vqwf1Gef6TBWeV21kkyg1FO9KfAYCIvdlZBlQuY6zDJcAtT07cttTKnS63La9ptmdKjXAw7p-SuSYQkGUYCV8YDiDe_KAEkFJ6YPUtId3hLFBdq__uEfgjOnfQm-H-WrjiPKpeQdI2cS735b7hyWiamh7eDo7UMaMVw1GohZnSbMRTjRphze2bHVxRAozU1NDS5OLK0DJRnf_9WtpCsoyZXg0neDYFHCEKL3vag0C3wt2yb_Bj4b-uHkcB2fVx9FxsAIaqDY1HyRKBPGQkHeaZy5ZakAFtvh-OEC9SVowstPqxPLOrPnS0Aa7HMcTJYSlq-k_xVnCk2lGigfjXt-1dRfdUFIr8wLscyIijeNHZ0EMPZpd-GUCxBVXjVt0fMKkCk0gVA3YtFYsFngB7C1yO2S4IkYIB6FSxntuOT3lBONCnj0J7MQKG0cL-SVcWNg4UW_xhlfyjfmdU8tNGEfjmBjUo_BTu2d_jTtylmUv-In7yJba2vIY3G4rJdBsMo_CLsCuYqECZWnby9Y90XrQNNJ3h0BohNjGtyOulsANLupID2K20wtE9J0ie07d8-YQSMv2gCTfdHFnYunSNiUthfHOKg6lM8nRsDl1pF8lksWvy3sVxFbEp285beg6tbLNX95nO2gpfD_uxCA0HCIz8pP0WvrO7smwWODbXAVpsvX4km_HUxyepk3tuYiJGLd-2suh5DIdZHiibakzHWGslEA5gR-tSeM9JMmqATnqjKX64faFPSx0xuZilPWvTAWrhBm9LVOSXGkZPbdX8evbg0&cid=CAQSGwBpAlJWEGcPKoqipSHUkCRHHtz4gme-jHzQjhgB&dv3_ver=m202307240101&rfl=http%3A%2F%2Frulsmart.me%2F&ds=l&xdt=1&iif=1&cor=7046754842308465000&adk=250412560&idt=87&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 02:47:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 02:47:36 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame BF2F 30 KB
11 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 02:47:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 02:47:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BF2F 41 KB
13 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:25:04 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0ADB 33 KB
34 KB 37ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 432497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3 200 4e9503689cc568474c146d9979c074f7.js Show response
www.gstatic.com/mysidia/ Frame A54C 9 KB
4 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4e9503689cc568474c146d9979c074f7.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9ea77bdbdb2740b6029b3672b833edef7b592763a0ebbad204ef84c211a7c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3932
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 14:16:45 GMT

GET
H3 200 26d602273cbdc885b3acd5d1ed1b7ba0.js Show response
www.gstatic.com/mysidia/ Frame A54C 11 KB
5 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/26d602273cbdc885b3acd5d1ed1b7ba0.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6350dce6469ed24caf9785f9f9d3279bbf0042d58cbe2721cec9137c9aca9d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4721
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 05:46:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A54C 14 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Aug 2023 05:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 04:44:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Aug 2023 05:12:18 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame A54C 2 KB
892 B 12ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame A54C 23 KB
9 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame A54C 3 KB
1 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame A54C 20 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A54C 180 KB
56 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 05:12:18 GMT

GET
H3 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame A54C 35 KB
15 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame F1FF 4 KB
671 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Aug 2023 05:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 04:19:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Aug 2023 05:12:18 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame F1FF 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e443793c22c99a71ea0ca1ae621676267abbbc301e98d78122bdedcbf6ac893a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:31:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6470
x-xss-protection: 0
server: cafe
etag: 4595109392211754618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 23:31:46 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame F1FF 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:17:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:17:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 709B 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8CE 143 B
166 B 28ms
28ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 709B 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 709B 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 5138047284258434693
tpc.googlesyndication.com/simgad/ Frame 709B 19 KB
19 KB 26ms
26ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5138047284258434693?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql8TD7kKBCLmXBj098v3zIZogqCWg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214c88669b261d4ae62dc6fa3d7d1dfe3d8741fc7545cded1ec8372cf40e0393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 12:13:28 GMT
x-content-type-options: nosniff
age: 406730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19602
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 07:57:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Aug 2024 12:13:28 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 709B 180 KB
56 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 05:12:18 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 709B 35 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: cafe
etag: 17218437938740726354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:30:19 GMT

GET
DATA 200
OK truncated
/ Frame BF2F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e072dcc1a8cae3dfd598d53927bb89657770b7a91574d103434714df5ae5595e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0ADB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CMGlDMKzdZIe-L9aexdwP046h6AyczrmcaIWb3t6NEdLw0uCyARABIMTAjBxglfrwgYwHoAGQsajOAcgBCakCVYKMewxDsj6oAwHIA8sEqgSPAk_Qa3sJKnw6E3_CHObfCUhzkOzme3d4x-q...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215713923990082492062%22,%22debug_reporting%22:true,%22destination%22:%22https://djogb.com%22,%22event_report_window%22:%22...

0
0

62ms
45ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215713923990082492062%22,%22debug_reporting%22:true,%22destination%22:%22https://djogb.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22432674960%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221025068893231063905%22}&andc=true

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:18 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15713923990082492062","debug_reporting":true,"destination":"https://djogb.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["432674960"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"1025068893231063905"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 05:12:18 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 05:12:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15713923990082492062","debug_reporting":true,"destination":"https://djogb.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["432674960"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"1025068893231063905"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 87F4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb2622e79b6abecb169ba5e32e526bf4509c16be0a3661f8a1d45d2816fd2ca8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 543B 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:26 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5024850819942449152/ Frame 9201 4 KB
1018 B 47ms
15ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f261c15a6fc9e1c3ac37b3364356f61b37f2e662502d8a58147f0aac761034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 990
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:18 GMT
expires: Fri, 16 Aug 2024 05:12:18 GMT
last-modified: Fri, 17 Mar 2023 10:43:59 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF2F 0
0 94ms
56ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvgwdMH6bdQaMs3qA0tEy-fNDNF-SokV2ddE1pviVtbO5fo39xmSWJ_Wxvcob_5Iou6AYivxHyV1sOCsVn5yE5z690rIc4mKi07BPPtF2WzP551kUmWghPF2PSSF8vSam7fSDAFYNfCxiQv0_ydXx0Kr0gcmzFOUEX29qEZg5ErMVV8L1u2TUKD1uz4R74pbAzPFXOcLQnOpX_qc_nGv538mvENI9AW-Y24X8kKZ8Hi75zHGPg4PQtSleh7wI5CmkGMSS-bYP39IXUXHv1JHJTmoX-5zjzCaD8AKebrGpYswfelIlarT4hTsfOCY06tEXlo7kZTFRvqdWtO8NlXhWmO9nCbNdcMFjJsfGE_3i5EBGHiHzoBS0L0lAQuGw1YH7fkKQVs0roTB_iW9F-_9HGTA1Lk6CNRCV7CycJbtlY8l1jj36raFYbDlsuCY4UpcJFmNxt6iaUnSBSfnRrQ7Bl_OWmgx-1ZO2Nppe9ZhlEFwv40_m6I0W3l7Kdk7z0i_Uvn0q2k4Jn2indQTmrIP2VnyMQt6TOaAZJ0UJkwgMhGf7CPgVrXV0eCfjnQJqXraVhvORfU06Gzc5NlPfs1pZ2b_8oWrwJc_JCmgxai_b8167SfKKIK0ct-a02L-nRNgVE52SWqyucVRkivHx_GDaKcoyq7AenHzo8e1xzH0Jo2U7WSffb2C6RRE5YS6YiSGX1ZLqTvynQaZ9QkMrWagH_BALW9eSXCbx86_ae0TD9eMzJDS_9DU1QojngSA3gd0lI-N0Wj2biQem8RFz7FBmJBD_FJ7p2jdQqOlmH7Rv11_kIcgVAIOJa2vnYXwbFkNCxgv6XOOZ3Qtxo17-wMArwLWKjz4xfbk4ePWZ_LyZOgxuUDyZn3i88Na6-Jq6mj7YeW8SYIlJK8Ilv75jysmWQOc0qiQRw23W8ZxoaKnZTPLtxGUkw0_CnsC2qabAnx--ZvSm6ITMvX5Opvq0DpNPna4ZB0Ykns0JSyi5HvscnmCULiAdWXB9xfJPTDvC3_5__iRXmO7iworg4jwRHvF5yciL5s0395x4NqMzCs3wRUEPCrJDOCfXI3LsHhra2zxc1dgH2A9DXVGC5mEUtUTcJpzeVTSNv-6vSrMQ7BuNyRaaXgFE1wnQnSkNIcFe0NeHvNs-OphugDL5S63FeWr7QVvK7g2w6Hqi2RcidMuxn6JGdQTHlnj_byHj69OR18tsI0f41uiDOFLtzGnXb8NaOrNVtK4MMFcDzqshlKCk8vBA6FqvIiu_TKpKvCaoyn9tYFbYoADCX95DJIQsk&sai=AMfl-YR-KM55yMjEGW28E4ztCJ3CirfJODw_DCt4ay5aXiD1zWIRYi9ycy5NfAymVninH9oN1JfWyrhbZsVsPKo4VrQj9s0FKLHTTYtKfQ5amXDp98diklO3WI5VCsQmHVahLqtMBjHaL2jjWAG-pnslJUaVwXUHC0yAeQCY4WUDpGKr1hKMwDY&sig=Cg0ArKJSzHLiT1uPqHytEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=199&cbvp=1&cstd=188&cisv=r20230815.65933&arae=0&ftch=1&adurl=

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 05:12:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 17 Aug 2023 05:12:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 87F4 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 401699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 13:37:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 87F4 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 481763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 15:22:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 87F4 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 522326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 04:06:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84F3 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A01A 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 197658
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 22:18:00 GMT
expires: Tue, 13 Aug 2024 22:18:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 103ms
41ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 17 Aug 2023 05:12:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 8F53 23 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8F53 8 KB
750 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Aug 2023 05:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 04:43:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Aug 2023 05:12:18 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 8F53 15 KB
3 KB 49ms
7ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 05:45:19 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 8F53 368 KB
128 KB 50ms
8ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 13:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 13:36:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 8F53 20 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:15:00 GMT

GET
H3 200 styles.min.css
s0.2mdn.net/sadbundle/5024850819942449152/css/ Frame 9201 17 KB
2 KB 16ms
11ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5024850819942449152/css/styles.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

474ec03776446ba3780a6d7a5fc5fec62353a1a03a828bdd2591773ee05b05ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 18:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125472
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2313
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Aug 2024 18:21:06 GMT

GET
H3 200 script.min.js Show response
s0.2mdn.net/sadbundle/5024850819942449152/js/ Frame 9201 2 KB
687 B 23ms
19ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5024850819942449152/js/script.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905aa6b670126f63df5d271c7b9e452a9b37ace952407b46bff60a96b461e696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 658
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Aug 2024 21:56:08 GMT

GET
H3 200 global.min.js Show response
s0.2mdn.net/sadbundle/5024850819942449152/js/ Frame 9201 6 KB
2 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5024850819942449152/js/global.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b471e554c1d66aaf8729ba3070cc8d80a31d7b0c21b7dc1cc5f3d44d3c0c987f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473411
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2173
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Aug 2024 17:42:07 GMT

GET
H3 200 main.min.js Show response
s0.2mdn.net/sadbundle/5024850819942449152/js/ Frame 9201 5 KB
946 B 8ms
7ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5024850819942449152/js/main.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7d653b2a3e24313d33f813a8478c18f7b9afee27019037cb9ec713ae0daf82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 11:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 917
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Aug 2024 11:09:16 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9201 118 KB
40 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5024850819942449152/index.html?e=69&leftOffset=0&topOffset=0&c=vEkfFylDzI&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 09:29:05 GMT

GET
DATA 200
OK truncated
/ Frame A54C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fc0243bd5fbca07a3955ca7e381f7fbef07265a4b4a0ce2a7eb9ae6840eb073

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8CE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
19 B

19ms
19ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:18 GMT
expires: Thu, 17 Aug 2023 05:12:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 87F4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CNngGMKzdZIj4MPyXjuwP2KGXsAuczrmcaKWc3t6NEdLw0uCyARABIMTAjBxglfrwgYwHoAGQsajOAcgBCakCVYKMewxDsj6oAwHIA8sEqgSQAk_QtvWPcyyPfdSj3BvuRJR6bph6qo2qzRW...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215984550375105626606%22,%22debug_reporting%22:true,%22destination%22:%22https://djogb.com%22,%22event_report_window%22:%22...

0
0

45ms
45ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215984550375105626606%22,%22debug_reporting%22:true,%22destination%22:%22https://djogb.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22432674960%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210002826357412942257%22}&andc=true

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:18 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15984550375105626606","debug_reporting":true,"destination":"https://djogb.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["432674960"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"10002826357412942257"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 05:12:18 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 05:12:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15984550375105626606","debug_reporting":true,"destination":"https://djogb.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["432674960"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"10002826357412942257"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 32B2 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:26 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A54C 33 KB
33 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 432497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 49ms
46ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 17 Aug 2023 05:12:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 8F53 0
54 B 731ms
240ms Ping
image/gif 2404:6800:4005:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~llepg0a3&c=8408659966610&slotId=4204329983305&qqid=CNiXrKX34oADFdVVkQUdR0MOIg&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:805::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F53 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ck6chMKzdZNi_LtWrxdwPx4a5kAKezeSvcYDPsYe4EcGEwPz6ARABIMTAjBxglYKAgMAHyAEFqQJVgox7DEOyPqgDAcgDmwSqBIsCT9Bpzbo2W-Vk7N5t1okhIBU9XQrpDd1zAz6BZ459WK-VDBRSVG9MtotS8ffXy0UJuhn1-jPTQWyXMeDoYg4ImFxEPfVvmYnn3gt0XlDyseFRMt41Hgj_wFhGbt3ODGBXle-677jR_qXcwIUBAFaDnipuhgO8LMkK1H0qwObJLVHdKPNo9SkDqCtnMYP1bGy_tdAgvwKBZpVuuV3DLvuWgDxLmzhOrcpoqjgPwkYVInuo2W7lzHy3usdpgYRm8gUll3i9El6kkhKfNl8GskMjGVzucOnSy-O1ID084ODs8R9ZZefkPgChgnclDUpIYeBZfmQw9_sExNivIadbebaYxMDEGGda7yCi_Vv0wATYwImBswTgBAOQBgGgBnaAB9iO674CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbAT9JqzFMgTtJ2V4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1692249138804&ai=Ck6chMKzdZNi_LtWrxdwPx4a5kAKezeSvcYDPsYe4EcGEwPz6ARABIMTAjBxglYKAgMAHyAEFqQJVgox7DEOyPqgDAcgDmwSqBIsCT9Bpzbo2W-Vk7N5t1okhIBU9XQrpDd1zAz6BZ459WK-VDBRSVG9MtotS8ffXy0UJuhn1-jPTQWyXMeDoYg4ImFxEPfVvmYnn3gt0XlDyseFRMt41Hgj_wFhGbt3ODGBXle-677jR_qXcwIUBAFaDnipuhgO8LMkK1H0qwObJLVHdKPNo9SkDqCtnMYP1bGy_tdAgvwKBZpVuuV3DLvuWgDxLmzhOrcpoqjgPwkYVInuo2W7lzHy3usdpgYRm8gUll3i9El6kkhKfNl8GskMjGVzucOnSy-O1ID084ODs8R9ZZefkPgChgnclDUpIYeBZfmQw9_sExNivIadbebaYxMDEGGda7yCi_Vv0wATYwImBswTgBAOQBgGgBnaAB9iO674CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbAT9JqzFMgTtJ2V4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F53 0
54 B 724ms
240ms Ping
image/gif 2404:6800:4005:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~llepg0ad&c=8408659966610&slotId=4204329983305&qqid=CNiXrKX34oADFdVVkQUdR0MOIg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1m5&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:805::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 8F53 29 KB
17 KB 122ms
59ms XHR
text/xml 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C_H6Ed1Vg8l5Ga9AZkA91hIJvajVlfXkMOBEwOZovJMaC4ZcepmelplWasluHW6gTXq2xT_V7-TGZ743MDukl6pSqjZQ&cry=1&dbm_d=AKAmf-AnHqKFmG_r9ZTSrzT7dGCkK0Xnv1WZa3CKunieSBr7vewu9cqadh3CDz2_XeNJFMLIJfj11xrTG9Ewbr67PE1TCrTBdEB9gMyU__v4VEeGXYa1E2XWHIQdEdfiqoO3IirMTXDiPGHq8F-Dr0HV8KpIM8ceoWp4T35yuYqyAwxJyDLn48xc4lvKQgJyl3-3V2KQqguAf3mIUQbWUT6hXu9jtXUxVrKiACNAM1GGNp3N6YzDo0LufZjHatobNdXqymL9txewfDlzeqm6GkgCeltXTGUs3Y9-DJ5IMjXYdoAXftObyCGEdQLlSUlV3792wiOZ5oVGWzPxSpBG5D5ofxjxolKYshyyg2onKU5miGQa8qs8i-H9QTzzs3tJGbtxqIdwAwKBYOauNNF_wYzNxX18lJSeAGy_ziP8td-iP94nhGivJYlfC87E-vAlPV7xtfnz1Wre_APi2HDDSuBJPQnuyaurZ7lBR7L_Bm1IYpoNjR4tzX0NRRVgPGuk3TTFNzhYFmrPjcJZcV3D9AeS-m1fFoCSlYtwwag9q_JFRrB5kmBZvwfe107auRk2AIxI38saxPnqvLiR1rQcC_nk5_yUy3PQ0nlRl3fOlHzetAc8Mp1wZOqoYU6qVrfHowO_oaYUKxoQ5oWTHa3bW7d3bI4WUQqFJfJ8vhpaOV2SBHgOJilIoYcadVDb3DPFQjjl4wgn6VqfoqA2NpeByjYEaYLyJe_TZRjgdy_aDMWLM5dQQm_G5Pe-NWM7BJtcdG8FU0i2hTtg_D3rC5HKVC4dFij2TvyiJQ4BMDEvl76UG4EiOH0qe7t0cgnbvowUp1qZ0imTT6ABXz5xgzdk9TFHIkMwVdddEDWrbxpcJax6WGu_vode33Q33ts1pZ5k4IcajyUJfODn109xIMCBuw3CHjovfQIfqhH0LWI53n8vcr8ArUTB2k14ytGa-KWeyZtdVhe67uN90V7FQfFQiJpEJNxjNSOMsMSoGw9PHg7s614GwxZ1_M2TUo1eaNVZEF_cN1rl6zYbdYt3PcnE7KVvtqbEkbQTNuKMGwBd5Pm8Fn7NfpzVYi6sJtgKHNOXGc7XrIi7sqavDsVZJLP2ClaQmQ7BZn-kmwlUmv0kLRlSpPPRvlmQCQavlK8yPpdsMiRe0bRE4RkBwgRvIVn85SBGSrKSeEa6lr1J5ac3uBPaoUL0bWNU-FBqg9KO4m3QJpy-SxdCzqP9txqk7pfCpoWjobjhigjl7MOmq210WwOowbVV5FTYdcfqCCi8yEjq7c2MfebGSgX6aaEzMpNkBvgIZ4avMgLlP8OUNlaZWuwk0kV4a1GO36mjNFPBjuRwvfoA-CfKhaRcU1DaVV6Mz4X2aR0-cSrKVdyUcttUWyYvjx36cj5xxtIg_PuaGngm7u0Mrg0c05-UwP7WPIJhxKEAFZE87LSWxBWc7TXhVpC-xKhjHBSjqZMpkH-sy_4syCAx5tnpIDDK5aoV8XiF-qDKuK0-E0DvBThQxo3U73R32iccgz5HoIW0TGAka-qXzA1jGHIS5A0nwgmcys1q19uG1bWB3pApSpHrkaA7lqxajq993GCQdTosRxET1wlXlCbYTgtWKvdMC28w5ymYhji7l0tJY2ujyPcElz_eC7pbB33bx25eoNpfQdd0DkJyzeBM7ryhRaLvVlX4kJ91oq-ECjjK9NhFmeYl13zaftYPexDOV7bzcPnFZpV-ned9392bHPM87kUDP8SWBMsibDqAJwAUKOE-AbkZPqheUrKiOac4qo_yvBzvNhqjHOMl_xi_3c4iZ3_FEA8dvQuqxQieXVG47DNfkqoN78LgfF3WLVWVzvv37xRepGCC7ElRi_qDVpdAgX95uXN14C-kXcOB-oQ2R3AELdvN5ZPBFJF2ver86Zygo4kZnL7CYFARpsuMdOydW6K6oqY-y9w_ZgvtR_fV7d6me41iPUYYJMW0cqvvbqI3fAlSaA2LSwYZnSZQvKn2OHtO9HPv0JNxbK_v4eA497tH9AFzJKtrLPC6y_N9LJXGkF8Bbt_m5EUrnNMXd0Yt73X1bF2sBXZk9dkeu60cyRvYQqWG6aGfJ7bv85HTdT3UcN-SZJ6maH_LP8zpbGEk6pDxi_QVZbLx_iUSLarU7SNxgovfFztMPTWAy5EhrXU_2vwunXM7sa19iZsFoftXUvvBWOSbUPspTAmVZ30EmgvLn0bOQdsKx6m8fsL9pAyD1zGS0tdnfpm5fWZ1-4OxZjW-40-6Kis-m3RQL77O-QuHafmNbHjf88W-flhtwcRn3xsODNZBUC_i3JHGyKxjAF11lYezY85tVaqiKaTC_eiub7LWoYjTtwOctE7YTB-ZofNGELwudPu9pdy-zYFq4C4n8MLmxuK43y3nQL7glOFuWl1qr8U3o3V9VnSgsZuBL5Z67kYql4mRxxwrIVFoAAMrblJ0Fuo0vVbFO5gs49RPI1wtylOagq2pzF53QFgypK4Kij3YUJToonuiWXP7CE-EtM9VwlO2MijO3fD0elp72T_OGaGG6aQsm_bb0cJvuMQQD8YWGaamM-97PlZ2e1ZvfgS6mJeXHawVKiW4Nde5LMutgQCaammYyK54C3PJvZcwRQYeQDgY_JAvR8FEZKispLg5eIeKetFnCGhY65sqOmrwf0-EUnX5TNsiM6uzEn9BOSxEkZae9FocSgXzzoYjbRacrG87R95Q3evRfTj868GbQmVV-ckiwcZ5WRV5WTKjwDZQTCDFKCyOwscTPLi4z3gOXyxoMuGs6YW9hJ4bix4vtY-0tF_kVK45GhLXARUhF9TklUD62CGTOngVQNs4wd03FthvUhrq760uQDEzHmnBps_7-_MpsD3pin9sckT69dArVzv-TN0pGX8Ff47yXIO_KMvrZVwiaFsgUqC6f8_x4vZSzeHk2Gwf8Ecb_rkIxgB154EmCvYdCYRqiBlfiqYCyvRM78CLo3IbYq6XjmYCH2VfErBti_17Ei_IkgZfzW0csCYgZfvL80A8d5GXK4nB2hkTCyBrrY0StFiJFRnvndEjhbdzPSNCT6CqteHynm71ynfHQps3_Fgkcwrh6POrFCO41tY0HQTqd5oMy2rWexlQYvlv566Ouqw9qsgbCvSG0GQk4DwKZ9EKeQ3dnnf_g-5ddyaQr79e0_VyazNlosog63m_2QCrGef4kXpAu6rNFprwksI-Tcv41ermw9iaez_1cTh9xDHXd46sXimePt4JSKCABI2oGuFfrLLLyLJzJhAh3MozsjlwX1aXpkoE8uKafCP8BMmDwX9zPf5Z4pyhQONlDMGLga8jl5rxgjzDaPHVhpE_VwFs74chLs62V_Gi0xT5MWtFdMVurTs6zxj9YNpJD-WtLs24nGK0T-iUnTZZEFGI62rokmhYS8F698IlOQ3P9wgmwJB54QgHJW-iPSAhMMcwUCmvp-o4EVRBLODu0_oINYYPntP58Qc62XKTNEr8gvW7iGCWzmC2P9zGWYJVQ0U4de4LSmJQYyTVZgzTT0ClpLJKaaTZpD7cEIxaPudQKM2BPJ4COhhOgXjjwH-a56MjrYZKeYHzoSgSNM5oU4UMm2HAf29mxlQpC4pynaxkI_Ums_IUF0Kt47ZHmC2Cx6EJkw3rifFoknyFDDHa17XXLesD2QgRkfwqo9ooVPq8tR2cHi2PQe6yKa3hQZajSWLENtHYwEN-4pIpk5Bmy3mE8WiIxvKZOYri6teQV6-_Y-ndLqD4xptv0aJ1oKIaTkH9rd69EvJOvnyUqH6IEWtTH5fBCgNl3syzz84-0XzHKMG74tPXikwQqnAe6Na9W0pUvi8dCN9uaWsc310q4jcJx1M_d1nxHL_K5C6cGClyt9bnt6Hm0w&cid=CAQSGwBpAlJWdWv1GcdrWFYwE2xX_VHcGU9YWMEB_hgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f155.1e100.net

Software

cafe /

Resource Hash

8936789b126dac1508b6fcee31635330ca7a89ccf7e74912f30b93773f69b0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16614
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 709B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fc6567e4bcd611cab467f6096885a2ce644113ca90b599ad2bd1344cc726909

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84F3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
19 B

22ms
21ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:18 GMT
expires: Thu, 17 Aug 2023 05:12:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A01A 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:26 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5EE1 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:26 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 709B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9KrgMKzdZNm_LtWrxdwPx4a5kALM4seycqfvzo3nEb-7wbjBCRABIMTAjBxglYKAgMAHoAHhlK3TA8gBAqkCVYKMewxDsj6oAwHIA8kEqgT7AU_Qkejz5c26oMKsmCMtJf3foTyVNqC8CK7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227114121809289839744%22,%22debug_reporting%22:true,%22destination%22:%22https://kaufland.de%22,%22event_report_window%22:%2...

0
0

46ms
44ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227114121809289839744%22,%22debug_reporting%22:true,%22destination%22:%22https://kaufland.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980109921%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225386332161903727073%22}&andc=true

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7114121809289839744","debug_reporting":true,"destination":"https://kaufland.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980109921"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"5386332161903727073"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 05:12:19 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 05:12:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7114121809289839744","debug_reporting":true,"destination":"https://kaufland.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980109921"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"5386332161903727073"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 8F53 0
234 B 562ms
239ms Ping
image/gif 2404:6800:4005:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~llepg0aq&c=8408659966610&slotId=4204329983305&qqid=CNiXrKX34oADFdVVkQUdR0MOIg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:805::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 8F53 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 06:25:34 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723785138/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8F53
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723785138/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723785138/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

63ms
7ms

Fetch
video/mp4

2a00:1450:4001:1::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723785138/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/58808F3AE9F3E86C2E6A92465F3C4B0C951ECF68.7A4C5133839CF0C3E0E8D122D561C4D7AD90D458/key/cms1/cms_redirect/yes/mh/xb/mip/2a02:6ea0:c71b:0:1012:90f3:68d2:2c62/mm/42/mn/sn-4g5e6nzz/ms/onc/mt/1692248412/mv/u/mvi/4/pl/48/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

2a00:1450:4001:1::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 05:12:19 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2220696
Last-Modified: Fri, 07 Jul 2023 14:34:05 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 17 Aug 2023 05:12:19 GMT

Redirect headers

date: Thu, 17 Aug 2023 05:12:19 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723785138/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/58808F3AE9F3E86C2E6A92465F3C4B0C951ECF68.7A4C5133839CF0C3E0E8D122D561C4D7AD90D458/key/cms1/cms_redirect/yes/mh/xb/mip/2a02:6ea0:c71b:0:1012:90f3:68d2:2c62/mm/42/mn/sn-4g5e6nzz/ms/onc/mt/1692248412/mv/u/mvi/4/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF2F 0
0 48ms
47ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvgwdMH6bdQaMs3qA0tEy-fNDNF-SokV2ddE1pviVtbO5fo39xmSWJ_Wxvcob_5Iou6AYivxHyV1sOCsVn5yE5z690rIc4mKi07BPPtF2WzP551kUmWghPF2PSSF8vSam7fSDAFYNfCxiQv0_ydXx0Kr0gcmzFOUEX29qEZg5ErMVV8L1u2TUKD1uz4R74pbAzPFXOcLQnOpX_qc_nGv538mvENI9AW-Y24X8kKZ8Hi75zHGPg4PQtSleh7wI5CmkGMSS-bYP39IXUXHv1JHJTmoX-5zjzCaD8AKebrGpYswfelIlarT4hTsfOCY06tEXlo7kZTFRvqdWtO8NlXhWmO9nCbNdcMFjJsfGE_3i5EBGHiHzoBS0L0lAQuGw1YH7fkKQVs0roTB_iW9F-_9HGTA1Lk6CNRCV7CycJbtlY8l1jj36raFYbDlsuCY4UpcJFmNxt6iaUnSBSfnRrQ7Bl_OWmgx-1ZO2Nppe9ZhlEFwv40_m6I0W3l7Kdk7z0i_Uvn0q2k4Jn2indQTmrIP2VnyMQt6TOaAZJ0UJkwgMhGf7CPgVrXV0eCfjnQJqXraVhvORfU06Gzc5NlPfs1pZ2b_8oWrwJc_JCmgxai_b8167SfKKIK0ct-a02L-nRNgVE52SWqyucVRkivHx_GDaKcoyq7AenHzo8e1xzH0Jo2U7WSffb2C6RRE5YS6YiSGX1ZLqTvynQaZ9QkMrWagH_BALW9eSXCbx86_ae0TD9eMzJDS_9DU1QojngSA3gd0lI-N0Wj2biQem8RFz7FBmJBD_FJ7p2jdQqOlmH7Rv11_kIcgVAIOJa2vnYXwbFkNCxgv6XOOZ3Qtxo17-wMArwLWKjz4xfbk4ePWZ_LyZOgxuUDyZn3i88Na6-Jq6mj7YeW8SYIlJK8Ilv75jysmWQOc0qiQRw23W8ZxoaKnZTPLtxGUkw0_CnsC2qabAnx--ZvSm6ITMvX5Opvq0DpNPna4ZB0Ykns0JSyi5HvscnmCULiAdWXB9xfJPTDvC3_5__iRXmO7iworg4jwRHvF5yciL5s0395x4NqMzCs3wRUEPCrJDOCfXI3LsHhra2zxc1dgH2A9DXVGC5mEUtUTcJpzeVTSNv-6vSrMQ7BuNyRaaXgFE1wnQnSkNIcFe0NeHvNs-OphugDL5S63FeWr7QVvK7g2w6Hqi2RcidMuxn6JGdQTHlnj_byHj69OR18tsI0f41uiDOFLtzGnXb8NaOrNVtK4MMFcDzqshlKCk8vBA6FqvIiu_TKpKvCaoyn9tYFbYoADCX95DJIQsk&sai=AMfl-YR-KM55yMjEGW28E4ztCJ3CirfJODw_DCt4ay5aXiD1zWIRYi9ycy5NfAymVninH9oN1JfWyrhbZsVsPKo4VrQj9s0FKLHTTYtKfQ5amXDp98diklO3WI5VCsQmHVahLqtMBjHaL2jjWAG-pnslJUaVwXUHC0yAeQCY4WUDpGKr1hKMwDY&sig=Cg0ArKJSzHLiT1uPqHytEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=770&vt=11&dtpt=571&dett=3&cstd=188&cisv=r20230815.65933&arae=0&ftch=1&adurl=

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 05:12:19 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A54C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CK3AwMKzdZJKvMMGWjuwP-_iTqA_53dTpbJb0-tevEKbxhuOgAhABIMTAjBxglfrwgYwHoAHJ_dSiKMgBAakCVYKMewxDsj6oAwHIA8MEqgSQAk_QiWP0ZtNSIk-9wiEbHJ2ISCSDQ5oVWUX...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227795193278007152468%22,%22debug_reporting%22:true,%22destination%22:%22https://changemy.company%22,%22event_report_window%...

0
0

44ms
44ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227795193278007152468%22,%22debug_reporting%22:true,%22destination%22:%22https://changemy.company%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210810113737%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22555181930864166337%22}&andc=true

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7795193278007152468","debug_reporting":true,"destination":"https://changemy.company","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10810113737"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"555181930864166337"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 05:12:19 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Aug 2023 05:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7795193278007152468","debug_reporting":true,"destination":"https://changemy.company","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10810113737"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"555181930864166337"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 44ms
43ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 17 Aug 2023 05:12:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A246 37 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=280&slotname=7708111778&adk=1490443440&adf=2632835962&pi=t.ma~as.7708111778&w=1040&fwrn=4&fwrnh=100&lmt=1692241936&rafmt=1&format=1040x280&url=http%3A%2F%2Frulsmart.me%2Fengine%2Fvfileload.php%3Furl%3DaHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA%3D%3D&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1692249136555&bpp=1&bdt=272&idt=213&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C300x600&nras=1&correlator=5973679571545&frm=20&pv=1&ga_vid=891083277.1692249137&ga_sid=1692249137&ga_hid=1467484538&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076877%2C31077148%2C21065725&oid=2&pvsid=1761142951225646&tmod=16426596&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=O8yGCJHWFP&p=http%3A//rulsmart.me&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:26 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
40ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 17 Aug 2023 05:12:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK UIBH_SUMMER-AWON_300x600.jpg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame 9201 41 KB
42 KB 123ms
44ms Image
image/jpeg 52.92.18.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/UIBH_SUMMER-AWON_300x600.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.18.138 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 47c6941e4d6390f6c73c08169a38828a1b008e248e75bfd7909d9e44f04b356c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 05:12:20 GMT
Last-Modified: Fri, 19 May 2023 10:15:09 GMT
Server: AmazonS3
x-amz-request-id: XK5AM4BWKX7ARP6E
ETag: "d0f5d383787a61be83237e233afe22fa"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 42316
x-amz-id-2: jCYXxmci6/X5RBQRt0g6cL0x+ZW7P8kTZo8w3uMa7MXwF7OJwBbq4g+Ox4gVxElmtDiqcz2J2jk=

GET
H3 200 HelveticaNeueLTStd-BlkCn.otf
s0.2mdn.net/sadbundle/5024850819942449152/fonts/ Frame 9201 29 KB
21 KB 8ms
8ms Font
font/otf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5024850819942449152/fonts/HelveticaNeueLTStd-BlkCn.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5024850819942449152/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd3956a4bdd2086c9fa2f84f911bd4078fc6ea2cd3184d82377fe9cb69108d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5024850819942449152/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 08:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21019
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Aug 2024 08:06:24 GMT

GET
H3 200 RobotoCondensed-Bold.ttf
s0.2mdn.net/sadbundle/5024850819942449152/fonts/ Frame 9201 165 KB
88 KB 9ms
9ms Font
font/ttf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5024850819942449152/fonts/RobotoCondensed-Bold.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5024850819942449152/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5024850819942449152/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89788
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Aug 2024 08:36:24 GMT

GET
H3 200 RobotoCondensed-Regular.ttf
s0.2mdn.net/sadbundle/5024850819942449152/fonts/ Frame 9201 166 KB
87 KB 11ms
11ms Font
font/ttf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5024850819942449152/fonts/RobotoCondensed-Regular.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5024850819942449152/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f05ab6c1eade444bbf4e3e00710756e95c2a1d09a10425967149802219c0c0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5024850819942449152/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 11:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89507
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Aug 2024 11:40:23 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9201 7 KB
6 KB 52ms
51ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea275e63fb181a5ade57742ad05d0bcae870bc192023cb0d08849307ac43a3ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5710
x-xss-protection: 0

GET
H/1.1 200
OK logo_ushuaia_blanco.svg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame 9201 16 KB
16 KB 126ms
67ms Image
image/svg+xml 52.92.18.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/logo_ushuaia_blanco.svg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.18.138 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 72753d9c161c945abd26063319579145a36f24ae089e9bc384aa708a4ef9fe55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 05:12:20 GMT
Last-Modified: Tue, 24 Jan 2023 16:43:05 GMT
Server: AmazonS3
x-amz-request-id: XK5EG9641S754STX
ETag: "e915bfb094df409135d1b25c9becfb88"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 16030
x-amz-id-2: R0GCsX3u+9fNYWtCwv1jUqZ/LsdiW2ipw93RW/JmS5FEPLl4lHvf2ItlJPmjGZ6f5ekHnq7+G40=

GET
H/1.1 200
OK logo_ushuaia_rojo.svg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame 9201 17 KB
17 KB 105ms
46ms Image
image/svg+xml 52.92.18.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/logo_ushuaia_rojo.svg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.18.138 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0f10bf3f7984d28d4d736065b50ba65eeb3f4b146ef6ec38f55943595c64a997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 05:12:20 GMT
Last-Modified: Tue, 24 Jan 2023 16:43:06 GMT
Server: AmazonS3
x-amz-request-id: XK5DZG5RSP642ZV0
ETag: "b0c04b645a75b4acf16eddd9b9c9e8d1"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 17084
x-amz-id-2: H9qABsC5xx/yvSL0V1ZtxIrYNXA/+1rj7FoHcil05S3WEUyR3XZHBAH1/OX2I3+HMOVAlXikL80=

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame C2C1 23 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 173812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 04:55:27 GMT
expires: Wed, 14 Aug 2024 04:55:27 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 file.mp4
r4---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723785138/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8F53 2 MB
2 MB 15ms
7ms Media
video/mp4 2a00:1450:4001:1::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9b279f62d8ab632481b6d6fda4c49c8b9ee7fd77988c13e4b8baa7007d37b10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range: bytes=0-

Response headers

expires: Thu, 17 Aug 2023 05:12:19 GMT
date: Thu, 17 Aug 2023 05:12:19 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2220695/2220696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2220696
last-modified: Fri, 07 Jul 2023 14:34:05 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9201 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 05:12:19 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame C2C1 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:35 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 58ms
58ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230815&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f4f49fac43499cec4ae0f12dccd86473562d2b61ed964619a2329447eebad57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11597
x-xss-protection: 0

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F07A 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0ADB 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuChv7zx-e0iAz7Ms8rKa2GqOdaH9dn53ABvjvqtwwO0_f6Sm5_pCUkflyln6FpaSgRmjx2YLhPxBuGnFOz8vdi8xCVU7P-ALak-EnHDkAvnuEx9yFMZqjJ-t8NqcqZIGvxFzkQB2BeiE-b&sai=AMfl-YTNltJUoPOoh39VZjLRIIqpmuF_r5pSoWzcih7B-7wFaPbYmdUY5Bxru_9JIupBvemv_1HW9KpZqJlS&sig=Cg0ArKJSzE-Gw5Pbs6__EAE&cid=CAQSGwBpAlJWRNylqQM7L0XZ0rIjt5yFHY8cTC5xTRgB&id=lidar2&mcvt=1033&p=0,0,600,300&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=926445072&rs=2&la=0&cr=0&vs=4&r=v&rst=1692249136741&rpt=1646&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 05:12:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A01A 0
28 B 47ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B52HYMazdZMWKOq289u8PlaqPuAgAAAAAOAHgBAI&bg=!6Oul67_NAAZGPLJIZjw7ADkAdvg8Wj5yUhZaWueyr7ZOp0udtEtiLDD7EUD2rS6JUeDzJLV9Sl-8c-uZDtRMIXFnVxLhSzxwQXICAAABlFIAAAAJaAEHmQLov4HnFGAFDGJ42BQY6ql8T6fZtWImKSpVGjDK1JNyk_NQjx-Cv-Zvtz14Yd6cQvWO7C2A4fZAZcT-z4CMXBy0qpB5vrDpu1lsfsQashyJrrqKRg1R9I16EHJDf8qwfMBk65UmNryOfTeDcWXKafbBJXAtDpMfmbggxWtCcxYBNclmCxwAZkeBdTTYWXnkvEjuRBSXHP4w3pAn4GvVJTybqLUVCsduudIueNpZ_5eIxE51mmb2SZoHC_-yGHK6Cg7JJ4xJB4aJbGLA9O0FQp5ivWHw-L5yjLg-ho0ZMHVBVUfUUmq9OQR07HdeTmGx4HeQxS7FJK6S9avY37P7vOMv6KZHKsw98bFWf_p5sRwMLeBW4Hv6Cs_cTNrcXKbaJf2Rfsd1wq-COksi3HZiZw06QEakcu1dK-eTfnVLsYoNNgSpKeus94j3vHcUe0qQGy0qxX79xIOC0DYtaxT2EwpnYMTvoG9TXRSacIOj8BOoP3qrTDui4rAm9cm1oiw305wDC2wUYx-L6QQJhnTBaUTDJPK9F4r6pbKJleDgrDjrqhRIm998yDP8cqfpeNX7_fR9EteXfQiztTb3HoD8igQNwQnmiLHkTWxmfcqOIlXvoRZy-WrK4t8iBXiLl_RwbAKpqgsUp_Pq336CfhbI9kObWzZiQ12iMfVq-q52jk26NHzkvBCUzmXlwPvDcNxMEvIV40tAFnvWFeSkSVJ8I1b980duv5EAFPLia3mzT0PB548uK8Slzes8fZzbQtCnNFHMO_2SZ3qZ8CW0Gtso85WgX0703ldXkqKGnWE0gMee3BsytEELfldZY-y4viRzDByePCafXHsYTvrOATWGOzuR2jWyoTGbY2I3pHgZtz7IXK2pDraqyaJePgc4XpAbwXyjMKi8-29I9JlNdemWAmQJuFAQLJVpGN-oe-5Gk6NdaJdbXYGJNCWh0Re80qoCw7RAbbBsJF_cjEJJy3eRNcOBeIJwae4Y4Fe-

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF2F 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu216riiG_hg7A_eakHLBPhyIhVTsSMj1RKS5bEq6hOR3TbkZUs6UoM4rw44zBxyz8ZPR0pEEhaLb4aZox90_ANwxVeZeScoAGx3JKt6A-kK9XbQ1OfAWhOTuZjXYC04Gnfrc0p5GvRiO9j&sai=AMfl-YQFiW7ss3479FOqnkHlyv0QBR6IzpYEhXFyyvwUYRABSw0bNZH5eSLGrLqPs0XtkpmC12nYyf0gajHS&sig=Cg0ArKJSzCSHqapK0-zcEAE&cid=CAQSGwBpAlJWEGcPKoqipSHUkCRHHtz4gme-jHzQjhgB&id=lidar2&mcvt=1021&p=0,259,40,300&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1969458916&rs=2&la=0&cr=0&vs=4&r=v&rst=1692249136755&rpt=1652&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2680 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 04:48:11 GMT
expires: Fri, 16 Aug 2024 04:48:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6587 831 B
554 B 23ms
23ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5b4571c6d8a7c59495f2b376997f1ab3bf1468ade1bb44d017a43cfc0424d13e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mNmPQM68uyMNs_qPueHODw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 532
content-security-policy: script-src 'report-sample' 'nonce-mNmPQM68uyMNs_qPueHODw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 05:12:19 GMT
expires: Thu, 17 Aug 2023 05:12:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6587 0
0 43ms
43ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230815&jk=1761142951225646&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2680 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2C1 0
28 B 46ms
46ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B2wG9MqzdZMWPN7-DkdUP1pq8qA0AAAAAOAHgBAI&bg=!HB-lH0vNAAZGPLJIZjw7ADkAdvg8WlXYqsX9lQSKnbFUtIJZCwNBGTggxrtpjNHqzJkVaN7a3mNCJxDV1KHf1R6KePJsuCZToEUCAAAA01IAAAAGaAEHCgBwaKu3NUcNUF2YIBMWXckvXVkUTFnPcJYi2wFbHSbwqMeHpOMAGvn6KMyOBM-8KyGusHxdEEzj8tMR4jJ66-6KLFyzJtqzvsjC7aZbFiheft4WY7oVxf42ReFCqKcmYmXqzZQDwszM6RwEXipu9VjJMZkDFoHAf9nR_qeGBkQfOxf0_8nKhQ_NQifhSICRu_c1hcnM7I_Tbo5XZkwt3c5ujiAMpJaxxTzNZzdEJfI-ZmrISLpKHYPoBd9hCAeaetyrmhrjJGoLfluA87EBRxv6bfTYkmDcj2DtMLT4iEzDPHf0GFj46kqRX3gDzHdfFr1-yYC1aeZ6ot4ztwPPOt_Tad9R1j8dJCASKfPQTjvYTrJq8IF9q_9cvHFOGjqx3r-rlfGBFCLdNt68Iq4oUJvcZQh4C83XzWHX_HQy5-cP-0dW-IX9_ytdTT3K1QRM1gOEuY7LLlrpJMjknaK6Twl29U9VZalG6ZXm2zQCjCd_rYJ1WlfiIVl4CNVStiu8Gin-ibb197XOp_8mVWyCqvNcAXbD1x2eB58rqJ1t5UF2_ptsmxFSS5fvQ7KT_xz8Q05ClHHedTK4G6qxn8e4aCpFibBeKAHQxVNBF06t_zrc50ZAV4LSgopPa0miLk9htfi8euv_Mvxof926oxm6sEmt_TucogJAQJGMJaGJZhZXUiSbDqAOMHLVAupUMDtSZUFVTBiC5aBYJ7QsRm6zp85QVV-_lrz5sRivus2sPGlsx7Y-HfUam8ErhN9A9da_fwBAHaC8jNWDssvDKkzC6Be3FXPvLUTF1_HWhYxV4OIFSYsDalxzV1BSrobvN_cIoyTT-L55HoPIHFn6L57g4lPhjpZ-xFgv1sgSgRUs9S-vYux48xQ3Mz8cvA6k8XsmPT6E2ERR25XDrMaiX8k9IBpJHTenvNgHpb2b4J_zrPqDcyUpPQsKuQWmbzQcmu4gxALEE3CmeATzN_KLWPdQCM4jk1WdXM0BM1TOyJb_B-3AUt0jv2vxB3E7j9GrqUgG3oNqrrr2OJhPls_FDSiTUGvBaiTznju9xeHRcCyjFgP9GMNg4d_ov1taq052SU2p6R9R2Oa6JOmgqrDVTi5C9xXHZlvCiU9Fq21j7KCyOz57T_8_hdPydjc3wxKZspFcVNEj-hsEAl1mn06ata1LTTnJnn5Mn8ogR0uQsGCRKw3vCIf134iqquTsgto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 87F4 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu17MMuXPCdz0j8wA39Oc25zy6L1MoK5m-n7FsCmHwmslk20uDgcvTamr-i03wDreQ7FjL5YsYc0KPjeYxbyREvbgDXsHmt6NxxDEhZiT-YmYbcMOXoKjR6Wi1XEeGzEahOrVZw8Q5fTGJG&sai=AMfl-YQIkKVan5xb9b4qjuVYUvTVIl4b23gXXH4yYcroULT2ENjv5GFmXvfrHxtPHcAE2xg9pcirORsivnIu&sig=Cg0ArKJSzCbd_GF_1J33EAE&cid=CAQSGwBpAlJWf7bRDcONrl3oer5eOg-SpreAAz9-wBgB&id=lidar2&mcvt=1006&p=0,0,280,1040&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1885653797&rs=2&la=1&cr=0&vs=4&r=v&rst=1692249136779&rpt=1827&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2680 0
12 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JX1amA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:12:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 709B 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfWZ-Rcz0IVnx3HgW5_HqrtNXWflarEdy4SkfWdF0R4t3XTjLCKVMUHpDKJYG9W9QE0riIfm1G8sudJ_YvXPg7Ixva6hr3zxiQ5Ll9rkll3KXuOtQpo5bM60x174dgfDmzztKoDzWzY_k0&sai=AMfl-YRu62fmLNpZJlkYIQSJCiqEGxmYn6Hvgn0S24Qu0GTYo15L8CsMae0lIaDLqD265Fywm_5MJkvHNZ8u&sig=Cg0ArKJSzOBqNCEPqC6wEAE&cid=CAQSGwBpAlJWdWv1GcdrWFYwE2xX_VHcGU9YWMEB_hgB&id=lidar2&mcvt=1008&p=0,0,600,160&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1692249138067&rpt=576&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF2F 0
28 B 51ms
50ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7379875949736&version=m202307240101&ct=76&x=1&cor=7046754842308465000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A54C 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuztEfS9Ph-6seIoSXIRLoNUuCI3MdawoNijI8wAD5BVgBkcu5EVQAJsEwZBDO7kGCmhA1uDX1v2YBJggMUWv0YI7FeLzTdREWEduGV8Ed4DM1j-c4JbAopZkXf1UpJW-vUm1cjFvESqPZQ&sai=AMfl-YQHz-M7AyIsHbEua67keM6BrJNdzlySI_N-LtgmADzkSHLMTnNrpl3-b4Cw7WwcU_Ff2pF3ORBV5rwG&sig=Cg0ArKJSzH1hW3qFH5SlEAE&cid=CAQSGwBpAlJWEEZeJYDXeRmEgH9fm8Y6UgvRAGg1qBgB&id=lidar2&mcvt=1002&p=0,0,280,1040&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1490443440&rs=2&la=1&cr=0&vs=4&r=v&rst=1692249136772&rpt=2247&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230815&jk=1761142951225646&bg=!HR6lHkrNAAZGPLJIZjw7ADkAdvg8WhMwXQgOHVzfHiiZJVSYS6Zhc0tyl-tWe6wBZZ3b6-GbLI28EcTSGQzbW0dWIxt4ODuv_pUCAAAAX1IAAAAFaAEHCgAqWEw5HJhU2uW9AJMv_M5N6bqbQyuluGyS7wP4-w6t9z_bnrGIjyqsVRybmQLC50xaGo2fm9krk7qvuQ4xj1722WucDSIugcYnMiTwjjG8viMcU2r7jz8JT_p02fWfijurM1-J5C1GZ0VUljryPXl3jDhx3By-Uzgaj58uFj3yaAOrsfknlzCMxjSBTUBYLR8UAUuInMpwOH2cm6Xxt1krMUw1F35H7mIut0i95fYuaLWihUC2AosZ8zHX8uQXnVyvKksMARHiHgHOxJSj6eGifz81er55QKhJemh-suZTQdLHGCa0QQdvIHryc8kB-aPiTghndvgICi2xasGttoDVceBtKqetQ7sKP72Cp-GYTsVUO6ZIv8DispBXNjnyu5tTo9sat51bMMJQ3bkjIj5pRcM96YF5IIBPfYDuGEOWXF4OmuI26jl2jfgJUC6BP2JbmKTj5uMZE913ufifsHhzdjfX8vbr40tEEPNSBy8bMM67oYmXQUFIkAEi2W7xB3ctjzHOHm_FWERHKN-lOIoYBlPT_DUYHgfpy9nW1brrDvt8dkR25x333ZXI2QZ7Ogq7Hr7WwYGnS5cONS28FWtCZF0nnYlpj6aCruOVLNpp_XKVN-Dseu9T_mMLLL6jtYDVyKBAwMb3J_mZPuGUYf7fZ0_5qD-98g_Wu9S1SScTDgoyijO2yNuz-A22IUlELHqR52QjHM66EzayjchUZ8nbBk6SKpPc9eUqWxu_j9kmrozzmNCpUKGE3CVjLpRQIh-N1sW-57bI8e0sFrcEfxCX0oHMvsGc5HN4amdy8wiRsFqSV39-14FthUgtraty2-_BdknTUyyJBSxfYau_vepBpT3975HBkTywXVAXoqg5PdNiOLGJWt7zi1HTPfDQZxR96JlM8LVQbOumnoX-iZZVkYHgGy53bFsnJgne7cDdhPEl3P65ST1Q0Sz3a9Pb562AaDPNLthrTBBDpjnGwVNKpoqC530pAyWndyKGbp30fw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 8F53 0
54 B 240ms
240ms Ping
image/gif 2404:6800:4005:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=4~llepg0f8&c=8408659966610&slotId=4204329983305&qqid=CNiXrKX34oADFdVVkQUdR0MOIg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=988&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1qw~vfl.220~vil.22x&ua_e=1&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:805::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 05:12:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rulsmart.me/engine	1969-12-31 23:59:59	Name: b Value: b
.rulsmart.me/	1970-01-20 22:49:45	Name: _ym_uid Value: 1692249137716122368
.rulsmart.me/	1970-01-20 22:49:45	Name: _ym_d Value: 1692249137
.rulsmart.me/	1970-01-20 23:25:45	Name: __gads Value: ID=3531938ad7df065e-227f4dc253de006b:T=1692249136:RT=1692249136:S=ALNI_MakBPDkddnfeh85UKbuBKV0qHbKFg
.rulsmart.me/	1970-01-20 23:25:45	Name: __gpi Value: UID=00000c61f47dd2da:T=1692249136:RT=1692249136:S=ALNI_MZ4f4VZfBfHLKS2rUEsF_jX5-cjNw
.yadro.ru/	1970-01-20 22:49:15	Name: FTID Value: 1atQmm1p59ec1atQmm0021iZ
.yandex.ru/	1970-01-20 22:49:45	Name: ymex Value: 1723785136.yrts.1692249136#1723785136.yrtsi.1692249136
.rulsmart.me/	1970-01-20 14:05:21	Name: _ym_isad Value: 2
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1369858611692249136
.yandex.ru/	1970-01-20 23:40:09	Name: i Value: AA05j8KGYpo5zJySStfA69Wd+Ik0jG/UxmP+QW1obasm+qc+Qnw425/Ec6VcL2WpQm05n2Y+hZtrzQ3dkFVAmNbFx/o=
.yandex.ru/	1970-01-20 23:40:09	Name: yandexuid Value: 2038067361692249136
.yandex.ru/	1970-01-20 22:49:45	Name: yuidss Value: 2038067361692249136
.yadro.ru/	1970-01-20 22:49:15	Name: VID Value: 3kbnr72Mmm8c1atQmm0021i-
.vk.com/	1970-01-20 22:54:32	Name: remixlang Value: 6
.vk.com/	1970-01-20 22:49:45	Name: remixstlid Value: 9115535181222011820_PdCA5EJYlTkwsw0QxSYyP96zGROLXOFQZF7tMtazaIX
.vk.com/	1970-01-20 22:47:16	Name: remixstid Value: 545281263_W3716TPce4JONWq3p3ImWN0RwEyCyCMZ7f4zEvDesVX
.mc.webvisor.org/	1970-01-20 14:04:09	Name: sync_cookie_csrf Value: 2830945730fake
.mc.yandex.ru/	1970-01-20 14:04:09	Name: sync_cookie_csrf Value: 1035541174fake
.webvisor.org/	1970-01-20 23:40:09	Name: yandexuid Value: 2038067361692249136
.webvisor.org/	1970-01-20 23:40:09	Name: yuidss Value: 2038067361692249136
.webvisor.org/	1970-01-20 23:40:09	Name: i Value: AA05j8KGYpo5zJySStfA69Wd+Ik0jG/UxmP+QW1obasm+qc+Qnw425/Ec6VcL2WpQm05n2Y+hZtrzQ3dkFVAmNbFx/o=
.mc.webvisor.org/	1970-01-20 14:05:35	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 23:25:45	Name: IDE Value: AHWqTUlRks3-7Ct-E7Smb7GBt1n1fzXrEQdXNnjnO62un6chQ_UckBVCvxWgXLtL
.doubleclick.net/	1970-01-20 14:04:10	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-20 22:49:45	Name: CMID Value: ZN2sMaZMjfEZIOgOZWbauAAA
.casalemedia.com/	1970-01-20 16:13:45	Name: CMPS Value: 5146
.casalemedia.com/	1970-01-20 16:13:45	Name: CMPRO Value: 5146
.doubleclick.net/	1970-01-20 18:23:21	Name: APC Value: AfxxVi5yyfIsxQXyNSIScFB_S7aAxQ7qeXcMaAXJDLt95edBKUJbcQ
.adnxs.com/	1970-01-20 16:13:45	Name: uuid2 Value: 433174038554310860
.adnxs.com/	1970-01-20 16:13:45	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IladvZP`!]tbPl1M>e)ZlrFUfJ+tGXxoeOp7?-YmfxTV_mKVI8'`@<[O!Kc?0Xgmo4RA3If)y3KL9D3I?+lsjZn?
.mail.ru/	1970-01-20 22:51:11	Name: VID Value: 22yst82NFcIJ00000u1mT42J:::0-0-0-9f804f2:CAASEKeA-akhGOfG-F68sf8SHtAaYNNYV2iVyS_nQNAat2O8BJ9LLNFTW34TQ4MUyuAcooWAMwysIBSwNJFrkjeQB908PhQIN6a6BvlvGpLkFJt0TVOxhd23-p_Uli5k_gjafqG1mRX5Fj1Xwuw-JC87ZkGYHg
.doubleclick.net/	1970-01-20 14:04:12	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 16:13:45	Name: ar_debug Value: 1

38 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA== Message: [Report Only] Refused to load the script 'https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4809740823367762' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4809740823367762(Line 40) Message: [Report Only] Refused to load the script 'https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 78) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-14aL38iazuPKIPYUa+8xD4EZoQIlMO6oKHbl2ULLMBs='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 106) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-/IV0JxSpC+MqHpVtEmZzs0AMWlPURawBeElQUIc894U='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 119) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-ASJm/SPXiz6HPHXG+mR/1tnV9JTzaX/T4lL3uC3CYIA='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 141) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-ASJm/SPXiz6HPHXG+mR/1tnV9JTzaX/T4lL3uC3CYIA='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 156) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-G2CvDOSdZeixAGRXwWiD1g5ToAVLsVfFfDsDqC7plk0='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 185) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-G2CvDOSdZeixAGRXwWiD1g5ToAVLsVfFfDsDqC7plk0='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 195) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-klZmac1gJXYR/nRSnLFuRqpW5eD6F22Za3NhKU6Th4k='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 198) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-ox2IwBKAtZiVeStSt2n4Yo4+R92tqYQ6mSIH/m4yLFk='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 204) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-5AXGQ2K1tIrEXeuQtM/iCzsb+zeSl4yPr/3x94dSncc='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 207) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-tuY/EjJkhGHkY/6XBGeiUgIpl5NXG3GA+1kclJeoOkI='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 211) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-Aq40x42HSY/f96/V5KtiCphLQtU+S2vKJZhNkfmtqHs='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 223) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-9l8G9J4A96QAM+TC+0ckSUUv5DqQj7uwbjzshcXvs9c='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 223) Message: [Report Only] Refused to load the script 'https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA== Message: [Report Only] Refused to load the script 'http://vk.com/js/api/openapi.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: http://rulsmart.me/templates/default/load/css/font/PTN57F-webfont.woff Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://rulsmart.me/templates/default/load/css/font/PTS55F-webfont.woff Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://rulsmart.me/templates/default/load/css/font/PTN57F-webfont.ttf Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://rulsmart.me/templates/default/load/css/font/PTS55F-webfont.ttf Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 52) Message: [Report Only] Refused to load the script 'https://partner.googleadservices.com/gampad/cookie.js?domain=rulsmart.me&callback=_gfp_s_&client=ca-pub-4809740823367762' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA== Message: [Report Only] Refused to load the image 'https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=left_side&ign=false&pw=1600&ph=1200&x=0&y=1060.8' because it violates the following Content Security Policy directive: "img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/".
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA== Message: [Report Only] Refused to load the image 'https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=left_side&ign=false&pw=1600&ph=1200&x=0&y=0' because it violates the following Content Security Policy directive: "img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/".
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 284) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-0T9np3W2JDTcUMD44KU9wKpORD+4xlSzEokwNHTZadM='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 291) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-qzNyJSyiFC68etTwE3pODD6laenWhClF2hii9QIDyG8='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA==(Line 313) Message: [Report Only] Refused to load the image 'https://vk.com/images/upload.gif' because it violates the following Content Security Policy directive: "img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/".
security	error	URL: http://vk.com/ Message: [Report Only] Refused to frame 'https://vk.com/' because it violates the following Content Security Policy directive: "frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/".
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA== Message: [Report Only] Refused to load the image 'https://mc.webvisor.org/sync_cookie_image_check' because it violates the following Content Security Policy directive: "img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/".
security	error	URL: http://vk.com/ Message: [Report Only] Refused to frame 'https://vk.com/' because it violates the following Content Security Policy directive: "frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/".
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA== Message: [Report Only] Refused to load the image 'https://mc.webvisor.org/sync_cookie_image_decide?token=10098.kzOTdABxeEo9CT6wkNssU8rrftHhpgooahP9ZdjVl-KAzZmHTgthltrtYXNTPjdfhC54wQyWaWSlNe2d9ooNAlEBEI8IrxxZxR-QewBBSwa2MYAAYOYlIjZk8r6Qz7sjZazy6hcHZxYFFYdizuHClFXWkmdNoueGJQAax41nE0XFcs1ZOTjnXpM1mGGG2j3iid1ClmK8fVfRmfFjzy7briScMEyqZheUSjnKEIUI1Co%2C.NOYxstaimoxGX5iSekeQbg8lX4w%2C' because it violates the following Content Security Policy directive: "img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/".
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 52) Message: [Report Only] Refused to load the script 'https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/reactive_library_fy2021.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 88) Message: [Report Only] Refused to connect to 'https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230815&st=env' because it violates the following Content Security Policy directive: "connect-src https://mc.yandex.ru/".
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 87) Message: [Report Only] Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://tpc.googlesyndication.com/ Message: [Report Only] Refused to frame 'https://tpc.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/".
security	error	URL: https://tpc.googlesyndication.com/ Message: [Report Only] Refused to frame 'https://www.google.com/' because it violates the following Content Security Policy directive: "frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/".
security	error	URL: https://tpc.googlesyndication.com/ Message: [Report Only] Refused to frame 'https://tpc.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/".
security	error	URL: https://tpc.googlesyndication.com/ Message: [Report Only] Refused to frame 'https://www.google.com/' because it violates the following Content Security Policy directive: "frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/".
security	error	URL: http://rulsmart.me/engine/vfileload.php?url=aHR0cDovL3N0b3JhZ2UucnVsc21hcnQubWUvMjM2Mi9nZXRmaWxlcy92aWRlby8xNjkxNDUzMTgxX3J1bHNtYXJ0LXZpZGVvLnppcA== Message: [Report Only] Refused to load the image 'https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230815&jk=1761142951225646&bg=!HR6lHkrNAAZGPLJIZjw7ADkAdvg8WhMwXQgOHVzfHiiZJVSYS6Zhc0tyl-tWe6wBZZ3b6-GbLI28EcTSGQzbW0dWIxt4ODuv_pUCAAAAX1IAAAAFaAEHCgAqWEw5HJhU2uW9AJMv_M5N6bqbQyuluGyS7wP4-w6t9z_bnrGIjyqsVRybmQLC50xaGo2fm9krk7qvuQ4xj1722WucDSIugcYnMiTwjjG8viMcU2r7jz8JT_p02fWfijurM1-J5C1GZ0VUljryPXl3jDhx3By-Uzgaj58uFj3yaAOrsfknlzCMxjSBTUBYLR8UAUuInMpwOH2cm6Xxt1krMUw1F35H7mIut0i95fYuaLWihUC2AosZ8zHX8uQXnVyvKksMARHiHgHOxJSj6eGifz8...oYmXQUFIkAEi2W7xB3ctjzHOHm_FWERHKN-lOIoYBlPT_DUYHgfpy9nW1brrDvt8dkR25x333ZXI2QZ7Ogq7Hr7WwYGnS5cONS28FWtCZF0nnYlpj6aCruOVLNpp_XKVN-Dseu9T_mMLLL6jtYDVyKBAwMb3J_mZPuGUYf7fZ0_5qD-98g_Wu9S1SScTDgoyijO2yNuz-A22IUlELHqR52QjHM66EzayjchUZ8nbBk6SKpPc9eUqWxu_j9kmrozzmNCpUKGE3CVjLpRQIh-N1sW-57bI8e0sFrcEfxCX0oHMvsGc5HN4amdy8wiRsFqSV39-14FthUgtraty2-_BdknTUyyJBSxfYau_vepBpT3975HBkTywXVAXoqg5PdNiOLGJWt7zi1HTPfDQZxR96JlM8LVQbOumnoX-iZZVkYHgGy53bFsnJgne7cDdhPEl3P65ST1Q0Sz3a9Pb562AaDPNLthrTBBDpjnGwVNKpoqC530pAyWndyKGbp30fw' because it violates the following Content Security Policy directive: "img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
c.hit.ua
cdn.jsdelivr.net
cm.g.doubleclick.net
counter.yadro.ru
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-4g5e6nzz.c.2mdn.net
rulsmart.me
s0.2mdn.net
st.vk.com
storage.rulsmart.me
sun9-6.userapi.com
sun9-72.userapi.com
sun9-75.userapi.com
sun9-78.userapi.com
sun9-80.userapi.com
t2ocreaspalladium.s3-eu-west-1.amazonaws.com
top-fwz1.mail.ru
tpc.googlesyndication.com
vk.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.186.34
142.250.186.98
172.217.18.98
185.158.112.11
185.80.39.216
185.89.211.12
2404:6800:4005:805::2003
2606:4700::6810:5514
2a00:1450:4001:1::9
2a00:1450:4001:806::2004
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:812::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2006
2a02:6b8::1:119
52.92.18.138
74.125.206.155
80.239.201.0
87.240.132.78
87.240.137.164
87.240.169.1
87.240.169.3
87.240.185.133
87.240.185.171
88.212.201.198
88.212.201.204
89.184.81.35
93.186.227.158
95.163.52.67
07bb9bc43713aa923de24aaca0b6aa67d12fa43e3d3d5835bde2d660f81caf3d
08b84fd8616215d18c94aa489d5bd5e474c9c1ae9731b9268132928e1a0564fc
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0411e3df6378bf2367269bf18afb9752cf84e85c39fe66793d9b1650d8840e
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b
0f0ba0a2eda95c27df2b97bb302e830933dc8829c67714434cb80c95f9cf7449
0f10bf3f7984d28d4d736065b50ba65eeb3f4b146ef6ec38f55943595c64a997
10148cc9ebda280e936a89f462e6f00b857b9e51c6a235eb0b80d74bd81fac3b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1296929eeb1556dc7a4d934895527a777e1af57c435455e824b6a17dc2ac293c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a186287d7b2522c346f85f7881eb0576b7ae896ee9aafdd77cb5a9a80bcc48b
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
214c88669b261d4ae62dc6fa3d7d1dfe3d8741fc7545cded1ec8372cf40e0393
222189ce62906db25183ae3faef9824e94e0893fedb9156052a183d748c3210f
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2958d1c937bbf0a39f3a03bab08f6814cc4b29d28d04a1d6e7938737cbca35fa
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2ac1bc55ca4e4b43f3fd48110675be9cf53d58feff41ef29b56ddbc3166f1b02
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fc0243bd5fbca07a3955ca7e381f7fbef07265a4b4a0ce2a7eb9ae6840eb073
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b2f3d58986874b0318d7381663d6107ad0fc2d55ea852d312e7118e339ea3e5
3c42ae7e84132121c8b32b471556e9cce0bdb805921d7f4c9494dd061a234541
3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa
3f4f49fac43499cec4ae0f12dccd86473562d2b61ed964619a2329447eebad57
3fb8bfa02e7da0776998250749b3f4dc3085ca038c1e302b8f23ddf01ef8965a
40971430d92d0e9c5f2f795909527e5bf8daaa4705cb8c41b83cad73f202f3d0
4125fbc3eaefadfb530ce8a053be8d50c0451713d396e4ca64b1e0283621da4c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
474ec03776446ba3780a6d7a5fc5fec62353a1a03a828bdd2591773ee05b05ab
47c6941e4d6390f6c73c08169a38828a1b008e248e75bfd7909d9e44f04b356c
4811da110157debbf541ce540b6011b75720b5798959657bc486a8b6edb0fe61
4b0a0df2479491cf26c49065cbfa550ffe5cfa5f632fc62b7951ec24be1fd42a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57d4aa5e35b24d91132ee482acb07fe076e2e8ab8a669aba2527c5b96e067466
57f283698fb628ed0d218da8140e000a065dfe86593b52fa1f8ae591bf2a8840
5b4571c6d8a7c59495f2b376997f1ab3bf1468ade1bb44d017a43cfc0424d13e
5d35ad59d964bd45a9edcf9fece844c77d93df73bfa6f3bfa955f04d313a0880
5fc6567e4bcd611cab467f6096885a2ce644113ca90b599ad2bd1344cc726909
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6350dce6469ed24caf9785f9f9d3279bbf0042d58cbe2721cec9137c9aca9d06
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6796d058f931b3c9ffef914468019f92f4140d4709d93b1f412293ae6216ffcc
68ba43bb77d1224dbf3ec42d85158a6c234092b6985d55e14fc73d1d68340b53
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
6beebd598508632e19e2c42f7458d0da478d1257b08f1e04af51872f0b359135
70b720f8d972e759eaf232dd10c9c177ece68d9623baed2d4a244ffe8ffa6285
723a6468dc6bce37214f79689196a95973c50c9ac0759eed6c6601241cee1ab9
72753d9c161c945abd26063319579145a36f24ae089e9bc384aa708a4ef9fe55
75bcb080345037c196f05049080b69cb3f3292d6376ca94b642a8ef8259a59cb
761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
7a1c24b60c6386f2c32a8edbbbd5c4267f865ec82283b06d2bd197035b2c21a5
7d78869039c26ebb64d611175ddd20ef410600f3d32fa277771ff0dc2d05da26
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
868578dc61a729271850a59fcff489a2419b6fb8fae0ec37d5704d62b176ebaf
8936789b126dac1508b6fcee31635330ca7a89ccf7e74912f30b93773f69b0a0
89752357a34a6a32e28ff598027697763cb3751e4ca688b26028f9bd48a30e10
8a546f986c6d332cdeca0c6aeb7fdfb6918b995e4d7e3b691243039ceea81266
8e35e20d1e072e50c70e89ae70aa6299ab2f369c3a52702f0e49ba774003d680
905aa6b670126f63df5d271c7b9e452a9b37ace952407b46bff60a96b461e696
95faf3ffca374c677c63a69cccc0e154d695e2c2e0f8ff919292686ecae49bbb
9854b2eba9e32c3d1056354bb4d67393ad04996585566a9bf33cb29bbb4d8378
98729675e66d3a37c8541d5017e48206b15b39eab1003e17724605c02fc28993
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9aad272a56db46cca97ab549bf6e6f38d5aa3f6c09bc1801c7409d66a806122c
9b279f62d8ab632481b6d6fda4c49c8b9ee7fd77988c13e4b8baa7007d37b10c
9b408d7c1463239eaf06d17f7a90cc66db752b65df22c7ccc08acb985ec0c7fd
9c20d99eb2897012209d2d026ba425d2b4797552e3fea5e254852e3cd574677b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3e983aa47b1f2934305b695d1ed4960d635377c922b1f477b9ffc29df4dd32c
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a853fdf4010d4a7bc12a91409d81042dc2fd36d92d5730ddf41a6eef675aa139
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b471e554c1d66aaf8729ba3070cc8d80a31d7b0c21b7dc1cc5f3d44d3c0c987f
be3225b9e9a479fa3962a95877a1da4d29bef23447f171b59a21c995d0aeaadd
c1513eba455771f07f10e9edb6abfaa739d8dee1c34419c8c3a11dc3cbf984f0
c1f682c5eb8ac9883142511d4198cea10006f8412aa67da3eb2a5370d833bf5f
caff739804cc7ba8a46ab2ce71a8c38d1d7b52d889d7d18146c21cd1d5dffc0b
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e
cd61552adecedc173a715a781e70bdcd5b4e4381612dfc027a5eb8678d29baa7
d18b349759c435d2eb92c89bc0e9b8f3055bf6c62647d87c1c996eed10dc5646
d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d
d38df1c296e6d0a9fc8454f39c13836ffb1c26a9f6a4fa31c59f8c653c7ae4af
d41d7d754d9736445a47ba8655294ff7477e0bf67bafca8a17611558258f9e65
d8a144209c02eb696ab5229452706e63f84c6affcb3e313fc04dc0b0c936e590
d8c57a6ff72c6adab4124e631feb8d148c90a1de884e926fec0f7e87b976e0d0
dd3956a4bdd2086c9fa2f84f911bd4078fc6ea2cd3184d82377fe9cb69108d39
de7d653b2a3e24313d33f813a8478c18f7b9afee27019037cb9ec713ae0daf82
e072dcc1a8cae3dfd598d53927bb89657770b7a91574d103434714df5ae5595e
e0f261c15a6fc9e1c3ac37b3364356f61b37f2e662502d8a58147f0aac761034
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9c102be54a21fc534271c42ff116be61325240fac9649023cc6adf41d8e72
e443793c22c99a71ea0ca1ae621676267abbbc301e98d78122bdedcbf6ac893a
e4a3d563a13799d6b28e285cb527e001eed1c00af1ec71042bf4a9312d8206f6
e9ea77bdbdb2740b6029b3672b833edef7b592763a0ebbad204ef84c211a7c84
ea275e63fb181a5ade57742ad05d0bcae870bc192023cb0d08849307ac43a3ac
eb2622e79b6abecb169ba5e32e526bf4509c16be0a3661f8a1d45d2816fd2ca8
ed467a650bb48df0a751e7f719c9995e77958478bdec47bae6b1ac81a9fa85c8
ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2f75889cbad7faebdd895cd3c5fc83964ae88b328ea3b799118b4354b5b964
f05ab6c1eade444bbf4e3e00710756e95c2a1d09a10425967149802219c0c0cb
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7da068da00a4c9b6da209f318f110e34436631bb8e7c11562d4cfb4c8b49b1e
fcab021c706550a1acd80d7f7848e434abaf2830c91f4217fc17301dc9b4f172
fd3ab1c497cc706c01d4ee4d71de7884d014bef7e7136f140f506142521cc2cb
feccd89ad5e1956fd5432496ef82b0d903fe30fe89d53d92bfa952f40752c234

rulsmart.me Open in urlscan Pro 185.158.112.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

194 Requests

88 %HTTPS

43 %IPv6

20 Domains

36 Subdomains

34 IPs

7 Countries

6825 kBTransfer

14265 kBSize

33 Cookies

1 Outgoing links

Page URL History

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rulsmart.me Open in urlscan Pro
185.158.112.11 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

88 %
HTTPS

43 %
IPv6

20
Domains

36
Subdomains

34
IPs

7
Countries

6825 kB
Transfer

14265 kB
Size

33
Cookies

194 HTTP transactions
10 data transactions