itconnect.robloguri.info Open in urlscan Pro
2a00:1450:4001:831::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://itconnect.robloguri.info/
Submission Tags: phishingrod
Submission: On December 05 via api (December 5th 2022, 8:19:14 am UTC) from DE — Scanned from DE

Summary HTTP 292 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 24 domains to perform 292 HTTP transactions. The main IP is 2a00:1450:4001:831::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is itconnect.robloguri.info.
TLS certificate: Issued by GTS CA 1D4 on October 6th 2022. Valid for: 3 months.

This is the only time itconnect.robloguri.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2a00:1450:400... 2a00:1450:4001:831::2013	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2009	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
12	91.247.179.203 91.247.179.203	59934 (CONVERSIO...) (CONVERSION-AS)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
16	91.247.179.217 91.247.179.217	59934 (CONVERSIO...) (CONVERSION-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
40	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
8	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
45	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4 9	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
292	33

14 2a00:1450:4001:831::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

itconnect.robloguri.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 91.247.179.203 (Romania)

ASN59934 (CONVERSION-AS, RO)
PTR: ce203.conectoomail.com

app.profitshare.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 91.247.179.217 (Romania)

ASN59934 (CONVERSION-AS, RO)
PTR: ce217.conectoomail.com

profitsmart.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 tpc.googlesyndication.com — Cisco Umbrella Rank: 144	725 KB
40	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 402	123 KB
24	gstatic.com fonts.gstatic.com www.gstatic.com	447 KB
24	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 11839 1.bp.blogspot.com — Cisco Umbrella Rank: 9054 2.bp.blogspot.com — Cisco Umbrella Rank: 12321 4.bp.blogspot.com — Cisco Umbrella Rank: 12223	1 MB
23	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39	255 KB
16	profitsmart.ro profitsmart.ro	160 KB
15	google.com 4 redirects apis.google.com — Cisco Umbrella Rank: 110 adservice.google.com — Cisco Umbrella Rank: 87 www.google.com — Cisco Umbrella Rank: 2	141 KB
14	robloguri.info itconnect.robloguri.info	281 KB
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 675 pix.eu.criteo.net — Cisco Umbrella Rank: 7434 csm.eu.criteo.net — Cisco Umbrella Rank: 7693	96 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51 ajax.googleapis.com — Cisco Umbrella Rank: 361	43 KB
12	profitshare.ro app.profitshare.ro	500 KB
8	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 245	4 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	333 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 7888	67 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14766 ads.eu.criteo.com — Cisco Umbrella Rank: 7380 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9621	45 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 116	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	87 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7808	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	20 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 242	7 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 876	78 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 288	23 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 942	333 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	43 KB
292	24

	Domain	Requested by
45	tpc.googlesyndication.com	googleads.g.doubleclick.net itconnect.robloguri.info tpc.googlesyndication.com pagead2.googlesyndication.com
40	js-agent.newrelic.com	app.profitshare.ro
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com itconnect.robloguri.info googleads.g.doubleclick.net
20	fonts.gstatic.com	fonts.googleapis.com
16	profitsmart.ro	app.profitshare.ro profitsmart.ro
16	pagead2.googlesyndication.com	itconnect.robloguri.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	itconnect.robloguri.info	itconnect.robloguri.info ajax.googleapis.com
12	app.profitshare.ro	itconnect.robloguri.info app.profitshare.ro
12	fonts.googleapis.com	itconnect.robloguri.info googleads.g.doubleclick.net tpc.googlesyndication.com cdnjs.cloudflare.com
11	1.bp.blogspot.com	itconnect.robloguri.info
9	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
8	bam.nr-data.net	app.profitshare.ro
7	static.criteo.net	ads.eu.criteo.com
7	www.googletagservices.com	googleads.g.doubleclick.net
7	2.bp.blogspot.com	itconnect.robloguri.info
5	pix.eu.criteo.net	ads.eu.criteo.com
5	www.blogger.com	itconnect.robloguri.info apis.google.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	apis.google.com	itconnect.robloguri.info apis.google.com www.blogger.com
4	3.bp.blogspot.com	itconnect.robloguri.info
2	www.facebook.com	1 redirects connect.facebook.net
2	connect.facebook.net	itconnect.robloguri.info connect.facebook.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	4.bp.blogspot.com	itconnect.robloguri.info
2	cdnjs.cloudflare.com	itconnect.robloguri.info ads.eu.criteo.com
2	maxcdn.bootstrapcdn.com	itconnect.robloguri.info maxcdn.bootstrapcdn.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	itconnect.robloguri.info
1	ajax.googleapis.com	itconnect.robloguri.info
292	36

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
pinterest.com
instagram.com
povesti-ro.weebly.com
rezumatecarti.robloguri.info
cursvalutar.weebly.com
talesandbedtimestories.blogspot.com
blackfriday.robloguri.info
filme.robloguri.info
www.blogger.com
www.soratemplates.com
mybloggerthemes.com

Subject Issuer	Validity	Valid
itconnect.robloguri.info GTS CA 1D4	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.profitshare.ro Sectigo RSA Domain Validation Secure Server CA	`2022-09-05` - `2023-09-30`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.profitsmart.ro Sectigo RSA Domain Validation Secure Server CA	`2022-09-19` - `2023-10-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-13` - `2022-12-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://itconnect.robloguri.info/
Frame ID: B0D7B563570476312704D19067F2E4BE
Requests: 81 HTTP requests in this frame

Frame: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Frame ID: 6BE9AC95B2984AAA4C00E1261BE6578E
Requests: 22 HTTP requests in this frame

Frame: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Frame ID: F7152A98CECCA12DDE0E6F00A384740D
Requests: 22 HTTP requests in this frame

Frame: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Frame ID: 4E85B0C7612FA4272EC12CFBDBEF389F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 94F83B79192011D45F08FBF863314F66
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=1083167194184464723&blogName=IT+Connect+-+%C8%98tiri+IT,+review-uri+si+...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://itconnect.robloguri.info/search&blogLocale=ro&v=2&homepageUrl=https://itconnect.robloguri.info/&vt=6425494895395522931&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.K9Su0nk3cW8.O%2Fd%3D1%2Frs%3DAHpOoo8btnHqwUVabznuJubPHkJyYc6kxA%2Fm%3D__features__
Frame ID: 39BCFABF0A182DDC095081C847D2B739
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&adk=1812271804&adf=3025194257&lmt=1669691691&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fitconnect.robloguri.info%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228347928&bpp=2&bdt=505&idt=198&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5237787123920&frm=20&pv=2&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215
Frame ID: C4B00840A2771B0D19393138A7890E9F
Requests: 1 HTTP requests in this frame

Frame: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Frame ID: 6B369FE401E628B69994DCD19689EDBF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=795555019&adf=855797969&pi=t.aa~a.2272617183~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=339x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=4&bdt=1442&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0&nras=2&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sMV2K8c98E&p=https%3A//itconnect.robloguri.info&dtd=7
Frame ID: 9773581198EB434E802B0D21A67A34E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12
Frame ID: 09683AD2E4A72E524E8E696768166A4F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=1862488135&adf=4198736532&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280&nras=4&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=z8uJhLhTMW&p=https%3A//itconnect.robloguri.info&dtd=15
Frame ID: 1BC2EADC625297A20F39101782CBFFBB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=3194074656&pi=t.aa~a.1067075414~rp.4&w=780&lmt=1669691691&nsk=8b3bdd27&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280&nras=5&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=0St9Y7Revx&p=https%3A//itconnect.robloguri.info&dtd=12
Frame ID: 05CD6DA0178794EFE6976280EA094928
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15
Frame ID: B056A2AE9B9E6469790CF18F17A01F36
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 65A9DDB9C9DA3EE4DC75283ED421DDC0
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: B9499E0FEB05EB159FB335789450394D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html
Frame ID: DA3A975980DB1A3D8D5E6CC1E6940096
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0164656B206D9514C89A65E29B2AFFF3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/error_handler.js
Frame ID: 9C11D3AF90A0B94906F26497F3EAE33F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html
Frame ID: 3A3CB2F285161208F521DD5F757F3D31
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CR42rfKmNY6WqOtKOqMwPsYmUuAO05_3Mbf7zsKP1EIfLvfzHARABIL_G_wdgleKQgqAHoAGc96HZAsgBCakCRL-0GpessT6oAwHIA0iqBJgCT9A2k3EJlKXv3XpJBlAbCHKaBxVk54LKEwKdEDCQEyOPpI83KyZLswtcMYoMGlNX1A3UzJUl5KXFbTl-qABH9HebfuSG6kk7erUBZWJsmrwxRHo92QLwB-jtmFnZfEN3bWrxvTWLZInb0_-k8NyZCiCSNoEGFfsMzYmEVm2ldWM3rhTGs77sNtACznOZHsVWGdxt4SEaXyO-0b9B91RFXhbX1GrwMI_oSSgYuUcC7opRhOhavC4GqZNrcKTlOkuDv4T8lTyYjaukszli6PsUysRqQ_bwUV40IfixM9GHO-O2PeeBKFeK-R2ZAWRYrTXJiwrNLf-RGUtePthTikYwneJpxbhoSg8pwDo2_nUGioVXwnLviiODEcAEnaH00pEEkgUECAQYAZIFBAgFGASgBi6AB4jM3qYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0rkF0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMzAwMDY5NDQxNzM1NTM4MhgA&sigh=xYD1GWYQfAM&uach_m=[UACH]&cid=CAQSOwDq26N9PXAwWT8p6o4hb7rWuJIQ4438F_jG5DdZ7cxDcsV_l3sp90MTIwOdQeQEFKywIb7pr2_4Xz0PGAEgEw&template_id=419
Frame ID: 68DBED3ABA0A9ED06CE82A14E7BF06AF
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y42pfAAOtDYFKO2vAAgz0O_FHRXWdMEEC8wI_Q&u=%7CPqD4%2FXRn70Ks%2BWUzu8iybb%2FM2aiSP4VqSYfPrFLa2rY%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDMdIG1lGTt_q8fl6PJRS9SEtFZIc2DuanS19ETkL5lbUF3IThsFavKa6qyFWW7Hcyi515WWCU6B9OaGdlQhWPSc7cqcbWq1DFxRs3Uv_2JCDOVhGRhle8ydXp5YVUyqldNojsXNR6G3fVWDPcWTv8RBgxWTAQg--fZrollUsTIQBoX4lytCy0VpCwLLM42BRbqaZ5CwYdGCv4Pporon1ptll5h0zCdJScRa3c0sco4d3z90apKSTxE1I1MEsQr4SDGDs7dM6WSuhBOFfSdBykVqrvItQ-rJXh5BD7t7fXlpTA76bSM4RWlg-rEmCfw7phnhYtNvstMPmGJOaCKoAQvPiXkXU_ppDRXHVu3Sg8hvEzQskDFGKeOvmniiQiUGZbgXyUSaoMR1yoBkYOCgNMeGXNTkglmYc-9QGMjwTBc0e2ocMvBwJhzqUiCWVVDghcN3kbppO2NITNCgCLrgMkMpHP-7kIWOJk_f3xLDw6mcOB3lr_PkZX1SQXZCP7REpN7Nl96-U64AowN7HStH1GTJFAZqeouoQm8tXQRGJZdyeLf8BKxxdKGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoO36fKmNY7boOq_bo9kP0Oeg4ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMDAwNjk0NDE3MzU1MzgyyAEJqQJEv7Qal6yxPqgDAaoEiQJP0DORuFQwBB62eGo76BXpr88-R-2D1Zq2H-mT8_CXeiI7Ck0F1Ugw2EvvvFU2dX8J7q5KkMVq1KOy30OIYR_mrmZz3Tg8tGXFRSf1EHtZO-QiyP64O3_UGP74r7Eyyo0W38ur9Iold-r3v0FKsiIgOGC7mtz5TsEhgQE0o8jEptqcYncePoIaI4f0ChmmD1AfnGrZDCB8Bee--7UYW2hAlWH9F7AtW-AceIsrP4qo92ed9-FbKvbWAfey4yb3B0BHvIpQiOkOLxFpVtrcgn7uFOiAdgfd15Pu_38jjKlkDdyaKoJvQBMswTfKnmEQ_FfvfWpE1sW1FVp8zfbs9QAAEFmoHl6qMjjigAbP75Oew4mDnYsBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24eKG4PGO77CwuRHrv78_QhVqR4g%26client%3Dca-pub-3000694417355382%26adurl%3D
Frame ID: 9EFF29625B278CEE0E4375146AE3C3AB
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5C6B4A9B805CE08D4221240CF47D51FE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BCE7CABD146FD56E8593163C94737EA9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D9CDF82BB41737BF015BCB4571762A8F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 679C3E1A1B72B2196FC68A5346EA64AB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 043897DEFF9F80B868B231418143E5AE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 88B83D3CA444CB68632ECAB4E07A8B7E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 7CED3FE3205B91FD9010CD84204754F9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3912e8b995b48c%2526domain%253Ditconnect.robloguri.info%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fitconnect.robloguri.info%25252Ff19acb359c0bbb4%2526relation%253Dparent.parent%26container_width%3D339%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FStiriITReviewReduceri%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D360
Frame ID: 3207DE0F75FE4901728E6DCDCED2C700
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF799BA9BAF977553A042C1379F36E6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4FFD2000E7950F18D52D83FD3887474
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IT Connect - Știri IT, review-uri si prezentari electronice

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

292
Requests

99 %
HTTPS

84 %
IPv6

24
Domains

36
Subdomains

33
IPs

4
Countries

4635 kB
Transfer

10167 kB
Size

7
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://facebook.com/

Search URL Search Domain Scan URL

URL: http://twitter.com/

Search URL Search Domain Scan URL

URL: http://pinterest.com/

Search URL Search Domain Scan URL

URL: http://instagram.com/

Search URL Search Domain Scan URL

URL: https://povesti-ro.weebly.com/
Title: Povesti pentru copii

Search URL Search Domain Scan URL

URL: http://rezumatecarti.robloguri.info/
Title: Rezumate carti

Search URL Search Domain Scan URL

URL: https://cursvalutar.weebly.com/
Title: Curs valutar

Search URL Search Domain Scan URL

URL: https://talesandbedtimestories.blogspot.com/
Title: Bedtime Stories

Search URL Search Domain Scan URL

URL: https://blackfriday.robloguri.info/2021/10/pe-ce-data-pica-black-friday-in-romania-in-2021.html
Title: Black Friday 2021

Search URL Search Domain Scan URL

URL: https://filme.robloguri.info/2021/10/seriale-noi-pe-netflix.html
Title: Seriale noi Netflix

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: http://www.soratemplates.com/
Title: SoraTemplates

Search URL Search Domain Scan URL

URL: http://mybloggerthemes.com/
Title: MyBloggerThemes

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 274

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 283

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 285

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 291

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3912e8b995b48c%26domain%3Ditconnect.robloguri.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fitconnect.robloguri.info%252Ff19acb359c0bbb4%26relation%3Dparent.parent&container_width=339&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FStiriITReviewReduceri&locale=en_US&sdk=joey&show_facepile=true&small_header=false&width=360 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3912e8b995b48c%2526domain%253Ditconnect.robloguri.info%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fitconnect.robloguri.info%25252Ff19acb359c0bbb4%2526relation%253Dparent.parent%26container_width%3D339%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FStiriITReviewReduceri%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D360

292 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
itconnect.robloguri.info/ 308 KB
42 KB 431ms
343ms Document
text/html 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

83858a1bad09a711dba5f4aeca53623fec6d1787a838d4753657cdd604873ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 43140
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 08:19:07 GMT
etag: W/"d199790df823f75ee31a971779537e5716b573c13bc4fc7178e3b2622749abb8"
expires: Mon, 05 Dec 2022 08:19:07 GMT
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 115ms
35ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 08:14:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 07:52:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 03 Dec 2023 08:14:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 132ms
52ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a7af8c6ee63c6c57b41dcf70966b3a269bb84ba4fb8a486732cb7f7701caa64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 08:19:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
832 B 126ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo%3A400%2C700%2C800%7CRoboto%3A400%2C700%26subset%3Dlatin%2Clatin-ext&ver=1.0.0

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8608de19e5c19a89b900621cfb3f8f4cfa44db32050aa7a65674793b7186cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 08:19:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
898 B 125ms
46ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700&subset=latin%2Clatin-ext

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 08:09:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:07 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 42ms
19ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 24185758
cdn-cachedat: 2021-06-08 21:31:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5bb5196854d77b3b0bd1d55200ac7249
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 774b5ae3891e6969-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
34 KB 114ms
35ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 06:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 06:26:32 GMT

GET
H2 200 jquery.simpleWeather.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.simpleWeather/3.1.0/ 3 KB
2 KB 65ms
34ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.simpleWeather/3.1.0/jquery.simpleWeather.min.js

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2da4720398d9dfc58821573db8754ac6d3d1d3ea612689cc94f1fba3ec8da15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 540510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1183
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-de2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5UmykC%2BySgPfld%2BvcpmRPQ%2FeCBc73ZPc2lo7IzxhMG7lEKWREp3%2BUIRLAjrkN6Pfc%2BGwSYKsNQaqfGTSd963rbxPCQ2eWF5T%2F%2FNsUc56%2Fz%2B%2B53yClh7LKp0rCOXD7MHDFF3sCP3AbyN14YsKIc24KD7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 774b5ae3d8fbbbce-FRA
expires: Sat, 25 Nov 2023 08:19:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 133ms
50ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109164550-1

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4c47ab3d71b67eb6180fb74b64cbf8fc846089eb056d9dec3089cd328dd0822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43578
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Dec 2022 08:19:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 217ms
136ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2afcf26e65448345bc9ef618d2c7c4eebfe337c7fb11a311bb2ea7a885f7d815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48943
x-xss-protection: 0
server: cafe
etag: 17320037787873526200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 08:19:07 GMT

GET
H2 200 logo%2Bstiri%2Bit.jpg
3.bp.blogspot.com/-C2O4l67txJo/WfgrdihiZ6I/AAAAAAAAtvs/kuZrmrEwglkzMq5LWuevr0dSe9nt2BnxACK4BGAYYCw/s1600/ 8 KB
8 KB 213ms
121ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-C2O4l67txJo/WfgrdihiZ6I/AAAAAAAAtvs/kuZrmrEwglkzMq5LWuevr0dSe9nt2BnxACK4BGAYYCw/s1600/logo%2Bstiri%2Bit.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2c2578429d7a8c7ff52a6c1530f96d8a6d5fc187c4187da409c21e3d14c30a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="logo stiri it.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8191
x-xss-protection: 0
server: fife
etag: "vb6fc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:19 GMT

GET
H/1.1 200
OK 6931446 Show response
app.profitshare.ro/ai/ 4 KB
2 KB 208ms
77ms Script
text/javascript 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.profitshare.ro/ai/6931446
Requested by: Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: b46bcde344e00ee5e24baac0a02c7fbae703f283d4ce42ce702b952683eb3676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 08:19:07 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 black%2Bfriday%2B2019.jpg
1.bp.blogspot.com/-opZ_IBE186Q/Xc12IAY9hkI/AAAAAAAA7Fg/GjydQgVFt3c_CbXnJNj9pgOsVEd4UDRkACLcBGAsYHQ/s72-c/ 3 KB
4 KB 221ms
126ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-opZ_IBE186Q/Xc12IAY9hkI/AAAAAAAA7Fg/GjydQgVFt3c_CbXnJNj9pgOsVEd4UDRkACLcBGAsYHQ/s72-c/black%2Bfriday%2B2019.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

006fa299e9a68bcabbaab6203d4a80deff3ab63da297e2fe26fad7c906465891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
x-content-type-options: nosniff
server: fife
etag: "vec59"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="black friday 2019.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3316
x-xss-protection: 0
expires: Tue, 06 Dec 2022 08:19:07 GMT

GET
H2 200 Black-Friday-2019-la-eMAG-950x490.jpg
1.bp.blogspot.com/-zqrabnKxVEs/Xc1vCZispiI/AAAAAAAA7FU/1PyZR6mQUJcWBf5lxls_JhAHuU-Mu639QCLcBGAsYHQ/s72-c/ 3 KB
3 KB 437ms
343ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-zqrabnKxVEs/Xc1vCZispiI/AAAAAAAA7FU/1PyZR6mQUJcWBf5lxls_JhAHuU-Mu639QCLcBGAsYHQ/s72-c/Black-Friday-2019-la-eMAG-950x490.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4df1504c02261f743525df42d32630d6aaddec9edab2066bdbf8c92314a2414a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Black-Friday-2019-la-eMAG-950x490.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3013
x-xss-protection: 0
server: fife
etag: "vec56"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:20 GMT

GET
H2 200 i%2Blove%2Bpdf.png
2.bp.blogspot.com/-al25z_qGg6M/XAVjLzfgumI/AAAAAAAA6Mk/mTSrV_MbOIo8E7cTMxzNnTvoQPA0ahuRgCLcBGAs/s72-c/ 2 KB
2 KB 310ms
211ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-al25z_qGg6M/XAVjLzfgumI/AAAAAAAA6Mk/mTSrV_MbOIo8E7cTMxzNnTvoQPA0ahuRgCLcBGAs/s72-c/i%2Blove%2Bpdf.png

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

53b3615ca38033bc3c8fc64f818a10aacbdb02b1eaa3c956f491032b36480cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
x-content-type-options: nosniff
server: fife
etag: "ve8ca"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="i love pdf.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1740
x-xss-protection: 0
expires: Tue, 06 Dec 2022 08:19:07 GMT

GET
H2 200 EMAG%2BZIUA%2BEMAG%2B-%2BREDUCERI.jpg
1.bp.blogspot.com/-ccM3JzGYqPg/XAYkGbYihVI/AAAAAAAA6NU/imRmBBVoW28JJFv8TJacOWYVAXZdLQDswCLcBGAs/s72-c/ 6 KB
6 KB 190ms
145ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ccM3JzGYqPg/XAYkGbYihVI/AAAAAAAA6NU/imRmBBVoW28JJFv8TJacOWYVAXZdLQDswCLcBGAs/s72-c/EMAG%2BZIUA%2BEMAG%2B-%2BREDUCERI.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e33eb765ec87b8e4e28c89903f005b7277d4e1b6e0366f029237dfa853998cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="EMAG ZIUA EMAG - REDUCERI.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6175
x-xss-protection: 0
server: fife
etag: "ve8d6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:20 GMT

GET
H2 200 EMAG%2BZIUA%2BEMAG%2B2.jpg
3.bp.blogspot.com/-JUayO2ZNou4/XAYSvDyOogI/AAAAAAAA6M8/XPWcZ4SIkhw-yeXxfmI2jJ8FQULNoHe6gCLcBGAs/s72-c/ 5 KB
5 KB 177ms
135ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-JUayO2ZNou4/XAYSvDyOogI/AAAAAAAA6M8/XPWcZ4SIkhw-yeXxfmI2jJ8FQULNoHe6gCLcBGAs/s72-c/EMAG%2BZIUA%2BEMAG%2B2.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1f35981e5b75a8fd3e2a957ae82862221e3015c520f9f454ecc5333e8b8e24a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="EMAG ZIUA EMAG 2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4888
x-xss-protection: 0
server: fife
etag: "ve8d0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:22 GMT

GET
H2 200 Screen-Shot-%2B1.png
4.bp.blogspot.com/-JLlJqY_UOgk/XAVXlMfyfeI/AAAAAAAA6LM/9JzPwCHI170jufMWBjMI2EALj4KQwUfAQCLcBGAs/s72-c/ 2 KB
2 KB 120ms
119ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-JLlJqY_UOgk/XAVXlMfyfeI/AAAAAAAA6LM/9JzPwCHI170jufMWBjMI2EALj4KQwUfAQCLcBGAs/s72-c/Screen-Shot-%2B1.png

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

36b751050f9f989cf7383b57a38122e1b14c3631d1538990607599bf6b3697a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Screen-Shot- 1.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1990
x-xss-protection: 0
server: fife
etag: "ve8bb"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:19 GMT

GET
H2 200 altex%2Bbf%2Btv.jpg
2.bp.blogspot.com/-3oHVH1Vb5BY/W_-qTyu8jQI/AAAAAAAA6II/CMLv-yJgwqwvExfqmSzf4NannFR-KwpZQCLcBGAs/s72-c/ 5 KB
5 KB 195ms
195ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-3oHVH1Vb5BY/W_-qTyu8jQI/AAAAAAAA6II/CMLv-yJgwqwvExfqmSzf4NannFR-KwpZQCLcBGAs/s72-c/altex%2Bbf%2Btv.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a63b06c3d1348e6a7d6e335ee221c1f0e09aa768e58090bd28231e771966a75a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="altex bf tv.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4691
x-xss-protection: 0
server: fife
etag: "ve883"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:20 GMT

GET
H/1.1 200
OK 6931436 Show response
app.profitshare.ro/ai/ 4 KB
2 KB 218ms
82ms Script
text/javascript 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.profitshare.ro/ai/6931436
Requested by: Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: 5c8e11634b8d074f122530562c5cd3c1ebd29fb8fecacc2a6eb85c6544c91f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 08:19:07 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 huawei-honor-7x-2.jpg
2.bp.blogspot.com/-UyxIdkG7kYI/WhVnQGbvHOI/AAAAAAAAuzY/gb4D4vcAXCMvo_2XX4TkbAO9Dw3pbn_4QCLcBGAs/s72-c/ 3 KB
3 KB 143ms
143ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-UyxIdkG7kYI/WhVnQGbvHOI/AAAAAAAAuzY/gb4D4vcAXCMvo_2XX4TkbAO9Dw3pbn_4QCLcBGAs/s72-c/huawei-honor-7x-2.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ca926be16598cedc9e72f6b7b551ddac3d5fd737245fa9e55f460dada599b9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="huawei-honor-7x-2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3080
x-xss-protection: 0
server: fife
etag: "vbb37"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:20 GMT

GET
H/1.1 200
OK 6931463 Show response
app.profitshare.ro/ai/ 4 KB
2 KB 216ms
87ms Script
text/javascript 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.profitshare.ro/ai/6931463
Requested by: Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: 872722f31c5eafaed35339de81cc4808d11592bc896f0708141be260106f2b25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 08:19:07 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 124ms
43ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e0194519c661e2457b5eed727ddb9096a5b13778ba6c1a3813d97852ad8bcdf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 08:19:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20982
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "0053a8bd2046ac7c"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Dec 2022 08:19:07 GMT

GET
H2 200 cookienotice.js Show response
itconnect.robloguri.info/js/ 6 KB
2 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/js/cookienotice.js

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Dec 2022 07:50:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 12 Dec 2022 08:19:07 GMT

GET
H2 200 2342155703-widgets.js Show response
www.blogger.com/static/v1/widgets/ 153 KB
56 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2342155703-widgets.js

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 02:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56726
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 00:53:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 02 Dec 2023 02:00:03 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 684ms
683ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1083167194184464723&zx=c9c3ebf7-8ab8-4c88-b065-a8a22baf979c

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Dec 2022 08:19:08 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
itconnect.robloguri.info/ 12 KB
12 KB 192ms
192ms Image
text/html 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itconnect.robloguri.info/

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: GSE
etag: W/"d199790df823f75ee31a971779537e5716b573c13bc4fc7178e3b2622749abb8"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 43140
x-xss-protection: 1; mode=block
expires: Mon, 05 Dec 2022 08:19:07 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
71 KB 94ms
84ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin: https://itconnect.robloguri.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 755
cdn-cachedat: 11/18/2022 06:17:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d9f8965f2ad89dad63229aacfd9fc57e
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 774b5ae4cd19bb80-FRA
cdn-requestpullsuccess: True

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 113ms
35ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itconnect.robloguri.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 566923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 18:50:24 GMT

GET
H/1.1 200
OK 6931446 Show response
app.profitshare.ro/ai/ 4 KB
2 KB 68ms
67ms Script
text/javascript 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.profitshare.ro/ai/6931446
Requested by: Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: b46bcde344e00ee5e24baac0a02c7fbae703f283d4ce42ce702b952683eb3676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 08:19:07 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 109ms
37ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itconnect.robloguri.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 490378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:06:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 114ms
35ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109164550-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 07:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3267
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 05 Dec 2022 09:24:40 GMT

GET
H/1.1 200
OK / Show response
app.profitshare.ro/i/6lf3/ Frame 6BE9 72 KB
23 KB 181ms
169ms Document
text/html 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/ai/6931446
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: 8adcbc78a441f0f0a8c137c62873036693f947c2e144b5ead6727bacda3470dc

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Dec 2022 08:19:07 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/ 172 KB
56 KB 117ms
38ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c29cf3994870c273280ece6af97849aff0a24a66c505d9d19b195fdbd4212d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 23:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57784
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 23:41:47 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 116ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 06:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 06:33:14 GMT

GET
H3 200 4UaOrEtFpBISc36j.woff2
fonts.gstatic.com/s/exo/v20/ 20 KB
20 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Exo%3A400%2C700%2C800%7CRoboto%3A400%2C700%26subset%3Dlatin%2Clatin-ext&ver=1.0.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e9d07ebb7ea3f8e5c5568fa3b4e81d5b93aacfd93cc05192a30c0438039d349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itconnect.robloguri.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 17:35:34 GMT
x-content-type-options: nosniff
age: 225813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20364
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:24:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:34 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 51ms
51ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itconnect.robloguri.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 304612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 19:42:15 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 76ms
76ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700&subset=latin%2Clatin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itconnect.robloguri.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 486713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 17:07:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 86ms
86ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itconnect.robloguri.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 11:51:47 GMT
x-content-type-options: nosniff
age: 246440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 11:51:47 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 93ms
93ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itconnect.robloguri.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 574455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 16:44:52 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 24 KB
24 KB 98ms
98ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itconnect.robloguri.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 07:57:00 GMT
x-content-type-options: nosniff
age: 519727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25036
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 07:57:00 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 99ms
99ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itconnect.robloguri.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 18:53:22 GMT
x-content-type-options: nosniff
age: 566745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31320
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 18:53:22 GMT

GET
H2 200 [random] Show response
itconnect.robloguri.info/feeds/posts/default/-/ 2 KB
1 KB 269ms
268ms XHR
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/feeds/posts/default/-/[random]?alt=json-in-script&max-results=4&callback=jQuery111008143818986997731_1670228347620&_=1670228347621

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

26b3214bd91d3f1e2eadae1945600a4f46418f24cd1fa8ad650512d70eefd6a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://itconnect.robloguri.info/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: blogger-renderd
etag: W/"fa03f500f29cfbd58d5ff9aa8b22d22bbab7c775110b5719eae03c11fb36ffcd"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 1063
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H2 200 default Show response
itconnect.robloguri.info/feeds/posts/ 45 KB
8 KB 242ms
241ms XHR
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/feeds/posts/default?alt=json-in-script&max-results=4&callback=jQuery111008143818986997731_1670228347622&_=1670228347623

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

b3f27880ebec05cd05f22e69e5b5fa33c4873bda72279f3aba0699b5bc688f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://itconnect.robloguri.info/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: blogger-renderd
etag: W/"5f98b6ce5e36ab4b8d1d610be619b107f25a83a5159666093156c308c6d37aef"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 8148
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H2 200 default Show response
itconnect.robloguri.info/feeds/comments/ 1 KB
950 B 231ms
231ms XHR
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/feeds/comments/default?alt=json-in-script&max-results=4&callback=jQuery111008143818986997731_1670228347624&_=1670228347625

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

30208e1639ab9c51916754b07563e8ebdee7311be1b57e83014e631808e22d93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://itconnect.robloguri.info/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 02 Apr 2022 17:15:33 GMT
server: blogger-renderd
etag: W/"e8771e4cdca862ee41a6f6c83bcbf2d91e27efbcee4f15867e1307205da64290"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 688
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H2 200 default Show response
itconnect.robloguri.info/feeds/posts/ 585 KB
56 KB 255ms
255ms XHR
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/feeds/posts/default?alt=json-in-script&callback=jQuery111008143818986997731_1670228347626&_=1670228347627

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

481b637bd4ee6604f170138eea518ce2be0144601b8489ba88e591c00b9d4f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://itconnect.robloguri.info/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: blogger-renderd
etag: W/"cbad68a292e1c7f14fba48fb6610ce2734b89ef9011abca27d63c407359e177f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 57508
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H2 200 default Show response
itconnect.robloguri.info/feeds/posts/ 35 KB
7 KB 308ms
307ms XHR
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery111008143818986997731_1670228347628&_=1670228347629

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

6f45c8aae5a79915f72ff491d215ad823acca336681e65e15c6c743700364847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://itconnect.robloguri.info/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: blogger-renderd
etag: W/"2aca5e676300d440dd5c5eaeabb63ac91225833ae556bc21db5905194ee1f279"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 6895
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H2 200 summary Show response
itconnect.robloguri.info/feeds/posts/ 5 KB
2 KB 382ms
382ms Script
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

a72e722499015500464ffd6317fcb36baf7583a372664db52c1abee8a2611614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: blogger-renderd
etag: W/"bdd760d8f853ed905a4be8059a080b5d19c81e018964bf0a939dc3d284cd257c"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 1661
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H/1.1 200
OK / Show response
app.profitshare.ro/i/6lf3/ Frame F715 75 KB
24 KB 127ms
126ms Document
text/html 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/ai/6931446
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: 6a543a219d2d690734f4fb38125956024a15cb64f481bdd2e2a595a66b84c9cf

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Dec 2022 08:19:08 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
app.profitshare.ro/i/wlf3/ Frame 4E85 59 KB
21 KB 145ms
144ms Document
text/html 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/ai/6931436
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: b42f0fab45821711c4808a8a899612cef3405df41b90d4a05a2e48f4d0dd7f3f

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Dec 2022 08:19:08 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
116 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3000694417355382&plah=itconnect.robloguri.info&bust=31071035

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3096b857e86eab973eddc159c3f9233154423c62eee6470df746d66b93a7a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119174
x-xss-protection: 0
server: cafe
etag: 3264732809814186503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 08:19:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 94F8 10 KB
5 KB 115ms
35ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 16:58:01 GMT
etag: 10353107486223812946
expires: Sun, 18 Dec 2022 16:58:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 124ms
45ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1003390224&t=pageview&_s=1&dl=https%3A%2F%2Fitconnect.robloguri.info%2F&ul=en-us&de=UTF-8&dt=IT%20Connect%20-%20%C8%98tiri%20IT%2C%20review-uri%20si%20prezentari%20electronice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=375921932&gjid=1648849567&cid=335565879.1670228348&tid=UA-109164550-1&_gid=667515872.1670228348&_r=1&gtm=2oubu0&z=1273032159

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://itconnect.robloguri.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://itconnect.robloguri.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget.css
profitsmart.ro/css/widgets/default/ Frame 6BE9 3 KB
1 KB 179ms
43ms Stylesheet
text/css 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://profitsmart.ro/css/widgets/default/widget.css
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: fddc2eb0a956c018bfb6523d5c2172409d09e9912653387308ab0fb7fb3550e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Dec 2013 13:46:58 GMT
Server: nginx
ETag: W/"52c17952-c8d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK ro.css
profitsmart.ro/css/widgets/default/ Frame 6BE9 946 B
1 KB 192ms
46ms Stylesheet
text/css 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://profitsmart.ro/css/widgets/default/ro.css
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: ca09b3d8d21445f5aceb668b1591fb6d1341b24a26f2605708cfc9125c9f72d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Fri, 20 Jun 2014 07:38:00 GMT
Server: nginx
ETag: "53a3e4d8-3b2"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 946
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK 728x90.css
profitsmart.ro/css/widgets/default/ Frame 6BE9 2 KB
1014 B 193ms
44ms Stylesheet
text/css 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://profitsmart.ro/css/widgets/default/728x90.css?v=2
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: 8b5cc0109ea9703098687a8ac7ce88787b3fb621f70df143757aa2426c018bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Dec 2015 11:58:45 GMT
Server: nginx
ETag: W/"5672a375-7fa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK 32420959-35296504_140x140_fh8e.jpeg
profitsmart.ro/product_images/32421/ Frame 6BE9 16 KB
16 KB 209ms
43ms Image
image/jpeg 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profitsmart.ro/product_images/32421/32420959-35296504_140x140_fh8e.jpeg
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: e6f3538a7c48e9f2a1d6b33c761f0e315ca723e75754adcb5c6f2abf417a8a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Mon, 10 Oct 2022 04:02:34 GMT
Server: nginx
ETag: "6343995a-3e33"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 15923
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK logo_evomag.ro_1655967959.png
app.profitshare.ro/files_shared/advertiser-logos/ Frame 6BE9 208 KB
208 KB 44ms
43ms Image
image/png 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.profitshare.ro/files_shared/advertiser-logos/logo_evomag.ro_1655967959.png
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: 61a8625e0abba255a6e68530fb4f1c59fb4f1117e7f2a69a15f0b050f8f1b06a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Thu, 23 Jun 2022 07:05:59 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "62b410d7-33f87"
Content-Length: 212871
Content-Type: image/png

GET
H/1.1 200
OK 26953260-35296500_140x140_ailn.jpeg
profitsmart.ro/product_images/26954/ Frame 6BE9 16 KB
16 KB 228ms
48ms Image
image/jpeg 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profitsmart.ro/product_images/26954/26953260-35296500_140x140_ailn.jpeg
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: aa2e58f6958ae192e1be97a3ed20a6f7f6802822c32c6b26bf3a85b30e6f3eb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Mon, 04 Jul 2022 08:45:15 GMT
Server: nginx
ETag: "62c2a89b-3f4c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 16204
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK 26983283-35326528_140x140_hrt7.jpeg
profitsmart.ro/product_images/26984/ Frame 6BE9 17 KB
17 KB 225ms
44ms Image
image/jpeg 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profitsmart.ro/product_images/26984/26983283-35326528_140x140_hrt7.jpeg
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: 5e8552897aa2a1f38c68e7ff270b203cefe6d36620fec0c15e20e637e037b245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Mon, 11 Jul 2022 00:38:26 GMT
Server: nginx
ETag: "62cb7102-4348"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 17224
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK logo.png
profitsmart.ro/images/widget/default/ Frame 6BE9 2 KB
2 KB 121ms
48ms Image
image/png 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profitsmart.ro/images/widget/default/logo.png
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: a85c39abbe40307d2b06f341b7798490e7eadc7d6bc693be61b6c82173675c94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Mon, 30 Dec 2013 13:46:58 GMT
Server: nginx
ETag: "52c17952-696"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 1686
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 39BC 7 KB
3 KB 695ms
695ms Document
text/html 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=1083167194184464723&blogName=IT+Connect+-+%C8%98tiri+IT,+review-uri+si+...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://itconnect.robloguri.info/search&blogLocale=ro&v=2&homepageUrl=https://itconnect.robloguri.info/&vt=6425494895395522931&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.K9Su0nk3cW8.O%2Fd%3D1%2Frs%3DAHpOoo8btnHqwUVabznuJubPHkJyYc6kxA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb57d589588362456d0040e3d623f94c8b7b1b60c32939cd640f492096f557a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2599
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 08:19:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 300x250_35_1668689594.jpg
app.profitshare.ro/images/advertiser_widgets_shared/ Frame 4E85 33 KB
33 KB 38ms
38ms Image
image/jpeg 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.profitshare.ro/images/advertiser_widgets_shared/300x250_35_1668689594.jpg
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: f03c69c06541b72416f0524a6def1843ace1b86bd03146d9eaee228533c9c7cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Thu, 17 Nov 2022 12:53:14 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "63762eba-8521"
Content-Length: 34081
Content-Type: image/jpeg

GET
H/1.1 200
OK widget.css
profitsmart.ro/css/widgets/default/ Frame F715 3 KB
1 KB 126ms
50ms Stylesheet
text/css 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://profitsmart.ro/css/widgets/default/widget.css
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: fddc2eb0a956c018bfb6523d5c2172409d09e9912653387308ab0fb7fb3550e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Dec 2013 13:46:58 GMT
Server: nginx
ETag: W/"52c17952-c8d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK ro.css
profitsmart.ro/css/widgets/default/ Frame F715 946 B
1 KB 125ms
48ms Stylesheet
text/css 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://profitsmart.ro/css/widgets/default/ro.css
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: ca09b3d8d21445f5aceb668b1591fb6d1341b24a26f2605708cfc9125c9f72d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Fri, 20 Jun 2014 07:38:00 GMT
Server: nginx
ETag: "53a3e4d8-3b2"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 946
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK 728x90.css
profitsmart.ro/css/widgets/default/ Frame F715 2 KB
1014 B 131ms
48ms Stylesheet
text/css 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://profitsmart.ro/css/widgets/default/728x90.css?v=2
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: 8b5cc0109ea9703098687a8ac7ce88787b3fb621f70df143757aa2426c018bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Dec 2015 11:58:45 GMT
Server: nginx
ETag: W/"5672a375-7fa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK 32080395-40347219_140x140_jtom.jpg
profitsmart.ro/product_images/32081/ Frame F715 9 KB
9 KB 177ms
48ms Image
image/jpeg 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profitsmart.ro/product_images/32081/32080395-40347219_140x140_jtom.jpg
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: dd6bfa93e35f88a2bb42a1807385f5aa29bcf55d4ad47f562b0d2a3acd4a30ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Tue, 11 Oct 2022 11:04:23 GMT
Server: nginx
ETag: "63454db7-22fe"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 8958
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK logo_elefant.ro_1664876477.png
app.profitshare.ro/files_shared/advertiser-logos/ Frame F715 12 KB
12 KB 46ms
46ms Image
image/png 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.profitshare.ro/files_shared/advertiser-logos/logo_elefant.ro_1664876477.png
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: 5879577c91138b1b40664b5a3574e970f7d83beab791628ca5a31478059b124a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Tue, 04 Oct 2022 09:41:17 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "633bffbd-2f36"
Content-Length: 12086
Content-Type: image/png

GET
H/1.1 200
OK 31717907-39984721_140x140_brhr.png
profitsmart.ro/product_images/31718/ Frame F715 77 KB
77 KB 175ms
46ms Image
image/png 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profitsmart.ro/product_images/31718/31717907-39984721_140x140_brhr.png
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: ff87f4d80182366a4e02db8f31277dd307dcb2c7376f8a8f0a6261278aded954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Tue, 11 Oct 2022 11:04:38 GMT
Server: nginx
ETag: "63454dc6-1339b"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 78747
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK 31804866-40071679_140x140_hht0.jpeg
profitsmart.ro/product_images/31805/ Frame F715 7 KB
7 KB 180ms
48ms Image
image/jpeg 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profitsmart.ro/product_images/31805/31804866-40071679_140x140_hht0.jpeg
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: 0b566e32d390684e82a3f2cd641cc75f58152cfb9f2a8d817cee3349293cccb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Tue, 11 Oct 2022 11:04:59 GMT
Server: nginx
ETag: "63454ddb-1af1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 6897
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK logo.png
profitsmart.ro/images/widget/default/ Frame F715 2 KB
2 KB 100ms
48ms Image
image/png 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profitsmart.ro/images/widget/default/logo.png
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: a85c39abbe40307d2b06f341b7798490e7eadc7d6bc693be61b6c82173675c94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Mon, 30 Dec 2013 13:46:58 GMT
Server: nginx
ETag: "52c17952-696"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 1686
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
333 B 71ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=itconnect.robloguri.info&callback=_gfp_s_&client=ca-pub-3000694417355382&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3000694417355382&plah=itconnect.robloguri.info&bust=31071035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

099623726916c762f184b0b6ad40474030720b6cac0140b13136cba1782edab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 126ms
44ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=itconnect.robloguri.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 130ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itconnect.robloguri.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4B0 287 KB
78 KB 624ms
549ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&adk=1812271804&adf=3025194257&lmt=1669691691&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fitconnect.robloguri.info%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228347928&bpp=2&bdt=505&idt=198&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5237787123920&frm=20&pv=2&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

129cf0783c621b6924e7bba2ae07324479718feefab04313b06f61456834f772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 79340
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:08 GMT
expires: Mon, 05 Dec 2022 08:19:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 black%2Bfriday%2B2019.jpg
1.bp.blogspot.com/-opZ_IBE186Q/Xc12IAY9hkI/AAAAAAAA7Fg/GjydQgVFt3c_CbXnJNj9pgOsVEd4UDRkACLcBGAsYHQ/s400/ 22 KB
22 KB 173ms
95ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-opZ_IBE186Q/Xc12IAY9hkI/AAAAAAAA7Fg/GjydQgVFt3c_CbXnJNj9pgOsVEd4UDRkACLcBGAsYHQ/s400/black%2Bfriday%2B2019.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5262032ac2160dbfcee35be54b46e86aeb3d8194744dcb4dffff589e3ab15d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="black friday 2019.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22870
x-xss-protection: 0
server: fife
etag: "vec59"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:21 GMT

GET
H3 200 Black-Friday-2019-la-eMAG-950x490.jpg
1.bp.blogspot.com/-zqrabnKxVEs/Xc1vCZispiI/AAAAAAAA7FU/1PyZR6mQUJcWBf5lxls_JhAHuU-Mu639QCLcBGAsYHQ/s400/ 27 KB
27 KB 402ms
325ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-zqrabnKxVEs/Xc1vCZispiI/AAAAAAAA7FU/1PyZR6mQUJcWBf5lxls_JhAHuU-Mu639QCLcBGAsYHQ/s400/Black-Friday-2019-la-eMAG-950x490.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

40fa3e8cdc8ce97118ba2e75fd48ae3919b3985cb4a789cae3a966b54a7a76f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Black-Friday-2019-la-eMAG-950x490.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27539
x-xss-protection: 0
server: fife
etag: "vec56"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:21 GMT

GET
H3 200 i%2Blove%2Bpdf.png
2.bp.blogspot.com/-al25z_qGg6M/XAVjLzfgumI/AAAAAAAA6Mk/mTSrV_MbOIo8E7cTMxzNnTvoQPA0ahuRgCLcBGAs/s400/ 11 KB
11 KB 256ms
182ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-al25z_qGg6M/XAVjLzfgumI/AAAAAAAA6Mk/mTSrV_MbOIo8E7cTMxzNnTvoQPA0ahuRgCLcBGAs/s400/i%2Blove%2Bpdf.png

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e08336b73405dfa99e8fc5d595a7a93b976ce3b32107a53ec1f566e619559fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="i love pdf.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10977
x-xss-protection: 0
server: fife
etag: "ve8ca"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:21 GMT

GET
H3 200 EMAG%2BZIUA%2BEMAG%2B-%2BREDUCERI.jpg
1.bp.blogspot.com/-ccM3JzGYqPg/XAYkGbYihVI/AAAAAAAA6NU/imRmBBVoW28JJFv8TJacOWYVAXZdLQDswCLcBGAs/s400/ 51 KB
51 KB 181ms
104ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ccM3JzGYqPg/XAYkGbYihVI/AAAAAAAA6NU/imRmBBVoW28JJFv8TJacOWYVAXZdLQDswCLcBGAs/s400/EMAG%2BZIUA%2BEMAG%2B-%2BREDUCERI.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ca0957e8a90714933aaa394f514257ac3c6f48a365a695cd9d69fee82eb90670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="EMAG ZIUA EMAG - REDUCERI.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52440
x-xss-protection: 0
server: fife
etag: "ve8d6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:21 GMT

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 4E85 21 KB
6 KB 27ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 80MRM9SBYF943QY2
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: IYtTVD9w1h5zbbn8Xa0sJZtgMoEsL+KAO+uwSQQzIDSMcQRlRWrBuHtEzf/bN/7AP4XdZNz/y6k=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1670228348.189931,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6616

GET
H2 200 default Show response
itconnect.robloguri.info/feeds/posts/ 23 KB
5 KB 344ms
344ms XHR
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/feeds/posts/default?alt=json-in-script&start-index=9&max-results=3&callback=jQuery111008143818986997731_1670228347626&_=1670228347630

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

666784d54b761cb4f03707e8fb008c0f9382c94d9cc369c23616d6e82e33acdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://itconnect.robloguri.info/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: blogger-renderd
etag: W/"e39534be5d80f9eb410dcc51157309e916a19238def0c3084c49c83841dd9e20"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 4963
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 4E85 8 KB
4 KB 7ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 8XCR1WDJYSXHS3MA
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: Cogx/C187avp32obJ3ChZlfWWh4qltYUF4NF3dO0tAfQvid1DA0pHcP6zz+hxKeFbFwjOeK85u0=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.210759,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9370

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 4E85 3 KB
2 KB 7ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 4A14V1SFCDCN2Z5H
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: 6pMeSOCZgQ90wQuCt3ZNnmpbNddLSfLfuBu3VmwkPdHHPtjjvRuVv0xyZKkG5tGnd9hF1WjofkU=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.210918,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2464

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 4E85 5 KB
2 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: AYJXXD7KXYRGNAVT
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: ahIEbi0XH6HCbCITRyboc1UHnx0nbhD+IXlwgUt1W77gaebga6F+8+Y+Vd2xHlJEsyImyjOvVCY=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.211084,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1568

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 4E85 1 KB
1013 B 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: A1P4RQGCEEZH3JZH
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: 0iOmcF5Yc4P55/EwlWBrb4yQ3pQhLftlXmttWYvtaiYCF0JmDE3SWomS/HALXnOoPQTxXpF01kU=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.211281,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 440

GET
H2 200 39.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 4E85 7 KB
3 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/39.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 3AJR82QVT179EZF4
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2755
x-amz-id-2: mMSDSKgpklc7O5FSbs7NWGNwxF/xWAkOhP7MYnNKIZ0b9pZpGXnfHw6/sBrLXqJBiyrdF3/Lzic=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.211819,VS0,VE0
etag: "0448380a8f2cd0426bbdf04dd45b5408"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5668

GET
H2 200 0.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 4E85 5 KB
2 KB 8ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/0.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 8P4GWFEC419Q5C80
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2349
x-amz-id-2: jYfSO636RIcvs0CDr/6q2OwAlKppwsLE5O8MGF0TemLm1XCaDWcwM3tXP+s6U2OoCNggJvwKDZ0=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.213166,VS0,VE0
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1941

GET
H2 200 571.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 4E85 2 KB
1 KB 8ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/571.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: DW7TNX419ZY5YVGF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1108
x-amz-id-2: 6pKIoLEkT7CepADPro0CTsmOqDLmzIJnC2pBVbsMhlRvDEsSp4j2N95Cfi94eJQ27A91LAnA1Jh75p+/3dNdvQ==
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.213895,VS0,VE0
etag: "04b00905b32fd8d29459545bc125cff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4805

GET
H2 200 820.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 4E85 7 KB
3 KB 8ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/820.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 1WKBJBWQJPX86ST5
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2979
x-amz-id-2: C4+EA5F5pvsZGbQFvbwQTl+lgOqWwLAcoYx40+CBX6zFIC04JfbOVNhNH6Md0IuGWxQolHiBwD8=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.214027,VS0,VE0
etag: "897a1a72a47e4f4a24c05aec49af638f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4442

GET
H2 200 790.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 4E85 17 KB
6 KB 8ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/790.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: B5TQ0XJGGQHSSHGF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6064
x-amz-id-2: H3tvjkk21FaG4Pq/xSkQjkp7COWcWnbLZIB0/O6NxyrbjoDPqVhmX+NACBrt7GwCPb6zKD5hW0o=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1670228348.214021,VS0,VE0
etag: "af8c077a247e90dff929d7af81c94f57"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2525

GET
H/1.1 200
OK price_free_delivery.png
profitsmart.ro/images/widget/default/ro/ Frame 6BE9 4 KB
4 KB 90ms
43ms Image
image/png 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profitsmart.ro/images/widget/default/ro/price_free_delivery.png
Requested by: Host: profitsmart.ro
URL: https://profitsmart.ro/css/widgets/default/ro.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: 582778b3587a199ff761572b601878b066a16a8692c4c26315a11865e39cbf5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitsmart.ro/css/widgets/default/ro.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Mon, 30 Dec 2013 13:46:58 GMT
Server: nginx
ETag: "52c17952-e25"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 3621
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H/1.1 200
OK bab8192a8d Show response
bam.nr-data.net/1/ Frame 4E85 49 B
527 B 196ms
164ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/bab8192a8d?a=1674781816&v=1220.PROD&to=b1FSYRNZCktYAkAPClYbc0ASTAtVFhNbSSRcZ1VHF10WF3AHRgcIXXVTQQhXCg%3D%3D&rst=377&ck=0&s=717a7eb63ef64a22&ref=https://app.profitshare.ro/i/wlf3/&ap=64&be=165&fe=86&dc=8&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670228347914,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:2,%22rp%22:146,%22rpe%22:147,%22dl%22:148,%22di%22:173,%22ds%22:173,%22de%22:173,%22dc%22:251,%22l%22:251,%22le%22:253%7D,%22navigation%22:%7B%7D%7D&fp=196&fcp=196&at=QxZFF1tDGRQbABZcHkVJ&jsonp=NREUM.setToken
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 774b5ae90d5a9ba1-FRA

GET
H/1.1 200
OK price.png
profitsmart.ro/images/widget/default/ro/ Frame F715 2 KB
3 KB 46ms
44ms Image
image/png 91.247.179.217
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profitsmart.ro/images/widget/default/ro/price.png
Requested by: Host: profitsmart.ro
URL: https://profitsmart.ro/css/widgets/default/ro.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.217 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce217.conectoomail.com
Software: nginx /
Resource Hash: a286f95ee2e30aff61c14e5028101c5cccddcdc39af45373ca9f9879292a7907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profitsmart.ro/css/widgets/default/ro.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Mon, 30 Dec 2013 13:46:58 GMT
Server: nginx
ETag: "52c17952-9f2"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 2546
Expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f1fe4ecb3125031ef36269a4006e87a9d1bb732b2314318a04d74a1f3c994335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 08:19:08 GMT
content-md5: AvVTYSYhqLxvDVjPRUnOAQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: RhrstNDVWofgC2+u9I0oP9ZyQJWW4eUVO+LFzttmUKU2a475ogydkuFl16UI2fMw43ef1zqDIJktAl4PV1BCjw==
x-fb-trip-id: 917726464
x-fb-content-md5: 4cc0eb0c576e95dfbd27c40eb6b0e504
cross-origin-opener-policy: same-origin-allow-popups
etag: "c08b8bc4b133fc381d7f677290f670fb"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 08:21:53 GMT

GET
H3 200 black%2Bfriday%2B2019.jpg
1.bp.blogspot.com/-opZ_IBE186Q/Xc12IAY9hkI/AAAAAAAA7Fg/GjydQgVFt3c_CbXnJNj9pgOsVEd4UDRkACLcBGAsYHQ/s1600/ 103 KB
103 KB 171ms
171ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-opZ_IBE186Q/Xc12IAY9hkI/AAAAAAAA7Fg/GjydQgVFt3c_CbXnJNj9pgOsVEd4UDRkACLcBGAsYHQ/s1600/black%2Bfriday%2B2019.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b53b36c86a3315f82ae987cc577bbb27a3cca19b0da418251f6df8a20c522c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
server: fife
etag: "vec59"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="black friday 2019.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105445
x-xss-protection: 0
expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H3 200 Black-Friday-2019-la-eMAG-950x490.jpg
1.bp.blogspot.com/-zqrabnKxVEs/Xc1vCZispiI/AAAAAAAA7FU/1PyZR6mQUJcWBf5lxls_JhAHuU-Mu639QCLcBGAsYHQ/s1600/ 62 KB
62 KB 134ms
134ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-zqrabnKxVEs/Xc1vCZispiI/AAAAAAAA7FU/1PyZR6mQUJcWBf5lxls_JhAHuU-Mu639QCLcBGAsYHQ/s1600/Black-Friday-2019-la-eMAG-950x490.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

291591204daca6ea212c80f57a5b5cfc3238ef8d716cc36fea603f985e5529d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Black-Friday-2019-la-eMAG-950x490.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62999
x-xss-protection: 0
server: fife
etag: "vec56"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:20 GMT

GET
H3 200 i%2Blove%2Bpdf.png
2.bp.blogspot.com/-al25z_qGg6M/XAVjLzfgumI/AAAAAAAA6Mk/mTSrV_MbOIo8E7cTMxzNnTvoQPA0ahuRgCLcBGAs/s1600/ 19 KB
20 KB 305ms
303ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-al25z_qGg6M/XAVjLzfgumI/AAAAAAAA6Mk/mTSrV_MbOIo8E7cTMxzNnTvoQPA0ahuRgCLcBGAs/s1600/i%2Blove%2Bpdf.png

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb9652d28bb8f97666f3dc519db6735dec2daec6208cd908af261328d64756ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
server: fife
etag: "ve8ca"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="i love pdf.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19942
x-xss-protection: 0
expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H3 200 EMAG%2BZIUA%2BEMAG%2B-%2BREDUCERI.jpg
1.bp.blogspot.com/-ccM3JzGYqPg/XAYkGbYihVI/AAAAAAAA6NU/imRmBBVoW28JJFv8TJacOWYVAXZdLQDswCLcBGAs/s1600/ 161 KB
161 KB 238ms
237ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ccM3JzGYqPg/XAYkGbYihVI/AAAAAAAA6NU/imRmBBVoW28JJFv8TJacOWYVAXZdLQDswCLcBGAs/s1600/EMAG%2BZIUA%2BEMAG%2B-%2BREDUCERI.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5cb77fd910df1ce4b43bc1fcffe2f30381675024bcb63ef1cf9e4e272e147787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="EMAG ZIUA EMAG - REDUCERI.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165107
x-xss-protection: 0
server: fife
etag: "ve8d6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:21 GMT

GET
H3 200 EMAG%2BZIUA%2BEMAG%2B2.jpg
3.bp.blogspot.com/-JUayO2ZNou4/XAYSvDyOogI/AAAAAAAA6M8/XPWcZ4SIkhw-yeXxfmI2jJ8FQULNoHe6gCLcBGAs/s1600/ 161 KB
161 KB 293ms
292ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-JUayO2ZNou4/XAYSvDyOogI/AAAAAAAA6M8/XPWcZ4SIkhw-yeXxfmI2jJ8FQULNoHe6gCLcBGAs/s1600/EMAG%2BZIUA%2BEMAG%2B2.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e91fae7b8e4d1b2ff070cd4f4a36993aa6cb5beae364c2d583125b0963871542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
server: fife
etag: "ve8d0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="EMAG ZIUA EMAG 2.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164562
x-xss-protection: 0
expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H3 200 Screen-Shot-%2B1.png
4.bp.blogspot.com/-JLlJqY_UOgk/XAVXlMfyfeI/AAAAAAAA6LM/9JzPwCHI170jufMWBjMI2EALj4KQwUfAQCLcBGAs/s1600/ 37 KB
37 KB 150ms
150ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-JLlJqY_UOgk/XAVXlMfyfeI/AAAAAAAA6LM/9JzPwCHI170jufMWBjMI2EALj4KQwUfAQCLcBGAs/s1600/Screen-Shot-%2B1.png

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4dbde0af171807c31576a753862f541ad94ffeb3e5e4f7594a77f9a437dac867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Screen-Shot- 1.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37479
x-xss-protection: 0
server: fife
etag: "ve8bb"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:20 GMT

GET
H3 200 altex%2Bbf%2Btv.jpg
2.bp.blogspot.com/-3oHVH1Vb5BY/W_-qTyu8jQI/AAAAAAAA6II/CMLv-yJgwqwvExfqmSzf4NannFR-KwpZQCLcBGAs/s1600/ 194 KB
194 KB 250ms
249ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-3oHVH1Vb5BY/W_-qTyu8jQI/AAAAAAAA6II/CMLv-yJgwqwvExfqmSzf4NannFR-KwpZQCLcBGAs/s1600/altex%2Bbf%2Btv.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

af7cd3ebc0e7f86b931de73177a0b070fa498a972039e31e969c278434aa1eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="altex bf tv.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199026
x-xss-protection: 0
server: fife
etag: "ve883"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:21 GMT

GET
H2 200 / Show response
itconnect.robloguri.info/ 308 KB
42 KB 198ms
198ms XHR
text/html 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

83858a1bad09a711dba5f4aeca53623fec6d1787a838d4753657cdd604873ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://itconnect.robloguri.info/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: GSE
etag: W/"d199790df823f75ee31a971779537e5716b573c13bc4fc7178e3b2622749abb8"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 43140
x-xss-protection: 1; mode=block
expires: Mon, 05 Dec 2022 08:19:08 GMT

GET
H2 200 / Show response
itconnect.robloguri.info/ 308 KB
42 KB 308ms
308ms XHR
text/html 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

83858a1bad09a711dba5f4aeca53623fec6d1787a838d4753657cdd604873ff6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://itconnect.robloguri.info/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: GSE
etag: W/"d199790df823f75ee31a971779537e5716b573c13bc4fc7178e3b2622749abb8"
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 43140
x-xss-protection: 1; mode=block
expires: Mon, 05 Dec 2022 08:19:08 GMT

GET
H2 200 default Show response
itconnect.robloguri.info/feeds/posts/ 585 KB
56 KB 207ms
207ms XHR
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/feeds/posts/default?alt=json-in-script&callback=jQuery111008143818986997731_1670228347628&_=1670228347631

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

8237884a202930316615b4af0862793ef5ee27244bca926a3d55c48ae52f5176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://itconnect.robloguri.info/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: blogger-renderd
etag: W/"cbad68a292e1c7f14fba48fb6610ce2734b89ef9011abca27d63c407359e177f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 57508
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 huawei-honor-7x-2.jpg
2.bp.blogspot.com/-UyxIdkG7kYI/WhVnQGbvHOI/AAAAAAAAuzY/gb4D4vcAXCMvo_2XX4TkbAO9Dw3pbn_4QCLcBGAs/s1600/ 67 KB
67 KB 214ms
213ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-UyxIdkG7kYI/WhVnQGbvHOI/AAAAAAAAuzY/gb4D4vcAXCMvo_2XX4TkbAO9Dw3pbn_4QCLcBGAs/s1600/huawei-honor-7x-2.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

667aac07f0062f8221e8586460714113a86dce661695419308566640aa9c1191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="huawei-honor-7x-2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68894
x-xss-protection: 0
server: fife
etag: "vbb37"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:19:21 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 396ms
396ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1083167194184464723&zx=c9c3ebf7-8ab8-4c88-b065-a8a22baf979c

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Dec 2022 08:19:08 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6BE9 21 KB
6 KB 9ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 80MRM9SBYF943QY2
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: IYtTVD9w1h5zbbn8Xa0sJZtgMoEsL+KAO+uwSQQzIDSMcQRlRWrBuHtEzf/bN/7AP4XdZNz/y6k=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1670228348.344666,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6617

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
85 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7aced2a69d8c98edb020dcbdd945745b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f1c45e5c22442ec0cbaccc2780a8a6c321c7a59594081036c5f6942b4471c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://itconnect.robloguri.info/
Origin: https://itconnect.robloguri.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 08:19:08 GMT
content-md5: WxPx0WEGVDZX83Kduf6nLQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86901
x-fb-rlafr: 0
x-fb-debug: XnCzsxbB6swTNBIYydKZkwLlaqMJrsUU04SNN8toQXKN1n59hEjQNsWLnrFSSqwMVY2tNOEoWDk3qpkBmtFu+g==
x-fb-content-md5: 26d77f73c6211a3a188b1ffee18b93ef
cross-origin-opener-policy: same-origin-allow-popups
etag: "d3adc82b12c216f4c9075b3c813d34c6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 05 Dec 2023 07:34:56 GMT

GET
H/1.1 200
OK / Show response
app.profitshare.ro/i/Nlf3/ Frame 6B36 59 KB
21 KB 136ms
136ms Document
text/html 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/ai/6931463
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: eaf60259c22e59f21bfeff14d39c8cf5d4fe1ae6a28f4e1ecec17cdd0f3574f6

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Dec 2022 08:19:08 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6BE9 8 KB
4 KB 8ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 8XCR1WDJYSXHS3MA
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: Cogx/C187avp32obJ3ChZlfWWh4qltYUF4NF3dO0tAfQvid1DA0pHcP6zz+hxKeFbFwjOeK85u0=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.355213,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9371

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6BE9 3 KB
2 KB 8ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 4A14V1SFCDCN2Z5H
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: 6pMeSOCZgQ90wQuCt3ZNnmpbNddLSfLfuBu3VmwkPdHHPtjjvRuVv0xyZKkG5tGnd9hF1WjofkU=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.355489,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2465

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6BE9 5 KB
2 KB 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: AYJXXD7KXYRGNAVT
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: ahIEbi0XH6HCbCITRyboc1UHnx0nbhD+IXlwgUt1W77gaebga6F+8+Y+Vd2xHlJEsyImyjOvVCY=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.355476,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1569

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6BE9 1 KB
837 B 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: A1P4RQGCEEZH3JZH
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: 0iOmcF5Yc4P55/EwlWBrb4yQ3pQhLftlXmttWYvtaiYCF0JmDE3SWomS/HALXnOoPQTxXpF01kU=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.355438,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 441

GET
H2 200 39.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6BE9 7 KB
3 KB 9ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/39.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 3AJR82QVT179EZF4
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2755
x-amz-id-2: mMSDSKgpklc7O5FSbs7NWGNwxF/xWAkOhP7MYnNKIZ0b9pZpGXnfHw6/sBrLXqJBiyrdF3/Lzic=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.355717,VS0,VE0
etag: "0448380a8f2cd0426bbdf04dd45b5408"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5669

GET
H2 200 0.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6BE9 5 KB
3 KB 9ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/0.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 8P4GWFEC419Q5C80
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2349
x-amz-id-2: jYfSO636RIcvs0CDr/6q2OwAlKppwsLE5O8MGF0TemLm1XCaDWcwM3tXP+s6U2OoCNggJvwKDZ0=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.356461,VS0,VE0
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1942

GET
H2 200 571.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6BE9 2 KB
1 KB 9ms
9ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/571.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: DW7TNX419ZY5YVGF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1108
x-amz-id-2: 6pKIoLEkT7CepADPro0CTsmOqDLmzIJnC2pBVbsMhlRvDEsSp4j2N95Cfi94eJQ27A91LAnA1Jh75p+/3dNdvQ==
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.356567,VS0,VE0
etag: "04b00905b32fd8d29459545bc125cff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4806

GET
H2 200 820.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6BE9 7 KB
3 KB 9ms
9ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/820.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 1WKBJBWQJPX86ST5
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2979
x-amz-id-2: C4+EA5F5pvsZGbQFvbwQTl+lgOqWwLAcoYx40+CBX6zFIC04JfbOVNhNH6Md0IuGWxQolHiBwD8=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.356925,VS0,VE0
etag: "897a1a72a47e4f4a24c05aec49af638f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4443

GET
H2 200 790.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6BE9 17 KB
6 KB 9ms
9ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/790.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: B5TQ0XJGGQHSSHGF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6064
x-amz-id-2: H3tvjkk21FaG4Pq/xSkQjkp7COWcWnbLZIB0/O6NxyrbjoDPqVhmX+NACBrt7GwCPb6zKD5hW0o=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1670228348.357183,VS0,VE0
etag: "af8c077a247e90dff929d7af81c94f57"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2526

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame F715 21 KB
6 KB 68ms
62ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 80MRM9SBYF943QY2
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: IYtTVD9w1h5zbbn8Xa0sJZtgMoEsL+KAO+uwSQQzIDSMcQRlRWrBuHtEzf/bN/7AP4XdZNz/y6k=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1670228348.413214,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6618

GET
H/1.1 200
OK bab8192a8d Show response
bam.nr-data.net/1/ Frame 6BE9 49 B
522 B 181ms
158ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/bab8192a8d?a=1674781816&v=1220.PROD&to=b1FSYRNZCktYAkAPClYbc0ASTAtVFhNbSSRcZ1VHF10WF3AHRgcIXXVTQQhXCg%3D%3D&rst=563&ck=0&s=717a7eb63ef64a22&ref=https://app.profitshare.ro/i/6lf3/&ap=79&be=205&fe=313&dc=218&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670228347820,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:12,%22rp%22:181,%22rpe%22:182,%22dl%22:184,%22di%22:422,%22ds%22:422,%22de%22:422,%22dc%22:517,%22l%22:517,%22le%22:519%7D,%22navigation%22:%7B%7D%7D&fp=467&fcp=467&at=QxZFF1tDGRQbABZcHkVJ&jsonp=NREUM.setToken
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 774b5ae9895f9b98-FRA

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame F715 8 KB
4 KB 7ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 8XCR1WDJYSXHS3MA
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: Cogx/C187avp32obJ3ChZlfWWh4qltYUF4NF3dO0tAfQvid1DA0pHcP6zz+hxKeFbFwjOeK85u0=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.432832,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9373

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame F715 3 KB
2 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 4A14V1SFCDCN2Z5H
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: 6pMeSOCZgQ90wQuCt3ZNnmpbNddLSfLfuBu3VmwkPdHHPtjjvRuVv0xyZKkG5tGnd9hF1WjofkU=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.432819,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2467

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame F715 5 KB
2 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: AYJXXD7KXYRGNAVT
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: ahIEbi0XH6HCbCITRyboc1UHnx0nbhD+IXlwgUt1W77gaebga6F+8+Y+Vd2xHlJEsyImyjOvVCY=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.433246,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1571

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame F715 1 KB
1013 B 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: A1P4RQGCEEZH3JZH
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: 0iOmcF5Yc4P55/EwlWBrb4yQ3pQhLftlXmttWYvtaiYCF0JmDE3SWomS/HALXnOoPQTxXpF01kU=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.433379,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 443

GET
H2 200 39.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame F715 7 KB
3 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/39.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 3AJR82QVT179EZF4
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2755
x-amz-id-2: mMSDSKgpklc7O5FSbs7NWGNwxF/xWAkOhP7MYnNKIZ0b9pZpGXnfHw6/sBrLXqJBiyrdF3/Lzic=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.433749,VS0,VE0
etag: "0448380a8f2cd0426bbdf04dd45b5408"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5670

GET
H2 200 0.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame F715 5 KB
2 KB 8ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/0.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 8P4GWFEC419Q5C80
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2349
x-amz-id-2: jYfSO636RIcvs0CDr/6q2OwAlKppwsLE5O8MGF0TemLm1XCaDWcwM3tXP+s6U2OoCNggJvwKDZ0=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.434089,VS0,VE0
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1943

GET
H2 200 571.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame F715 2 KB
1 KB 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/571.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: DW7TNX419ZY5YVGF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1108
x-amz-id-2: 6pKIoLEkT7CepADPro0CTsmOqDLmzIJnC2pBVbsMhlRvDEsSp4j2N95Cfi94eJQ27A91LAnA1Jh75p+/3dNdvQ==
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.434359,VS0,VE0
etag: "04b00905b32fd8d29459545bc125cff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4807

GET
H2 200 820.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame F715 7 KB
3 KB 9ms
9ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/820.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 1WKBJBWQJPX86ST5
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2979
x-amz-id-2: C4+EA5F5pvsZGbQFvbwQTl+lgOqWwLAcoYx40+CBX6zFIC04JfbOVNhNH6Md0IuGWxQolHiBwD8=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228348.434725,VS0,VE0
etag: "897a1a72a47e4f4a24c05aec49af638f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4444

GET
H2 200 790.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame F715 17 KB
6 KB 10ms
10ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/790.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: B5TQ0XJGGQHSSHGF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6064
x-amz-id-2: H3tvjkk21FaG4Pq/xSkQjkp7COWcWnbLZIB0/O6NxyrbjoDPqVhmX+NACBrt7GwCPb6zKD5hW0o=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1670228348.438135,VS0,VE0
etag: "af8c077a247e90dff929d7af81c94f57"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2527

GET
H/1.1 200
OK bab8192a8d Show response
bam.nr-data.net/1/ Frame F715 49 B
527 B 188ms
170ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/bab8192a8d?a=1674781816&v=1220.PROD&to=b1FSYRNZCktYAkAPClYbc0ASTAtVFhNbSSRcZ1VHF10WF3AHRgcIXXVTQQhXCg%3D%3D&rst=532&ck=0&s=717a7eb63ef64a22&ref=https://app.profitshare.ro/i/6lf3/&ap=78&be=176&fe=269&dc=208&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670228347913,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:127,%22rpe%22:175,%22dl%22:140,%22di%22:384,%22ds%22:384,%22de%22:384,%22dc%22:445,%22l%22:445,%22le%22:445%7D,%22navigation%22:%7B%7D%7D&fp=396&fcp=396&at=QxZFF1tDGRQbABZcHkVJ&jsonp=NREUM.setToken
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 774b5ae9e9d59253-FRA

GET
H/1.1 200
OK incalzitoare_300x600_130375_1604088302.jpg
app.profitshare.ro/images/advertiser_widgets_shared/ Frame 6B36 151 KB
151 KB 43ms
43ms Image
image/jpeg 91.247.179.203
CONVERSION-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.profitshare.ro/images/advertiser_widgets_shared/incalzitoare_300x600_130375_1604088302.jpg
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.247.179.203 , Romania, ASN59934 (CONVERSION-AS, RO),
Reverse DNS: ce203.conectoomail.com
Software: nginx /
Resource Hash: d8f95cffb1b67ae5977078d843956c75d7139fd7fabfbab5a916c890528805d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Last-Modified: Fri, 30 Oct 2020 20:05:02 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5f9c71ee-25a93"
Content-Length: 154259
Content-Type: image/jpeg

POST
H/1.1 200
OK bab8192a8d Show response
bam.nr-data.net/events/1/ Frame 4E85 24 B
406 B 183ms
183ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/bab8192a8d?a=1674781816&v=1220.PROD&to=b1FSYRNZCktYAkAPClYbc0ASTAtVFhNbSSRcZ1VHF10WF3AHRgcIXXVTQQhXCg%3D%3D&rst=592&ck=0&s=717a7eb63ef64a22&ref=https://app.profitshare.ro/i/wlf3/
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/wlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.profitshare.ro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://app.profitshare.ro
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 774b5aea28619ba1-FRA
Content-Length: 24

GET
H3 200 digi-4k--3-_tb1000_tb730.jpg
1.bp.blogspot.com/-vBwRdsVH6_I/W_5ZNKelO1I/AAAAAAAA6HY/hg49solm220EW0sCYjb-iG382xMx37jLQCLcBGAs/s640/ 50 KB
50 KB 463ms
462ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-vBwRdsVH6_I/W_5ZNKelO1I/AAAAAAAA6HY/hg49solm220EW0sCYjb-iG382xMx37jLQCLcBGAs/s640/digi-4k--3-_tb1000_tb730.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7dfa5267946ae2cc92468d0389ec37eca285a38f503bb99c78f1a3aeba1bb049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
server: fife
etag: "ve877"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="digi-4k--3-_tb1000_tb730.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50888
x-xss-protection: 0
expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H3 200 emag%2Bunire.jpg
3.bp.blogspot.com/-EvHeVMJ-0W4/W_5HzYiiqdI/AAAAAAAA6G0/vRRwHkKmKHwLZbqVxx92sUl2J9vC3kqqACLcBGAs/s640/ 64 KB
64 KB 227ms
226ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-EvHeVMJ-0W4/W_5HzYiiqdI/AAAAAAAA6G0/vRRwHkKmKHwLZbqVxx92sUl2J9vC3kqqACLcBGAs/s640/emag%2Bunire.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

afff62d2697f5bc068ac1505a965a9624972ea8853a90a31ffcb67edee322b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
server: fife
etag: "ve86e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="emag unire.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65510
x-xss-protection: 0
expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H3 200 digi%2B4k.jpg
1.bp.blogspot.com/-p_wovgym6VE/W_gl0sU5MLI/AAAAAAAA6F8/0CQ7ZOOy9u4K-h1PHVW5QBCxWDXGGd6DgCLcBGAs/s640/ 30 KB
30 KB 300ms
300ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-p_wovgym6VE/W_gl0sU5MLI/AAAAAAAA6F8/0CQ7ZOOy9u4K-h1PHVW5QBCxWDXGGd6DgCLcBGAs/s640/digi%2B4k.jpg

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a02d59ced277fe2d6f44b6fa99cc917883916e534555e33a84d3af10e7c7ba5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
x-content-type-options: nosniff
server: fife
etag: "ve860"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="digi 4k.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
expires: Tue, 06 Dec 2022 08:19:08 GMT

GET
H2 200 default Show response
itconnect.robloguri.info/feeds/posts/ 12 KB
3 KB 272ms
272ms XHR
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://itconnect.robloguri.info/feeds/posts/default?alt=json-in-script&start-index=4&max-results=1&callback=jQuery111008143818986997731_1670228347628&_=1670228347632

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

c638122e4d81fce1abe0948d91847a55936cc9fef3b8307eb63e6c29cfc16c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://itconnect.robloguri.info/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Nov 2022 03:14:51 GMT
server: blogger-renderd
etag: W/"b6a6a4eaec77954cd1f8b486972f0ee13c81d1c54dee735ce07616bea16779b2"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 2913
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6B36 21 KB
6 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 80MRM9SBYF943QY2
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: IYtTVD9w1h5zbbn8Xa0sJZtgMoEsL+KAO+uwSQQzIDSMcQRlRWrBuHtEzf/bN/7AP4XdZNz/y6k=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1670228349.590826,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6619

POST
H/1.1 200
OK bab8192a8d Show response
bam.nr-data.net/events/1/ Frame 6BE9 24 B
406 B 138ms
138ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/bab8192a8d?a=1674781816&v=1220.PROD&to=b1FSYRNZCktYAkAPClYbc0ASTAtVFhNbSSRcZ1VHF10WF3AHRgcIXXVTQQhXCg%3D%3D&rst=792&ck=0&s=717a7eb63ef64a22&ref=https://app.profitshare.ro/i/6lf3/
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.profitshare.ro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://app.profitshare.ro
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 774b5aeadc2d9b98-FRA
Content-Length: 24

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6B36 8 KB
4 KB 7ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 8XCR1WDJYSXHS3MA
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: Cogx/C187avp32obJ3ChZlfWWh4qltYUF4NF3dO0tAfQvid1DA0pHcP6zz+hxKeFbFwjOeK85u0=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228349.619455,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9374

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6B36 3 KB
2 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 4A14V1SFCDCN2Z5H
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: 6pMeSOCZgQ90wQuCt3ZNnmpbNddLSfLfuBu3VmwkPdHHPtjjvRuVv0xyZKkG5tGnd9hF1WjofkU=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228349.619626,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2468

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6B36 5 KB
2 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: AYJXXD7KXYRGNAVT
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: ahIEbi0XH6HCbCITRyboc1UHnx0nbhD+IXlwgUt1W77gaebga6F+8+Y+Vd2xHlJEsyImyjOvVCY=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228349.619855,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1572

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6B36 1 KB
837 B 7ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: A1P4RQGCEEZH3JZH
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: 0iOmcF5Yc4P55/EwlWBrb4yQ3pQhLftlXmttWYvtaiYCF0JmDE3SWomS/HALXnOoPQTxXpF01kU=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228349.621225,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 444

GET
H2 200 39.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6B36 7 KB
3 KB 8ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/39.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 3AJR82QVT179EZF4
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2755
x-amz-id-2: mMSDSKgpklc7O5FSbs7NWGNwxF/xWAkOhP7MYnNKIZ0b9pZpGXnfHw6/sBrLXqJBiyrdF3/Lzic=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228349.621417,VS0,VE0
etag: "0448380a8f2cd0426bbdf04dd45b5408"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5671

GET
H2 200 0.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6B36 5 KB
3 KB 7ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/0.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 8P4GWFEC419Q5C80
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2349
x-amz-id-2: jYfSO636RIcvs0CDr/6q2OwAlKppwsLE5O8MGF0TemLm1XCaDWcwM3tXP+s6U2OoCNggJvwKDZ0=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228349.621393,VS0,VE0
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1944

GET
H2 200 571.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6B36 2 KB
1 KB 8ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/571.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: DW7TNX419ZY5YVGF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1108
x-amz-id-2: 6pKIoLEkT7CepADPro0CTsmOqDLmzIJnC2pBVbsMhlRvDEsSp4j2N95Cfi94eJQ27A91LAnA1Jh75p+/3dNdvQ==
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228349.621911,VS0,VE0
etag: "04b00905b32fd8d29459545bc125cff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4808

GET
H2 200 820.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6B36 7 KB
3 KB 9ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/820.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: 1WKBJBWQJPX86ST5
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2979
x-amz-id-2: C4+EA5F5pvsZGbQFvbwQTl+lgOqWwLAcoYx40+CBX6zFIC04JfbOVNhNH6Md0IuGWxQolHiBwD8=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670228349.622019,VS0,VE0
etag: "897a1a72a47e4f4a24c05aec49af638f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4445

GET
H2 200 790.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 6B36 17 KB
6 KB 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/790.2d6a2503-1220.js
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Dec 2022 08:19:08 GMT
x-amz-request-id: B5TQ0XJGGQHSSHGF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6064
x-amz-id-2: H3tvjkk21FaG4Pq/xSkQjkp7COWcWnbLZIB0/O6NxyrbjoDPqVhmX+NACBrt7GwCPb6zKD5hW0o=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1670228349.621999,VS0,VE0
etag: "af8c077a247e90dff929d7af81c94f57"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2528

GET
H/1.1 200
OK bab8192a8d Show response
bam.nr-data.net/1/ Frame 6B36 49 B
537 B 196ms
195ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/bab8192a8d?a=1674781816&v=1220.PROD&to=b1FSYRNZCktYAkAPClYbc0ASTAtVFhNbSSRcZ1VHF10WF3AHRgcIXXVTQQhXCg%3D%3D&rst=292&ck=0&s=717a7eb63ef64a22&ref=https://app.profitshare.ro/i/Nlf3/&ap=88&be=150&fe=93&dc=9&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670228348342,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:137,%22rpe%22:138,%22dl%22:139,%22di%22:159,%22ds%22:159,%22de%22:159,%22dc%22:243,%22l%22:243,%22le%22:245%7D,%22navigation%22:%7B%7D%7D&fp=218&fcp=218&at=QxZFF1tDGRQbABZcHkVJ&jsonp=NREUM.setToken
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.profitshare.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 774b5aeafbdd9253-FRA

POST
H/1.1 200
OK bab8192a8d Show response
bam.nr-data.net/events/1/ Frame F715 24 B
406 B 164ms
148ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/bab8192a8d?a=1674781816&v=1220.PROD&to=b1FSYRNZCktYAkAPClYbc0ASTAtVFhNbSSRcZ1VHF10WF3AHRgcIXXVTQQhXCg%3D%3D&rst=726&ck=0&s=717a7eb63ef64a22&ref=https://app.profitshare.ro/i/6lf3/
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/6lf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.profitshare.ro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 05 Dec 2022 08:19:08 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://app.profitshare.ro
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 774b5aeb1c2f6943-FRA
Content-Length: 24

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 39BC 54 KB
21 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1083167194184464723&blogName=IT+Connect+-+%C8%98tiri+IT,+review-uri+si+...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://itconnect.robloguri.info/search&blogLocale=ro&v=2&homepageUrl=https://itconnect.robloguri.info/&vt=6425494895395522931&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.K9Su0nk3cW8.O%2Fd%3D1%2Frs%3DAHpOoo8btnHqwUVabznuJubPHkJyYc6kxA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abd602f7acaa16e99e01d1f7808927edb569bf8c1160df73294929d24f731bf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 08:19:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20992
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "2dbf43aa9296023a"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Dec 2022 08:19:08 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/ Frame 39BC 126 KB
41 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b4945d5878d96ac9aafa201cb81d10ded594560edbae8300e7510aff5f53b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 23:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42357
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 23:41:48 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 150 KB
51 KB 115ms
115ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/reactive_library_fy2021.js?bust=31071035

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4076a1c72221d2c964f44e99d02d898cab4cd772612c5459c0ce691e11ff7c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52285
x-xss-protection: 0
server: cafe
etag: 2421571119003972209
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 08:19:08 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 125ms
48ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=itconnect.robloguri.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 118ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itconnect.robloguri.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9773 128 KB
42 KB 548ms
547ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=795555019&adf=855797969&pi=t.aa~a.2272617183~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=339x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=4&bdt=1442&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0&nras=2&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sMV2K8c98E&p=https%3A//itconnect.robloguri.info&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e203ef906178e390ce005f0a66c6c2c1b003cc598a0a6d61dfb1b1c7b5455bad

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKXYu7uF4vsCFVIHigMdsQQFNw&gqi=fKmNY8elNrfknsEP9KOT6A0&layout=/sadbundle/%24csp%253Der3%24/11123416789342940725/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 42493
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKXYu7uF4vsCFVIHigMdsQQFNw&gqi=fKmNY8elNrfknsEP9KOT6A0&layout=/sadbundle/%24csp%253Der3%24/11123416789342940725/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:09 GMT
expires: Mon, 05 Dec 2022 08:19:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0968 94 KB
32 KB 674ms
674ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a43aa5828fea3b82ffbf3c5ab8dee6350263da10947d509c1eb6238225c1b18c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32916
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:09 GMT
expires: Mon, 05 Dec 2022 08:19:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1BC2 23 KB
10 KB 631ms
631ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=1862488135&adf=4198736532&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280&nras=4&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=z8uJhLhTMW&p=https%3A//itconnect.robloguri.info&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f97bc9e6b2ca55dc4910d2d0f527cd5da8e467dfb37a36d8cf4b34970b92d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9979
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:09 GMT
expires: Mon, 05 Dec 2022 08:19:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 05CD 109 KB
40 KB 465ms
464ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=3194074656&pi=t.aa~a.1067075414~rp.4&w=780&lmt=1669691691&nsk=8b3bdd27&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280&nras=5&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=0St9Y7Revx&p=https%3A//itconnect.robloguri.info&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03950d8d9efc9707ef7d1ad5df9f6fa65a02c6325900f5ccae149f9409953116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 41404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:09 GMT
expires: Mon, 05 Dec 2022 08:19:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B056 107 KB
40 KB 520ms
520ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2329423d80ea363e038be86cd988f5c26dbb82921134499f59be1f7eeb5fa032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 41214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:09 GMT
expires: Mon, 05 Dec 2022 08:19:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK bab8192a8d Show response
bam.nr-data.net/events/1/ Frame 6B36 24 B
406 B 134ms
134ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/bab8192a8d?a=1674781816&v=1220.PROD&to=b1FSYRNZCktYAkAPClYbc0ASTAtVFhNbSSRcZ1VHF10WF3AHRgcIXXVTQQhXCg%3D%3D&rst=606&ck=0&s=717a7eb63ef64a22&ref=https://app.profitshare.ro/i/Nlf3/
Requested by: Host: app.profitshare.ro
URL: https://app.profitshare.ro/i/Nlf3/?u_h=1200&u_w=1600&pn=&ref=&url=https%3A%2F%2Fitconnect.robloguri.info%2F&a=0&t=0&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.profitshare.ro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 05 Dec 2022 08:19:09 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://app.profitshare.ro
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 774b5aecff2d9253-FRA
Content-Length: 24

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 65A9 10 KB
4 KB 35ms
35ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 07:46:44 GMT
etag: 10353107486223812946
expires: Mon, 19 Dec 2022 07:46:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame B949 10 KB
4 KB 35ms
35ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 07:46:44 GMT
etag: 10353107486223812946
expires: Mon, 19 Dec 2022 07:46:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 65A9 7 KB
3 KB 159ms
75ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 11:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 11:10:22 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 65A9 4 KB
636 B 127ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 06:23:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 65A9 205 B
743 B 132ms
38ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 22:33:11 GMT
x-content-type-options: nosniff
age: 35158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Dec 2023 22:33:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 65A9 604 B
693 B 133ms
38ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:18:32 GMT
x-content-type-options: nosniff
age: 37
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 05 Dec 2023 08:18:32 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 65A9 19 KB
8 KB 125ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 16:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 16:37:05 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/ Frame DA3A 15 KB
5 KB 98ms
51ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a36e7aa55ea2a2b6276f74bf85b450c46f076c04202d5dfecd601fd76113f56d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 201487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3774
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 00:21:02 GMT
expires: Sun, 03 Dec 2023 00:21:02 GMT
last-modified: Mon, 27 Sep 2021 11:18:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B949 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPKzVfKmNY66LD5ng1gbRj46ICtDP9PNo8LH9qOYOiqG5j8UkEAEgv8b_B2CV4pCCoAegAe-NhbgByAEJqQLeZsGtkwODPqgDAcgDSKoEpgJP0GjCE3GZyGxxt_0QlJnWmmq-GAVJPsugKcUBhglUsIR4zFRbZgyvIUOQS3SbyqG7LgRjvfyYimo8dYmFIxKCHjRAemJn1qBYUJDOjdrz_mbXW9W1Wq2Rf-hiixFItaDuf7BhnghZs5z8TIJP0idyEDY9z-JDWvHNWBcffR9FY15lA53lJeiqyBjrUhp5KM6GOkgwqua9Ydo6_Mff-dBn1R0jO0ayyjhyWADu81lvnx_8N0DLn46OCese5piWwCP9q-IBDkIVgPzqezP7Rnbf4S0aPujGKo8Nb_UncrGI1rW6Jpt89KOXQvCCxb_eGMx0MeCicosmxuH3v_J-IV8Qf4XmRqhhDtIdNvqnp96Vss86ySYi-fMgsDQJCwykd_gPAqR8RVTABMeK6-vEA5IFBAgEGAGSBQQIBRgEoAYugAf58frHAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEI2CB9IIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTMwMDA2OTQ0MTczNTUzODIYAA&sigh=07w6eZSMCkA&uach_m=[UACH]&cid=CAQSGwDq26N9xjnQg5ZDNkhOgjfAuxL-8dffXjKSbhgBIBM&template_id=419

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 08:19:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame B949 23 KB
10 KB 82ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B949 0
20 B 148ms
145ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rsra&context=grsl&params=1-%26adk%3D1812271801%26client%3Dca-pub-3000694417355382%26fa%3D1%26ifi%3D8%26uci%3Da!8%26btvi%3D6%26xpc%3DcMcU4jedtl%26p%3Dhttps%3A%2F%2Fitconnect.robloguri.info

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 08:19:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0164 143 B
166 B 36ms
35ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3026
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 07:28:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B949 3 KB
1 KB 110ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 06:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 06:46:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B949 18 KB
7 KB 110ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:10:49 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DA3A 6 KB
3 KB 88ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 13:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Dec 2022 13:44:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DA3A 34 KB
13 KB 90ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:40:58 GMT

GET
H3 200 eb744b3419cc476ea9b42d8622b32fe9.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/ Frame DA3A 77 KB
19 KB 102ms
55ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/eb744b3419cc476ea9b42d8622b32fe9.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60d7a14752f4c4926b4ffb3d968e050a8ef77534da88ffe139d90f3b28583baf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 23:20:28 GMT
age: 377921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19914
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Nov 2023 23:20:28 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9C11 7 KB
3 KB 108ms
76ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 11:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 11:10:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9C11 8 KB
895 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 06:20:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C11 155 KB
48 KB 147ms
60ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 9C11 34 KB
14 KB 115ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 01:40:14 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0164
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

59ms
51ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:09 GMT
expires: Mon, 05 Dec 2022 08:19:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B949 155 KB
47 KB 122ms
114ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
DATA 200
OK truncated
/ Frame B949 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fee0c4ba2350f1337ff7439949ce57fd2c7debc2252035705412f8cbef8a22e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 subresource.wbn
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 9C11 0
51 KB 159ms
86ms Other
application/webbundle 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/subresource.wbn

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51809
x-xss-protection: 0
server: cafe
etag: 1964552289100254462
vary: Accept-Encoding
content-type: application/webbundle
access-control-allow-origin: *
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H/1.1 200
OK load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9C11 2 KB
2 KB 156ms
156ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 9C11 23 KB
23 KB 190ms
190ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

5f3d2f87d82b88f6b82b1c78637b76622c12b2e859193e41d1e81384e506bcd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 css
fonts.googleapis.com/ Frame DA3A 2 KB
486 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/eb744b3419cc476ea9b42d8622b32fe9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a478264e4b0c4beefb01df67403b47bd2459ebef279936a5b126bb90d175cd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 07:27:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 379279448bbf543bf8c2fa86903fc46c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/ Frame DA3A 2 KB
2 KB 37ms
36ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/379279448bbf543bf8c2fa86903fc46c.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a887bd6a183741869dc302c6e1d566de475fb84f3922ddb11c98907b2e9aab5b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 03 Dec 2022 14:00:38 GMT
x-content-type-options: nosniff
age: 152311
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2504
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 14:00:38 GMT

GET
H3 200 58d2f59d68376a687d7855a81096d208.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/ Frame DA3A 3 KB
3 KB 38ms
37ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/58d2f59d68376a687d7855a81096d208.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d00f3270cb5aed8b837e97a0bb184eeb9b8d3e65a34b253175997812ccf920

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 03 Dec 2022 00:00:12 GMT
x-content-type-options: nosniff
age: 202737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2856
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 00:00:12 GMT

GET
H3 200 e1c46deefe10079210da2397809a8aeb.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/ Frame DA3A 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/media/e1c46deefe10079210da2397809a8aeb.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f86337f9fd7492cb54286f53a35d91d0f8642f81d205ae70afad69241f607802

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 30 Nov 2022 23:20:28 GMT
x-content-type-options: nosniff
age: 377921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2489
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 11:18:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Nov 2023 23:20:28 GMT

GET
H3 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame DA3A 29 KB
29 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:44:23 GMT
x-content-type-options: nosniff
age: 239686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 13:44:23 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame DA3A 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 20:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 20:58:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 05CD 8 KB
716 B 50ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=3194074656&pi=t.aa~a.1067075414~rp.4&w=780&lmt=1669691691&nsk=8b3bdd27&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280&nras=5&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=0St9Y7Revx&p=https%3A//itconnect.robloguri.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 07:40:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 05CD 8 KB
716 B 51ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 08:02:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 05CD 35 KB
14 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:43:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 05CD 155 KB
47 KB 140ms
62ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 05CD 23 KB
9 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 05CD 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 06:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 06:46:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 05CD 18 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:10:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 05CD 0
0 44ms
44ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTa5gk_rV3YQyOQWS_njIO7N0Ki3XO_vbiMGzGY4-3bjBxem7Jku7Jjn9G_fG-WJyT91rrk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=3194074656&pi=t.aa~a.1067075414~rp.4&w=780&lmt=1669691691&nsk=8b3bdd27&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280&nras=5&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=0St9Y7Revx&p=https%3A//itconnect.robloguri.info&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame B056 8 KB
716 B 52ms
52ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 08:05:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B056 8 KB
716 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 07:02:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B056 35 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:43:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B056 155 KB
47 KB 154ms
90ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame B056 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B056 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 06:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 06:46:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B056 18 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:10:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B056 0
0 43ms
43ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTf8MLOgxZk6_58CH5mBATh0orCdwszJwQs3h3fWHO61cpyrvkM2nI6EAiWZD7Chz-pAw-9
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1BC2 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=1862488135&adf=4198736532&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280&nras=4&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=z8uJhLhTMW&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 06:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 06:46:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1BC2 18 KB
7 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:10:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BC2 155 KB
47 KB 130ms
75ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0968 8 KB
895 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 08:18:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0968 2 KB
771 B 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77863
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:41:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 0968 23 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0968 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 06:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 06:46:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0968 18 KB
7 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:10:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0968 0
0 110ms
43ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxiVN7LVCzArYefG3FulmBOsOJaFDcsi-Fzw70XieH35ZxlcDTufJKD6Xy5fsSd0KavcPx
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0968 155 KB
47 KB 61ms
51ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 0968 34 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 01:40:14 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/ Frame 3A3C 39 KB
15 KB 36ms
36ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41d47fa57f391fea2010da98a589ceeb9a2c5d15210f30573dd3479d9f64c6b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 532924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 14847
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 04:17:05 GMT
expires: Wed, 29 Nov 2023 04:17:05 GMT
last-modified: Mon, 21 Nov 2022 10:00:05 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 68DB 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CR42rfKmNY6WqOtKOqMwPsYmUuAO05_3Mbf7zsKP1EIfLvfzHARABIL_G_wdgleKQgqAHoAGc96HZAsgBCakCRL-0GpessT6oAwHIA0iqBJgCT9A2k3EJlKXv3XpJBlAbCHKaBxVk54LKEwKdEDCQEyOPpI83KyZLswtcMYoMGlNX1A3UzJUl5KXFbTl-qABH9HebfuSG6kk7erUBZWJsmrwxRHo92QLwB-jtmFnZfEN3bWrxvTWLZInb0_-k8NyZCiCSNoEGFfsMzYmEVm2ldWM3rhTGs77sNtACznOZHsVWGdxt4SEaXyO-0b9B91RFXhbX1GrwMI_oSSgYuUcC7opRhOhavC4GqZNrcKTlOkuDv4T8lTyYjaukszli6PsUysRqQ_bwUV40IfixM9GHO-O2PeeBKFeK-R2ZAWRYrTXJiwrNLf-RGUtePthTikYwneJpxbhoSg8pwDo2_nUGioVXwnLviiODEcAEnaH00pEEkgUECAQYAZIFBAgFGASgBi6AB4jM3qYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0rkF0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMzAwMDY5NDQxNzM1NTM4MhgA&sigh=xYD1GWYQfAM&uach_m=[UACH]&cid=CAQSOwDq26N9PXAwWT8p6o4hb7rWuJIQ4438F_jG5DdZ7cxDcsV_l3sp90MTIwOdQeQEFKywIb7pr2_4Xz0PGAEgEw&template_id=419

Requested by

Host: itconnect.robloguri.info
URL: https://itconnect.robloguri.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=795555019&adf=855797969&pi=t.aa~a.2272617183~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=339x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=4&bdt=1442&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0&nras=2&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sMV2K8c98E&p=https%3A//itconnect.robloguri.info&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 08:19:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 68DB 23 KB
9 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=795555019&adf=855797969&pi=t.aa~a.2272617183~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=339x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=4&bdt=1442&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0&nras=2&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sMV2K8c98E&p=https%3A//itconnect.robloguri.info&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:38:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 68DB 3 KB
1 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=795555019&adf=855797969&pi=t.aa~a.2272617183~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=339x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=4&bdt=1442&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0&nras=2&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sMV2K8c98E&p=https%3A//itconnect.robloguri.info&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 06:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 06:46:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 68DB 18 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=795555019&adf=855797969&pi=t.aa~a.2272617183~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=339x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=4&bdt=1442&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0&nras=2&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sMV2K8c98E&p=https%3A//itconnect.robloguri.info&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 10:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 10:10:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 68DB 0
0 119ms
44ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTM-X7cZ_jVbfD0M632pkRYaZ0uTFOgEQEFvVCSA7UyeSntHoK1rOKSnRBeV3NNEgUQxfu6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=795555019&adf=855797969&pi=t.aa~a.2272617183~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=339x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=4&bdt=1442&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0&nras=2&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sMV2K8c98E&p=https%3A//itconnect.robloguri.info&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 68DB 155 KB
47 KB 165ms
147ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=795555019&adf=855797969&pi=t.aa~a.2272617183~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=339x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=4&bdt=1442&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0&nras=2&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sMV2K8c98E&p=https%3A//itconnect.robloguri.info&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1BC2 0
0 76ms
75ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDLUbfKmNY7boOq_bo9kP0Oeg4ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMDAwNjk0NDE3MzU1MzgyyAEJqQJEv7Qal6yxPqgDAaoEhgJP0DORuFQwBB62eGo76BXpr88-R-2D1Zq2H-mT8_CXeiI7Ck0F1Ugw2EvvvFU2dX8J7q5KkMVq1KOy30OIYR_mrmZz3Tg8tGXFRSf1EHtZO-QiyP64O3_UGP74r7Eyyo0W38ur9Iold-r3v0FKsiIgOGC7mtz5TsEhgQE0o8jEptqcYncePoIaI4f0ChmmD1AfnGrZDCB8Bee--7UYW2hAlWH9F7AtW-AceIsrP4qo92ed9-FbKvbWAfey4yb3B0BHvIpQiOkOLxFpVtrcgn7uFOiAdgfd15Pu_38jjKlkDZ6YCxDoz48_fqvePbEtWq_maWDy3Outl-608FAeSh4sCNwCmk0VgAbP75Oew4mDnYsBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMDAwNjk0NDE3MzU1MzgyGAA&sigh=D3MXms-bbuI&uach_m=[UACH]&cid=CAQSOwDq26N9Mdp8HtgZkihqgZHzYw4_Jgjs-voYw-phXTLBBwxGIMIPJInfyrWZIStkmXDQ_neHtxZ65vd7GAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=1862488135&adf=4198736532&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280&nras=4&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=z8uJhLhTMW&p=https%3A//itconnect.robloguri.info&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 08:19:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 1BC2 0
0 71ms
17ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kMWCFMz6RLAJmAKdg2ICAgAAANYH940xrahkEH2pjWN3_xczI5-BDkERDQASAAA&wp=Y42pfAAOtDYFKO2vAAgz0O_FHRXWdMEEC8wI_Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 277633
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9EFF 130 KB
45 KB 129ms
76ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y42pfAAOtDYFKO2vAAgz0O_FHRXWdMEEC8wI_Q&u=%7CPqD4%2FXRn70Ks%2BWUzu8iybb%2FM2aiSP4VqSYfPrFLa2rY%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDMdIG1lGTt_q8fl6PJRS9SEtFZIc2DuanS19ETkL5lbUF3IThsFavKa6qyFWW7Hcyi515WWCU6B9OaGdlQhWPSc7cqcbWq1DFxRs3Uv_2JCDOVhGRhle8ydXp5YVUyqldNojsXNR6G3fVWDPcWTv8RBgxWTAQg--fZrollUsTIQBoX4lytCy0VpCwLLM42BRbqaZ5CwYdGCv4Pporon1ptll5h0zCdJScRa3c0sco4d3z90apKSTxE1I1MEsQr4SDGDs7dM6WSuhBOFfSdBykVqrvItQ-rJXh5BD7t7fXlpTA76bSM4RWlg-rEmCfw7phnhYtNvstMPmGJOaCKoAQvPiXkXU_ppDRXHVu3Sg8hvEzQskDFGKeOvmniiQiUGZbgXyUSaoMR1yoBkYOCgNMeGXNTkglmYc-9QGMjwTBc0e2ocMvBwJhzqUiCWVVDghcN3kbppO2NITNCgCLrgMkMpHP-7kIWOJk_f3xLDw6mcOB3lr_PkZX1SQXZCP7REpN7Nl96-U64AowN7HStH1GTJFAZqeouoQm8tXQRGJZdyeLf8BKxxdKGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoO36fKmNY7boOq_bo9kP0Oeg4ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMDAwNjk0NDE3MzU1MzgyyAEJqQJEv7Qal6yxPqgDAaoEiQJP0DORuFQwBB62eGo76BXpr88-R-2D1Zq2H-mT8_CXeiI7Ck0F1Ugw2EvvvFU2dX8J7q5KkMVq1KOy30OIYR_mrmZz3Tg8tGXFRSf1EHtZO-QiyP64O3_UGP74r7Eyyo0W38ur9Iold-r3v0FKsiIgOGC7mtz5TsEhgQE0o8jEptqcYncePoIaI4f0ChmmD1AfnGrZDCB8Bee--7UYW2hAlWH9F7AtW-AceIsrP4qo92ed9-FbKvbWAfey4yb3B0BHvIpQiOkOLxFpVtrcgn7uFOiAdgfd15Pu_38jjKlkDdyaKoJvQBMswTfKnmEQ_FfvfWpE1sW1FVp8zfbs9QAAEFmoHl6qMjjigAbP75Oew4mDnYsBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24eKG4PGO77CwuRHrv78_QhVqR4g%26client%3Dca-pub-3000694417355382%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

63153445da88f9acf6d559578d6b1add6544d77c2930d44714738465c8de93e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:09 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WU_TkV93aFHgL0pdFiPexVr2dV_nNdd2QYyIe1LSsbypWtKp38vFD1QO4iWFdeDEyRZpQzzgv6RG2uXFxrjA2xh_5JSaiZvCqK_pqXosj7PD5byBwqGMX8XMbtOITlf17h8o_hm7qy8ODBCfgzA7lLdS5Sz_936BFLW9zTxJhRSv0-4Kdo0V6qQBzf2ciT9wAMXSVPcP3iUqv0bLoTQH2PnPCq9gye97fmqLLtT4N0heVjY9bfkzNXS-qJlcL4X6adK4NQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 61046096
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0968 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjliVfKmNY-bPOvikqMwPu4qKsAPizuqubfnws_zZEPK44ICiIxABIL_G_wdgleKQgqAHoAG_oLDfA8gBCakCAlmfQJsAej6oAwHIA8sEqgSVAk_QzGfw5mjJTNVAxbJOSCpFfnv3EIFcWAnbP9orHmd-8b6qltnHh0NKaCYVvy9UJ6JKeUwHr986ga2AO7z_ImpNCUABP3ZDmM2YVgzbAUA87iPR-HKlvftsBB0HIvTfUiizzo6llDdZTRp7DJbXuMwf4NIzYMnZgaxoqesCFQW916_OSzfU3iNaQFW8uw2dP7UrhjrektTVJ9DOJ0G2SDoVw9YmSWRzNY4K2wk0OjgyYqD26bpUg4EV0X1ClwWBvdxvT9zRLkSf8399jpQn6rhLWtAVGGExP2kPDCBnDc2v1ANLOPOT-mGoGWzEKZJow7aDODrogxLzkNJSf3pVbFanfd9A5SAeRFpm48kWQk3u4SyqQpXABIHct-BckgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6nfzyCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD36AHSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMDAwNjk0NDE3MzU1MzgyGAA&sigh=WvZ-XlJaqH4&uach_m=[UACH]&cid=CAQSOwDq26N9zDDdgdi0xDQmmbLpNF4AU55_r2V5AcHtp3549EO1RBRf7mh_Z692o7Lx_chh6AWO5w2BJH-sGAEgEw&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 08:19:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/453827456725093669/ Frame 0968 25 KB
25 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/453827456725093669/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10923371ce9ffdb52893f827c1eb145f6e11d4549ad8e14a285ca4cdff225690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 03:18:13 GMT
x-content-type-options: nosniff
age: 190856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25103
x-xss-protection: 0
last-modified: Tue, 10 Sep 2019 16:19:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 03:18:13 GMT

GET
DATA 200
OK truncated
/ Frame 0968 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0968 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3A3C 6 KB
3 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 13:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Dec 2022 13:44:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3A3C 34 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Dec 2022 09:40:58 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3A3C 57 KB
23 KB 140ms
53ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Dec 2022 08:19:09 GMT

GET
H/1.1 200
OK window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9C11 3 KB
3 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9C11 18 KB
18 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

976a048d9f6abc83b31613df6f904082891e354bcd0c39cec631329b55085889

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11345357986307711055/ Frame 05CD 13 KB
13 KB 88ms
88ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11345357986307711055/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIoQIQlwEYASABLQAAAD8wogI4lwFFAACAPw&rs=AOga4qnWbFUirgb54R9dFa37m40MuAfyuw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f921506dfd5ca1ba8a42f6c9b9ed616d8ea47b723a443cc41e8f37a62c64a6bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Sat, 29 Jan 2022 15:25:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Dec 2023 08:19:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 05CD 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUO6afKmNY9qqPPOIqMwP2v2uuAWBs5C2bbbzq6rEELCQHxABIL_G_wdgleKQgqAHoAGAu-uhA8gBBqkC3mbBrZMDgz6oAwHIA8sEqgSMAk_QUIw-btM3MatEXtcL_HRjoRONu2_jAK2EWGMewAkA18M25e9SLugJRNLaASXBrktFKWbaeY490qygOfoPYCJL13hRzMJI5eYgKZstFtj-Q9e5j5tuXVoNBOIJzVnygvUchjRUrt8kWjY9Rc6jiZvv8skk0W44fzPj8IEfHDfp8HXP9eFX_RDc5fiiWh9SfxoyzKcgHupzRNQHSgG0b2o5QSGgUMBrR0fMq3cOe2mEIUr2LcTv2d7p_yky3jtcJ8iPpoF8SPi15DydY2TrEYET6xAfCZBQFUA_ksY9oPOZnprzoedicd1pMFmVVtQy9Sla3ARa8h4wpx7cxeAYKssw5L3C6Q2I0MEaCgLABKyi-bGYBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfoxJReqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQlasI0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMzAwMDY5NDQxNzM1NTM4MhgA&sigh=wlOvSrAvLdc&uach_m=[UACH]&cid=CAQSOwDq26N9YbPynhFJtnUJeiLp2kNcYZyxz3wEthnRQyx8tvex3AWHbnFseFFrrS0bzw8gWTLKyDEcMIufGAEgEw&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=3194074656&pi=t.aa~a.1067075414~rp.4&w=780&lmt=1669691691&nsk=8b3bdd27&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280&nras=5&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=0St9Y7Revx&p=https%3A//itconnect.robloguri.info&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 08:19:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10351904701499586935/ Frame B056 26 KB
26 KB 97ms
97ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10351904701499586935/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIoQIQlwEYASABLQAAAD8wogI4lwFFAACAPw&rs=AOga4qnOLS7jTzwvu0Z7OttxVhupa4wySA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

882fb659109fcbe5a1984f78dba066f3802114200e70a250d548e77cc66fb681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26122
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 12:35:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Dec 2023 08:19:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B056 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdVfwfKmNY_fDPPDeo9kP-Z-S6ArxvM_iaP_AnL-rELz389zzDhABIL_G_wdgleKQgqAHoAHrhvDMA8gBBqkCRL-0GpessT6oAwHIA8sEqgTnAU_QA8b9yLrzZj8p0iM_KaDh9WRsigdqQ6J0Oqz9QpumEJ4TBfFK6ohIi6hTPaokat4Nxs0NYbUptAsWuuh11q4hEGxokZUQCBdTHQAW7F1jgJnUfqiIazfF3RPW3w20RUKe7IZRKa8YPVn2XEaRFqSnfIBbXMBQrhiLwAl2lpG6p_cDml1AlGBze8p9Dqh1dgwJ_R-hNdp2Oleb_8s9PgDl8vVu1OsmO02gfUAiALis-FES1i9TY6JjB0eOeNIB9S9DWkgIng4Bf0zcTjMcYqPtPnERqw3GSyEeKfRWzVvp1c2amNxwXsAEsIOZwqoBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB8XawjOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDp3g_SCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zMDAwNjk0NDE3MzU1MzgyGAA&sigh=1gtsUnftdUU&uach_m=[UACH]&cid=CAQSOwDq26N9ykcyI5aHtYg9ERkZCLoSZz1KBOPGYvnxB_SjernIPlVyYC2X3LZepS_hBi-nBQNMb6iwa2KLGAEgEw&template_id=492

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 08:19:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0968 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f83982673ad5b566a748f368c582d63eeb8dadb81e1a298cd1801edebf5bbc8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 05CD 16 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 332369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:59:40 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 05CD 15 KB
15 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 304614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 19:42:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 05CD 15 KB
16 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 574457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 05CD 12 KB
12 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 22:04:53 GMT
x-content-type-options: nosniff
age: 296056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 22:04:53 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B056 16 KB
16 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 332369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:59:40 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B056 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 304614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 19:42:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B056 15 KB
16 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 574457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B056 12 KB
12 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 22:04:53 GMT
x-content-type-options: nosniff
age: 296056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 22:04:53 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C6B 143 B
166 B 37ms
35ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=795555019&adf=855797969&pi=t.aa~a.2272617183~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=339x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=4&bdt=1442&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0&nras=2&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sMV2K8c98E&p=https%3A//itconnect.robloguri.info&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=795555019&adf=855797969&pi=t.aa~a.2272617183~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=339x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=4&bdt=1442&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0&nras=2&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sMV2K8c98E&p=https%3A//itconnect.robloguri.info&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3026
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 07:28:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 68DB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7c76f88d2ff5d37d5eec75a3c722da502ba82ed4b2bcaae479f8a2c042684eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1BC2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42379a55b38be7c5d4418bf482f0e7b72ddf8d9c40db0949171d666d21f70925

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9EFF 2 KB
1 KB 65ms
27ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y42pfAAOtDYFKO2vAAgz0O_FHRXWdMEEC8wI_Q&u=%7CPqD4%2FXRn70Ks%2BWUzu8iybb%2FM2aiSP4VqSYfPrFLa2rY%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDMdIG1lGTt_q8fl6PJRS9SEtFZIc2DuanS19ETkL5lbUF3IThsFavKa6qyFWW7Hcyi515WWCU6B9OaGdlQhWPSc7cqcbWq1DFxRs3Uv_2JCDOVhGRhle8ydXp5YVUyqldNojsXNR6G3fVWDPcWTv8RBgxWTAQg--fZrollUsTIQBoX4lytCy0VpCwLLM42BRbqaZ5CwYdGCv4Pporon1ptll5h0zCdJScRa3c0sco4d3z90apKSTxE1I1MEsQr4SDGDs7dM6WSuhBOFfSdBykVqrvItQ-rJXh5BD7t7fXlpTA76bSM4RWlg-rEmCfw7phnhYtNvstMPmGJOaCKoAQvPiXkXU_ppDRXHVu3Sg8hvEzQskDFGKeOvmniiQiUGZbgXyUSaoMR1yoBkYOCgNMeGXNTkglmYc-9QGMjwTBc0e2ocMvBwJhzqUiCWVVDghcN3kbppO2NITNCgCLrgMkMpHP-7kIWOJk_f3xLDw6mcOB3lr_PkZX1SQXZCP7REpN7Nl96-U64AowN7HStH1GTJFAZqeouoQm8tXQRGJZdyeLf8BKxxdKGw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoO36fKmNY7boOq_bo9kP0Oeg4ArJntKxXPXqoYaIAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMDAwNjk0NDE3MzU1MzgyyAEJqQJEv7Qal6yxPqgDAaoEiQJP0DORuFQwBB62eGo76BXpr88-R-2D1Zq2H-mT8_CXeiI7Ck0F1Ugw2EvvvFU2dX8J7q5KkMVq1KOy30OIYR_mrmZz3Tg8tGXFRSf1EHtZO-QiyP64O3_UGP74r7Eyyo0W38ur9Iold-r3v0FKsiIgOGC7mtz5TsEhgQE0o8jEptqcYncePoIaI4f0ChmmD1AfnGrZDCB8Bee--7UYW2hAlWH9F7AtW-AceIsrP4qo92ed9-FbKvbWAfey4yb3B0BHvIpQiOkOLxFpVtrcgn7uFOiAdgfd15Pu_38jjKlkDdyaKoJvQBMswTfKnmEQ_FfvfWpE1sW1FVp8zfbs9QAAEFmoHl6qMjjigAbP75Oew4mDnYsBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24eKG4PGO77CwuRHrv78_QhVqR4g%26client%3Dca-pub-3000694417355382%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Nov 2023 08:19:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9EFF 2 KB
1 KB 52ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Nov 2023 08:19:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9EFF 308 B
636 B 20ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 30 Nov 2023 08:19:10 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9EFF 293 B
621 B 38ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 30 Nov 2023 08:19:10 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 9EFF 43 B
348 B 57ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=tcbat7tN-RQUOohkDdd_K8QTT36_UKVjt2OYgG4DViiYZamc8_Khe9iQFzkFddqv1BUXOtlSI-A-b9vnmD06PUdVOqfefVzxSMB0K9WekfAGkhFm6x2ymXGgb3lEAeQtdi8EHrqLUdfNpfgnL1_A1_JiDIh0cplRTiP3UW_WsQygynoYjfrPJ4pLqPYPDoXAmP1c8YouDsoYysxydiiu3SldahAFvFEAtzkqbWaLVFHqFesAo9I2Mu6qZ-Uu1uXYm8_EtbuODisb8u_u3l5yGDyQWXDs35LCae-HKOHtZDZL9THzFJrBBUmLnZAhXcDQAGlj19t-2y53zsMLJ0L8NYO3NQqUTj7_Nx4dBQpg4uefMBWcqRw-CLqnZcw_-w9I4yIdf4ndFrVu15UxKv1KxlJIsPzZNDMiEhKYgYLIiRLDev4C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 08:19:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3779224
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCE7 143 B
166 B 36ms
35ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=3194074656&pi=t.aa~a.1067075414~rp.4&w=780&lmt=1669691691&nsk=8b3bdd27&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280&nras=5&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=0St9Y7Revx&p=https%3A//itconnect.robloguri.info&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 07:28:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 05CD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa9983d997857df6b5316e3f6e3e57889b397be71541eaed73708fe1f73b8d50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9CD 143 B
166 B 35ms
35ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 07:28:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9EFF 12 KB
5 KB 39ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 91421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oolZV1S9LJC78VjTFLlmfO1UhMlzJIxa6Swh38OV5DrykL6ow9%2FJM%2FtB1t23rFHEkW3x9PXcY5n8HUMMg0HAOj5dMCC7wZ7LsSlydObDQoBZBzr7mU6iz%2ByE0eBh0KJPsTZHHdTg1c9THpX1fLB2W23c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 774b5af43cee9a24-FRA
expires: Sat, 25 Nov 2023 08:19:10 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9EFF 12 KB
6 KB 16ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Nov 2023 08:19:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9EFF 11 KB
11 KB 190ms
48ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=915&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F771%2F160923%2F58605b2e514c432f98cd3a75f9acc6b6_logo_n_horizontal.png&v=3&w=196&s=tgFlbgdEqPfFUVvnGnqSAGlj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a690dfaf60d7dac70959d80eb53b4b2234adb0479977f6802b1085d972611e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30577327
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11279
expires: Fri, 24 Nov 2023 06:01:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9EFF 10 KB
10 KB 157ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F49%2F49782357AI_14_F.JPG&v=3&w=800&s=h9lqxp-3IOQc5wM_GGTfUcf6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

db7261f7230356146274060877f39f1bb178837cdb37e7fa49e91b115b2d4ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9944
expires: Thu, 30 Nov 2023 08:19:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9EFF 12 KB
12 KB 172ms
30ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F12%2F12295027DF_14_F.JPG&v=3&w=800&s=_VWy0Pe6tnVk-flhWdtkBJMi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5a1dd10d1cc77ab60bca1503fca89759467786a27ebb10c3e3c515aaa10bc513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11986
expires: Thu, 30 Nov 2023 08:19:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9EFF 5 KB
5 KB 174ms
32ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F14%2F14187188VU_14_F.JPG&v=3&w=800&s=WEeoiL4LaDFE-PGl3q_h8vr_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3e95e8df96ee5eacb95ff5c37de149d27d2a5cd501942ce82ef33c920bcda503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4622
expires: Thu, 30 Nov 2023 08:19:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9EFF 45 KB
45 KB 179ms
38ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=915&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F915%2F220128%2Faa93c0a2dd2a44a8b5fc835af859f902_img_horizontal_1.jpg&v=3&w=1200&s=2gCjA-3x2w5d8DaFBM8znR19

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c027881b5e260639cb9cca444778b0acf14d10228389ae27b5f39432908b1065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28701238
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46186
expires: Thu, 02 Nov 2023 12:53:08 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9EFF 0
128 B 166ms
14ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=WU_TkV93aFHgL0pdFiPexVr2dV_nNdd2QYyIe1LSsbypWtKp38vFD1QO4iWFdeDEyRZpQzzgv6RG2uXFxrjA2xh_5JSaiZvCqK_pqXosj7PD5byBwqGMX8XMbtOITlf17h8o_hm7qy8ODBCfgzA7lLdS5Sz_936BFLW9zTxJhRSv0-4Kdo0V6qQBzf2ciT9wAMXSVPcP3iUqv0bLoTQH2PnPCq9gye97fmqLLtT4N0heVjY9bfkzNXS-qJlcL4X6adK4NQ&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 08:19:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9EFF 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Nov 2023 08:19:10 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9EFF 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 30 Nov 2023 08:19:10 GMT

GET
DATA 200
OK truncated
/ Frame B056 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 177ff548ba20428b224f26808f08c6ff2caf6e57c444be2f4c0868d33a64397f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 679C 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 20:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 20:58:50 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C6B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
44ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=795555019&adf=855797969&pi=t.aa~a.2272617183~rp.4&w=339&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=339x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=4&bdt=1442&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0&nras=2&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sMV2K8c98E&p=https%3A//itconnect.robloguri.info&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:10 GMT
expires: Mon, 05 Dec 2022 08:19:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 imagesjtbebk3n1nn0bsb7oznd.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/ Frame 3A3C 2 KB
2 KB 38ms
37ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/imagesjtbebk3n1nn0bsb7oznd.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e49fb2cb75ec3cd60e5b554f5afc1e1ececf7dfd3b98ca3467f16066f17021a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 29 Nov 2022 04:17:28 GMT
x-content-type-options: nosniff
age: 532902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2248
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:00:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Nov 2023 04:17:28 GMT

GET
H3 200 8092e7e80d755ffb8a4b3636a9ceab1e.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/ Frame 3A3C 39 KB
39 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/8092e7e80d755ffb8a4b3636a9ceab1e.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396be7713e0249fe153a97967ddf7c8c1cbaa1f4f3ddfd37f5e30f0541dcf3d3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 29 Nov 2022 04:49:05 GMT
x-content-type-options: nosniff
age: 531005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39675
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:00:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Nov 2023 04:49:05 GMT

GET
H3 200 6199f67cceb7602e7fe5f855e95aafbc.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/ Frame 3A3C 1 KB
1 KB 44ms
43ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/6199f67cceb7602e7fe5f855e95aafbc.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

281201ff848a5d5ff70bbd5a89186091301e7983d3cea4500b7662317de8e920

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 29 Nov 2022 04:17:28 GMT
x-content-type-options: nosniff
age: 532902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1026
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:00:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Nov 2023 04:17:28 GMT

GET
H3 200 imageskonkxp7jd7icgul1lo54.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/ Frame 3A3C 2 KB
2 KB 42ms
41ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/imageskonkxp7jd7icgul1lo54.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6690089c716ff670245a9822317c89b43034d3e96f26c57028828957a950adf9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 28 Nov 2022 23:03:10 GMT
x-content-type-options: nosniff
age: 551760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2302
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:00:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Nov 2023 23:03:10 GMT

GET
H3 200 1b511a3840f25005db9f25cc69ac1c0d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/ Frame 3A3C 510 B
546 B 43ms
42ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/1b511a3840f25005db9f25cc69ac1c0d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2ef006138bae25b2d18013c7b46c3a7ee21f1a8a11bd3e8ec84c351a31f2ab8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 29 Nov 2022 04:17:28 GMT
x-content-type-options: nosniff
age: 532902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:00:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Nov 2023 04:17:28 GMT

GET
DATA 200
OK truncated
/ Frame 3A3C 14 KB
14 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b5d5e43b55a38ffcf6f92cf60f5f979f2e9c657170d8d4272d991d957d3a266

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 0968 28 KB
28 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 297809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 21:35:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9EFF 3 KB
549 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 06:57:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:19:10 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCE7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
55ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:10 GMT
expires: Mon, 05 Dec 2022 08:19:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0438 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 20:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 20:58:50 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9CD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
54ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:10 GMT
expires: Mon, 05 Dec 2022 08:19:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 88B8 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=177&adk=3463387384&adf=1650911258&pi=t.aa~a.1067077901~rp.4&w=780&lmt=1669691691&nsk=7051ca45&rafmt=11&pwprc=2925888102&ad_type=text_image&format=780x177&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348892&bpp=1&bdt=1470&idt=1&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280%2C1200x280%2C780x177&nras=6&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=5PvmpaVEAw&p=https%3A//itconnect.robloguri.info&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 20:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 20:58:50 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CED 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.2334913474~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=-M&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280&nras=3&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5yVIpBJsvS&p=https%3A//itconnect.robloguri.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 20:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 20:58:50 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 9EFF 30 KB
30 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 490381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:06:09 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A3C 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 20:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 20:58:50 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 158ms
85ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87876797cbbd8d5ea5541b8f111f839064404d73413b661a4c7b07a263ecc7a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11120
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame 3207
Redirect Chain

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3912e8b995b48c%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

102ms
92ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3912e8b995b48c%2526domain%253Ditconnect.robloguri.info%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fitconnect.robloguri.info%25252Ff19acb359c0bbb4%2526relation%253Dparent.parent%26container_width%3D339%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FStiriITReviewReduceri%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D360

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7aced2a69d8c98edb020dcbdd945745b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 05 Dec 2022 08:19:10 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: knEkfpJLGYm39sAXWdD6Qz/VxSOWJjAa/j3kiQXPM2h5cnU3Y6JxbfaPycOPSsIAXpgPRsZ6+BbS4E9kxuzXrA==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 05 Dec 2022 08:19:10 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3912e8b995b48c%2526domain%253Ditconnect.robloguri.info%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fitconnect.robloguri.info%25252Ff19acb359c0bbb4%2526relation%253Dparent.parent%26container_width%3D339%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FStiriITReviewReduceri%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D360
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: cBw6EFLF4S9wyVH8VOz89z1GhPqw3R59gVHvESiceLIgLEH/3dtvHYzK2TCYTphF8deUYvMGJT6KJoyIuFhyqQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 08:19:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF79 13 KB
5 KB 36ms
36ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 81
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:17:49 GMT
expires: Tue, 05 Dec 2023 08:17:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F4FF 783 B
534 B 45ms
45ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d8cb045e5024c9911d6d7780593e45716df0e46911d3f5624dfd1076d7841cc7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W3TaeyRKl-sFm-g-3_Z4SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://itconnect.robloguri.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-W3TaeyRKl-sFm-g-3_Z4SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:19:10 GMT
expires: Mon, 05 Dec 2022 08:19:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame DF79 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 20:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 20:58:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F4FF 0
0 145ms
145ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1066310410726021&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B949 42 B
64 B 146ms
146ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaqiiGv0ygaDk9N8mI37bdkJEaIrEXST1_DZ8-ocnxI7xd9rflk_1tAcRynKmeU2NmOCEez__pO4zQibdyFWoznmBzVlq1DjSWiAIwzDo6wfcM__Z5T-kfg3r_0vOgtCdETI8Ulw&sai=AMfl-YRxKeUpovOciy5NzsY-uMKMJR492zBviIZvoDk1Nz7dXxy4KeEkiy3rdcM9_jh7TW5Kwy1EXRXbZsEQmnQ&sig=Cg0ArKJSzPtLR25vKD8hEAE&cid=CAQSGwDq26N9xjnQg5ZDNkhOgjfAuxL-8dffXjKSbhgBIBM&id=lidar2&mcvt=1006&p=0,1,124.25,1006&mtos=0,670,1006,1184,1357&tos=0,670,336,178,173&v=20221130&bin=7&avms=nio&bs=0,0&mc=0.84&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670228348978&rpt=485&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 08:19:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DF79 0
12 B 35ms
35ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?djDY0w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:19:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 150ms
150ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1066310410726021&bg=!YGOlYyfNAAbvMpMzzzI7ACkAdvg8Wq1Rn5cXy3MHjHrpV9uibNK6aDf6S9dzm_6wywWpR-Vjaw9ZTgIAAABIUgAAAAJoAQeZArtcFdAz9cZDSDp0pOJBJczBhHah4UNF4eidvTQ0dgAifuVP103SlL21oDiZHq-Uj065jxANWuhEd2d4PGEXGGTH7qtreUand_EsaAxpoUx77DPU0y6zHcB7SMU1wkhJBjOtLdsvFB9dSl6jv8jKNf5Dv8hM4tm9jcwbcIV_BxoGeHxu4QDgw7r8FQknkGbm9qnDDqIiqeN3990OOA1cWT8Ajd4NdB0HGU9og2fJq56kgrAO0wgA5hnGwEJXtzY4PfPa7P5cLHLwaOXr5slSA3kCxuPosOUo4cuUgZ4OMIugZ9QGIkeMInM6zbbQTqfqkS_n7gHo8JMeLBhbJ3-XYoKVZHeSo-gJkwS9B7CJ7h_dCuGByag4H5Kc0O7ouF-T0NdRPxKfxh0A8bBZoNKJAp92tCmNzcjyvxUCV9AUmYOn2prNSnfa6LziJjmCEcad67_nDGsF4fwTtoTB8H6YyuBZiGvT-igDv7Qd68YlWnv7H0fDnN5OB6DbIbAeI0Zbslj_pDAc7mYQ6shJ5Ec6SkevD-Jfr83Edevai7Q9wDxUjEZUPNr6XvYdZ7kcA7_IRKQgkzW39Iz_2dKTKTKOWfbr641X0pM8Nue0ANmni-ZhaKmUeRI1z2N81R8n3wKeRjRlE1jIII7Q6_tkfu7BKleDcGzbNdZOGtU25iBUhneA8YL-kFLIDyxoP4XGwwu7QXoPTtjwER3dplBmRBlMrembloyevjzwIwgrs4QQxdY0nCxfjj_aAFB8nLro8I5RsqtS62sKYi0oc4C09X-ONVI5AyOc70IDN5mxgSOCaN-MnXPmr7dIWFC7Im8KuK1bqIWDFROeF-ZgjBl7qFz28dyiGGSJ24uiPT6LAYziCiiBZU-gYt-irypgkIugwLaN4QosPf2EtsS3MtvusN-tOibHAyVcHEXjkr2DnDc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itconnect.robloguri.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.robloguri.info/	1970-01-20 17:33:08	Name: _ga Value: GA1.2.335565879.1670228348
.robloguri.info/	1970-01-20 07:58:34	Name: _gid Value: GA1.2.667515872.1670228348
.robloguri.info/	1970-01-20 07:57:08	Name: _gat_gtag_UA_109164550_1 Value: 1
.robloguri.info/	1970-01-20 17:18:44	Name: __gads Value: ID=647a54bf2b05ae45-22a71355dbd8005a:T=1670228348:RT=1670228348:S=ALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA
.robloguri.info/	1970-01-20 17:18:44	Name: __gpi Value: UID=00000b8db634444c:T=1670228348:RT=1670228348:S=ALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg
.doubleclick.net/	1970-01-20 17:18:44	Name: IDE Value: AHWqTUnFn7AqsuVHcRB8kAjggIpCBZ9kQZAGpZ6FbFW8VfcuVikbUXSUc0dxR4chX1Y
.doubleclick.net/	1970-01-20 07:57:11	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2153815233448623277/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3000694417355382&output=html&h=280&adk=1862488135&adf=4198736532&pi=t.aa~a.772858473~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669691691&rafmt=1&to=qs&pwprc=2925888102&format=1200x280&url=https%3A%2F%2Fitconnect.robloguri.info%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670228348865&bpp=1&bdt=1443&idt=0&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D647a54bf2b05ae45-22a71355dbd8005a%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MaaHkawhliGtMu-2CdlC5S0ZYTKqA&gpic=UID%3D00000b8db634444c%3AT%3D1670228348%3ART%3D1670228348%3AS%3DALNI_MbJtbZrKw1SvUEJSq-iJWfpG2cGOg&prev_fmts=0x0%2C339x280%2C1200x280&nras=4&correlator=5237787123920&frm=20&pv=1&ga_vid=335565879.1670228348&ga_sid=1670228348&ga_hid=1003390224&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071035%2C31070950&oid=2&pvsid=1066310410726021&tmod=1561878036&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=z8uJhLhTMW&p=https%3A//itconnect.robloguri.info&dtd=15 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11123416789342940725/index.html#t=1387388847557861691&p=https%3A%2F%2Fgoogleads.g.doubleclick.net Message: <link rel=preload> has an invalid `href` value
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
app.profitshare.ro
bam.nr-data.net
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
itconnect.robloguri.info
js-agent.newrelic.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
profitsmart.ro
rtb.fr.eu.criteo.com
s0.2mdn.net
static.criteo.net
tpc.googlesyndication.com
www.blogger.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
151.101.66.137
162.247.241.14
178.250.2.148
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:800::200e
2a00:1450:4001:803::200a
2a00:1450:4001:808::2008
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2009
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:831::200a
2a00:1450:4001:831::2013
2a02:2638:1::17
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a02:2638::c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
91.247.179.203
91.247.179.217
006fa299e9a68bcabbaab6203d4a80deff3ab63da297e2fe26fad7c906465891
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03950d8d9efc9707ef7d1ad5df9f6fa65a02c6325900f5ccae149f9409953116
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099623726916c762f184b0b6ad40474030720b6cac0140b13136cba1782edab3
0b566e32d390684e82a3f2cd641cc75f58152cfb9f2a8d817cee3349293cccb2
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10923371ce9ffdb52893f827c1eb145f6e11d4549ad8e14a285ca4cdff225690
129cf0783c621b6924e7bba2ae07324479718feefab04313b06f61456834f772
177ff548ba20428b224f26808f08c6ff2caf6e57c444be2f4c0868d33a64397f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abd602f7acaa16e99e01d1f7808927edb569bf8c1160df73294929d24f731bf
1f35981e5b75a8fd3e2a957ae82862221e3015c520f9f454ecc5333e8b8e24a9
2329423d80ea363e038be86cd988f5c26dbb82921134499f59be1f7eeb5fa032
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
26b3214bd91d3f1e2eadae1945600a4f46418f24cd1fa8ad650512d70eefd6a0
281201ff848a5d5ff70bbd5a89186091301e7983d3cea4500b7662317de8e920
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
291591204daca6ea212c80f57a5b5cfc3238ef8d716cc36fea603f985e5529d9
2afcf26e65448345bc9ef618d2c7c4eebfe337c7fb11a311bb2ea7a885f7d815
2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc
2c2578429d7a8c7ff52a6c1530f96d8a6d5fc187c4187da409c21e3d14c30a8f
2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5
2e49fb2cb75ec3cd60e5b554f5afc1e1ececf7dfd3b98ca3467f16066f17021a
30208e1639ab9c51916754b07563e8ebdee7311be1b57e83014e631808e22d93
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3
36b751050f9f989cf7383b57a38122e1b14c3631d1538990607599bf6b3697a0
37d00f3270cb5aed8b837e97a0bb184eeb9b8d3e65a34b253175997812ccf920
396be7713e0249fe153a97967ddf7c8c1cbaa1f4f3ddfd37f5e30f0541dcf3d3
3a7af8c6ee63c6c57b41dcf70966b3a269bb84ba4fb8a486732cb7f7701caa64
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3e95e8df96ee5eacb95ff5c37de149d27d2a5cd501942ce82ef33c920bcda503
3e9d07ebb7ea3f8e5c5568fa3b4e81d5b93aacfd93cc05192a30c0438039d349
3f1c45e5c22442ec0cbaccc2780a8a6c321c7a59594081036c5f6942b4471c1b
4076a1c72221d2c964f44e99d02d898cab4cd772612c5459c0ce691e11ff7c4c
40fa3e8cdc8ce97118ba2e75fd48ae3919b3985cb4a789cae3a966b54a7a76f9
42379a55b38be7c5d4418bf482f0e7b72ddf8d9c40db0949171d666d21f70925
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
481b637bd4ee6604f170138eea518ce2be0144601b8489ba88e591c00b9d4f31
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dbde0af171807c31576a753862f541ad94ffeb3e5e4f7594a77f9a437dac867
4df1504c02261f743525df42d32630d6aaddec9edab2066bdbf8c92314a2414a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5262032ac2160dbfcee35be54b46e86aeb3d8194744dcb4dffff589e3ab15d1c
53b3615ca38033bc3c8fc64f818a10aacbdb02b1eaa3c956f491032b36480cb0
53b4945d5878d96ac9aafa201cb81d10ded594560edbae8300e7510aff5f53b4
556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
582778b3587a199ff761572b601878b066a16a8692c4c26315a11865e39cbf5b
5879577c91138b1b40664b5a3574e970f7d83beab791628ca5a31478059b124a
5a1dd10d1cc77ab60bca1503fca89759467786a27ebb10c3e3c515aaa10bc513
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8e11634b8d074f122530562c5cd3c1ebd29fb8fecacc2a6eb85c6544c91f9b
5cb77fd910df1ce4b43bc1fcffe2f30381675024bcb63ef1cf9e4e272e147787
5e8552897aa2a1f38c68e7ff270b203cefe6d36620fec0c15e20e637e037b245
5f3d2f87d82b88f6b82b1c78637b76622c12b2e859193e41d1e81384e506bcd4
5fee0c4ba2350f1337ff7439949ce57fd2c7debc2252035705412f8cbef8a22e
60d7a14752f4c4926b4ffb3d968e050a8ef77534da88ffe139d90f3b28583baf
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61a8625e0abba255a6e68530fb4f1c59fb4f1117e7f2a69a15f0b050f8f1b06a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63153445da88f9acf6d559578d6b1add6544d77c2930d44714738465c8de93e4
666784d54b761cb4f03707e8fb008c0f9382c94d9cc369c23616d6e82e33acdd
667aac07f0062f8221e8586460714113a86dce661695419308566640aa9c1191
6690089c716ff670245a9822317c89b43034d3e96f26c57028828957a950adf9
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a543a219d2d690734f4fb38125956024a15cb64f481bdd2e2a595a66b84c9cf
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f45c8aae5a79915f72ff491d215ad823acca336681e65e15c6c743700364847
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f83982673ad5b566a748f368c582d63eeb8dadb81e1a298cd1801edebf5bbc8
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7dfa5267946ae2cc92468d0389ec37eca285a38f503bb99c78f1a3aeba1bb049
7e0194519c661e2457b5eed727ddb9096a5b13778ba6c1a3813d97852ad8bcdf
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
8237884a202930316615b4af0862793ef5ee27244bca926a3d55c48ae52f5176
83858a1bad09a711dba5f4aeca53623fec6d1787a838d4753657cdd604873ff6
872722f31c5eafaed35339de81cc4808d11592bc896f0708141be260106f2b25
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87876797cbbd8d5ea5541b8f111f839064404d73413b661a4c7b07a263ecc7a3
882fb659109fcbe5a1984f78dba066f3802114200e70a250d548e77cc66fb681
8adcbc78a441f0f0a8c137c62873036693f947c2e144b5ead6727bacda3470dc
8b5cc0109ea9703098687a8ac7ce88787b3fb621f70df143757aa2426c018bdc
8b5d5e43b55a38ffcf6f92cf60f5f979f2e9c657170d8d4272d991d957d3a266
8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416
8f97bc9e6b2ca55dc4910d2d0f527cd5da8e467dfb37a36d8cf4b34970b92d8f
976a048d9f6abc83b31613df6f904082891e354bcd0c39cec631329b55085889
9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a02d59ced277fe2d6f44b6fa99cc917883916e534555e33a84d3af10e7c7ba5c
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a286f95ee2e30aff61c14e5028101c5cccddcdc39af45373ca9f9879292a7907
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a36e7aa55ea2a2b6276f74bf85b450c46f076c04202d5dfecd601fd76113f56d
a41d47fa57f391fea2010da98a589ceeb9a2c5d15210f30573dd3479d9f64c6b
a43aa5828fea3b82ffbf3c5ab8dee6350263da10947d509c1eb6238225c1b18c
a478264e4b0c4beefb01df67403b47bd2459ebef279936a5b126bb90d175cd76
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63b06c3d1348e6a7d6e335ee221c1f0e09aa768e58090bd28231e771966a75a
a690dfaf60d7dac70959d80eb53b4b2234adb0479977f6802b1085d972611e66
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a72e722499015500464ffd6317fcb36baf7583a372664db52c1abee8a2611614
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a85c39abbe40307d2b06f341b7798490e7eadc7d6bc693be61b6c82173675c94
a887bd6a183741869dc302c6e1d566de475fb84f3922ddb11c98907b2e9aab5b
a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17
aa2e58f6958ae192e1be97a3ed20a6f7f6802822c32c6b26bf3a85b30e6f3eb9
aa9983d997857df6b5316e3f6e3e57889b397be71541eaed73708fe1f73b8d50
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af7cd3ebc0e7f86b931de73177a0b070fa498a972039e31e969c278434aa1eca
afff62d2697f5bc068ac1505a965a9624972ea8853a90a31ffcb67edee322b03
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b3096b857e86eab973eddc159c3f9233154423c62eee6470df746d66b93a7a92
b3f27880ebec05cd05f22e69e5b5fa33c4873bda72279f3aba0699b5bc688f57
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b42f0fab45821711c4808a8a899612cef3405df41b90d4a05a2e48f4d0dd7f3f
b46bcde344e00ee5e24baac0a02c7fbae703f283d4ce42ce702b952683eb3676
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
b53b36c86a3315f82ae987cc577bbb27a3cca19b0da418251f6df8a20c522c5e
b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56
c027881b5e260639cb9cca444778b0acf14d10228389ae27b5f39432908b1065
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c29cf3994870c273280ece6af97849aff0a24a66c505d9d19b195fdbd4212d01
c2da4720398d9dfc58821573db8754ac6d3d1d3ea612689cc94f1fba3ec8da15
c2ef006138bae25b2d18013c7b46c3a7ee21f1a8a11bd3e8ec84c351a31f2ab8
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c638122e4d81fce1abe0948d91847a55936cc9fef3b8307eb63e6c29cfc16c47
c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246
c7c76f88d2ff5d37d5eec75a3c722da502ba82ed4b2bcaae479f8a2c042684eb
ca0957e8a90714933aaa394f514257ac3c6f48a365a695cd9d69fee82eb90670
ca09b3d8d21445f5aceb668b1591fb6d1341b24a26f2605708cfc9125c9f72d1
ca926be16598cedc9e72f6b7b551ddac3d5fd737245fa9e55f460dada599b9c1
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
d4c47ab3d71b67eb6180fb74b64cbf8fc846089eb056d9dec3089cd328dd0822
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8608de19e5c19a89b900621cfb3f8f4cfa44db32050aa7a65674793b7186cf2
d8cb045e5024c9911d6d7780593e45716df0e46911d3f5624dfd1076d7841cc7
d8f95cffb1b67ae5977078d843956c75d7139fd7fabfbab5a916c890528805d0
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db7261f7230356146274060877f39f1bb178837cdb37e7fa49e91b115b2d4ab6
dd6bfa93e35f88a2bb42a1807385f5aa29bcf55d4ad47f562b0d2a3acd4a30ac
e08336b73405dfa99e8fc5d595a7a93b976ce3b32107a53ec1f566e619559fc7
e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e203ef906178e390ce005f0a66c6c2c1b003cc598a0a6d61dfb1b1c7b5455bad
e33eb765ec87b8e4e28c89903f005b7277d4e1b6e0366f029237dfa853998cb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f3538a7c48e9f2a1d6b33c761f0e315ca723e75754adcb5c6f2abf417a8a11
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e91fae7b8e4d1b2ff070cd4f4a36993aa6cb5beae364c2d583125b0963871542
eaf60259c22e59f21bfeff14d39c8cf5d4fe1ae6a28f4e1ecec17cdd0f3574f6
eb9652d28bb8f97666f3dc519db6735dec2daec6208cd908af261328d64756ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03c69c06541b72416f0524a6def1843ace1b86bd03146d9eaee228533c9c7cb
f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48
f1fe4ecb3125031ef36269a4006e87a9d1bb732b2314318a04d74a1f3c994335
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f86337f9fd7492cb54286f53a35d91d0f8642f81d205ae70afad69241f607802
f921506dfd5ca1ba8a42f6c9b9ed616d8ea47b723a443cc41e8f37a62c64a6bb
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fb57d589588362456d0040e3d623f94c8b7b1b60c32939cd640f492096f557a8
fddc2eb0a956c018bfb6523d5c2172409d09e9912653387308ab0fb7fb3550e6
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff87f4d80182366a4e02db8f31277dd307dcb2c7376f8a8f0a6261278aded954

itconnect.robloguri.info Open in urlscan Pro 2a00:1450:4001:831::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

292 Requests

99 %HTTPS

84 %IPv6

24 Domains

36 Subdomains

33 IPs

4 Countries

4635 kBTransfer

10167 kBSize

7 Cookies

14 Outgoing links

Redirected requests

292 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

itconnect.robloguri.info Open in urlscan Pro
2a00:1450:4001:831::2013 Public Scan

Screenshot
Live screenshot

Full Image

292
Requests

99 %
HTTPS

84 %
IPv6

24
Domains

36
Subdomains

33
IPs

4
Countries

4635 kB
Transfer

10167 kB
Size

7
Cookies

292 HTTP transactions
9 data transactions